182 Tanium Jobs

About Us: MUFG Bank, Ltd. is Japan’s premier bank, with a global network spanning in more than 40 markets. Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments, and individuals worldwide. MUFG Bank’s parent, Mitsubishi UFJ Financial Group, Inc. (MUFG) is one of the world’s leading financial groups. Headquartered in Tokyo and with over 360 years of history, the Group has about 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. The Group aims to be the world’s most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers, serving society, and fostering shared and sustainable growth for a better world. MUFG’s shares trade on the Tokyo, Nagoya, and New York stock exchanges. MUFG Global Service Private Limited: Established in 2020, MUFG Global Service Private Limited (MGS) is 100% subsidiary of MUFG having offices in Bengaluru and Mumbai. MGS India has been set up as a Global Capability Centre / Centre of Excellence to provide support services across various functions such as IT, KYC/ AML, Credit, Operations etc. to MUFG Bank offices globally. MGS India has plans to significantly ramp-up its growth over the next 18-24 months while servicing MUFG’s global network across Americas, EMEA and Asia Pacific. Position details: In this role you will focus on researching threats posed by cyber criminals to various systems, technologies, operations, and programs, and analyzing research to determine a cyber criminal’s capabilities, intentions, and attack approaches, including those with multiple phases. Responsibilities include rapidly responding to incidents to minimize risk exposure and ensure system availability; proactively monitoring internal and external-facing environments; seeking opportunities to automate detection and remediation and reduce response times for incidents; and producing reports and briefings that include perspectives on the behavior of adversaries. Roles and Responsibilities: Perform cybersecurity threat detection, assessment, and mitigation efforts Support inquiries from compliance teams such as IT risk management and internal and external audit, to ensure documentation is complete and in compliance with information security policies Identify, evaluate, and monitor continually threats that could affect operational and business activities Support development of security operations playbooks to ensure threat detection, monitoring, response, and forensics activities align with best practices, minimize gaps in detection and response, and provide comprehensive mitigation of threats Create, Enhance and manage security use cases, dashboards and alerts using Splunk Research and look for opportunities to adopt the best practices and industry standards to enhance the SIEM and SOAR platforms Provide guidance to junior team members Job Requirements: Bachelor's degree in business, Management, Computer Sciences, or equivalent prior work experience in a related field Minimum of 3-5 years overall experience working in global, complex, matrix-managed organization Minimum of 2 years’ working experience in Cybersecurity Operations or Information Security Minimum of 2 years' experience in Incident Response and Forensic Investigations work Minimum of 2 years' experience in threat and vulnerability management Understanding of enterprise detection technologies and processes (advanced threat detection tools, intrusion detection system/intrusion prevention system (IDS/IPS), network packet analysis, endpoint protection, Anti malware/anti-virus). Understanding of network protocols and operating systems (Windows, Unix, Linux, databases) Knowledge in one or more security domains including Security Governance and Oversight, Security Risk Management, Network Security, Threat and Vulnerability Management, and Incident Response and Forensics Knowledge of the following areas: IT security, incident handling and response, exploit analysis, intelligence gathering, digital forensics methods and procedures. Knowledge of Splunk, Phantom, Python, CrowdStrike, Tanium, Defender, Azure, AWS and forensic security tools is preferred. Knowledge of Information Assurance concepts and technologies Knowledge of cloud computing security, network, operating system, database, application, and mobile device security. Knowledge of vulnerability management and remediation. A diverse skill base in both product security and information security including organizational structure and administration practices, system development and maintenance procedures, system software and hardware security controls, access controls, computer operations, physical and environmental controls, and backup and recovery procedures. Solid experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations, etc. Experience working within the Financial Services Industry preferred. Experience in one or more security domains including Security Governance and Oversight, Security Risk Management, Network Security, Threat and Vulnerability Management, and Incident Response and Forensics preferred. Experience with information security risk management, including conducting information security audits, reviews, and risk assessments. Knowledge of the Amazon Web Services (AWS) and/or Azure for infrastructure is preferred Working experience with MITRE ATT&CK or similar frameworks is preferred One to three years of experience in Splunk, Splunk Enterprise Security or Splunk Phantom is preferred Knowledge of scripting languages like Python is preferred Knowledge in RegEx is preferred Strong analytical skills (i.e., technical and non-technical problem solving skills). Maintain certifications in an information security related field. The following are recommended: CySA+, CISSP, ISSMP, SANS, GCIA, CISM, EnCE, CEH, GCFA, GCFE, GCIH, or GSEC and/or Splunk Certifications.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. We are counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself and a better working world for all. As a CMS-TDR Senior at EY, you will work as a Senior Analyst within our cyber security team. Your role will involve assisting clients in detecting and responding to security incidents with the support of SIEM, EDR, and NSM solutions. Your key responsibilities will include: - Operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR (CrowdStrike, Defender, Carbon Black), and NSM (Fidelis, ExtraHop) for multiple customers. - Specializing in second-level incident validation and detailed investigations. - Performing incident coordination and communication with clients to ensure effective containment, eradication, and recovery. - Providing SIEM support activities, including ad hoc reporting and basic troubleshooting. - Advising customers on best practices and use cases to achieve customer end-state requirements. - Providing near real-time analysis, investigating, reporting, remediating, coordinating, and tracking security-related activities for customers. Skills and attributes for success include: - Customer service orientation, meeting commitments, and seeking feedback for improvement. - Good knowledge of SIEM technologies such as Splunk, Azure Sentinel, CrowdStrike Falcon LogScale from a security analyst's perspective. - Troubleshooting issues associated with SIEM solutions. - Ability to work with minimal supervision. - Exposure to IoT/OT monitoring (Claroty, Nozomi Networks) is a plus. - Experience in security monitoring and cyber incident response. - Knowledge in ELK Stack, network monitoring technology platforms (Fidelis XPS, ExtraHop), and endpoint protection tools (Carbon Black, Tanium, CrowdStrike, Defender). To qualify for this role, you must have: - A B.Tech./B.E. degree with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English. - Technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Minimum 3 years of hands-on experience in SIEM/EDR/NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certifications such as CCSA, CEH, CISSP, GCIH, GIAC. Working at EY offers: - Inspiring and meaningful projects. - Education, coaching, and personal development opportunities. - Support, coaching, and feedback from engaging colleagues. - Opportunities for skills development and career progression. - Freedom and flexibility to shape your role according to your needs. EY is dedicated to building a better working world by creating long-term value for clients, people, and society and building trust in the capital markets. Our diverse teams across 150 countries provide trust through assurance and help clients grow, transform, and operate in various sectors. We ask better questions to find new answers for the complex issues facing our world today.,

Job Description Some careers shine brighter than others. If you’re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Business Analyst In this role, you will: Actively collaborate with partners from Monitoring Infrastructure and Event Management Technology / Domain / Project and deliver goals as per agreed schedules & specifications. Understand & Analyze business requirements & scope, identify gaps, translate requirements into technical specifications. Deliver the solutions / deliverables per the agreed requirements with regards to project timelines Collaborating closely with software and operations teams to improve end-to-end monitoring and alerting production services. Deliver lasting, preventative improvements that cross the development/operation team divides. Coordinate our response to service impacting incidents Routinely modifying configurations or systems in a way that produces lasting improvements from a one-time effort. Applying their expertise and experience to assist with architecting the next generation of services Assisting with support escalation in high impacting incidents, coordinating SMEs and vendors as required Representing ITID “outwards” to manage quality of service delivered. Requirements To be successful in this role, you should meet the following requirements: Consistently demonstrates clear and concise written and verbal communication skills Should have a minimum of 8-10 years IT experience out of which a minimum of 3 years relevant experience in the following monitoring/event management and/or automation development experience BMC Patrol and BMC TrueSight BMC TSOM and BMC Helix Operations Management BMC KM Development Java, Shell, Unix scripting, Perl, Python REST API Development Strong fundamentals in distributed systems and networking Experience on DevOps tools like – Puppet, Ansible, Tanium, Git etc. UNIX OS knowledge is mandatory Experience on working in any cloud migration project is an added advantage You’ll achieve more when you join HSBC. www.hsbc.com/careers HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. Issued by – HSBC Software Development India

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT data's Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills and Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; and Working Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT data’s Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills And Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; and Working Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Kyndryls Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We&aposre not just invested; we&aposre committed. We&aposre not just protecting data; we&aposre empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills. When you walk through our doors, you&aposre not only joining a team but you&aposre also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn&apost just a job its a passion; a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations their infrastructure. In this role, you won&apost just monitor; you&aposll actively engage in the relentless hunt for cyber adversaries. In a world where every click and keystroke could be a potential gateway for attackers, your role will be nothing short of critical as you seek out advanced threats, attackers, and Indicators of Compromise (IOCs). Your expertise in endpoint detection and response (EDR) will be the shield that safeguards individual workstations, laptops, servers, and other devices from cybercrime. Your responsibilities go beyond vigilance. When it comes to network security, you&aposll utilize Network Detection and Response (NDR) to monitor the ever-flowing currents of network traffic. The incident management process will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You&aposll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy helping Kyndryl stay one step ahead of security breaches. In Cybersecurity Defense at Kyndryl, youre not just protecting the present youre shaping the future of digital security. Join us on this cybersecurity venture where your expertise and creativity will have a lasting impact in the world of digital defense. Your Future at Kyndryl When you join Kyndryl, you&aposre not just joining a company you&aposre entering a space of opportunities. Our partnerships with industry alliances and vendors mean you&aposll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles were invested in your journey. Who You Are Youre good at what you do and possess the required experience to prove it. However, equally as important you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused someone who prioritizes customer success in their work. And finally, youre open and borderless naturally inclusive in how you work with others. Required Skills And Experience Provide and manage vulnerability scanning and assessment tools for traditional IT assets. 6 - 8 years of security analyst experience, preferably in a managed services environment Analyze scan results, prioritize findings using risk-based methodology. Deliver actionable remediation and mitigation recommendations. Maintain continuous visibility and reporting for servers, endpoints, and network infrastructure. Vulnerability Scanning: Tenable.io, Qualys, or Rapid7, Tanium (based on agreement) Vulnerability Scanning: Tenable.io, Qualys, or Rapid7, Tanium (based on agreement) Ticketing Integration: ServiceNow, Jira Reporting: Custom dashboards (Power BI/Tableau) or native tool reports Experience with cloud security, devops, cyber resiliency/incident management, Zero Trust, network/EDGE security, and emerging technologies such as IoT and AI. Experience threat hunting, proactively and iteratively searching to detect advanced threats that evade existing security solutions. Deep understanding of the current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks Expertise with security incident response process. Preferred Skills And Experience Bachelors degree in Computer Science, Cybersecurity, Information Technology, or other related fields Preferred Certifications in Cyber Security: ECTHP (Certified Threat Hunting Professional) or?ECMAP (Malware Analysis Professional); other specialized security analyst certifications Experience in Cloud Security monitoring and in advanced analytics (UEBA) Being You Diversity is a whole lot more than what we look like or where we come from, its how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But were not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you and everyone next to you the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. Thats the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked How Did You Hear About Us during the application process, select Employee Referral and enter your contact&aposs Kyndryl email address. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Senior Manager_TDR (threat detection and response) Job Summary As a Senior Manager with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagement and services development activities. You will be focused on helping client’s grow and turn their Cyber security strategy into reality. You’ll work in high-performing teams that drive growth and deliver exceptional client service, making certain you play your part in building a better working world. You will be responsible for overall client service quality delivery in accordance with EY’s quality guidelines & methodologies. You will need to manage accounts and relationships on a day-to-day basis and explore new business opportunities for EY. Establishing, strengthening and nurturing relationships with clients (functional heads & key influencers) and internally across service lines. You will assist in developing new methodologies and internal initiatives and help in creating a positive learning culture by coaching, counselling and developing junior team members. Client responsibilities: Technical leadership and knowledge of cybersecurity concepts and methods including, but not limited to, SOC transformation, CTI, cloud, privacy, incident response, governance, risk and compliance, enterprise security strategies, and architecture. Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Generate new business opportunities by participating in market facing activities, executive briefings and developing thought leadership materials Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Should have worked in a security operations center and gained understanding of SIEM and other log management platforms. Having experience in best in breed SIEM (Splunk, Sentinel and Qradar etc) content development / architecting will be an added advantage. Should have good hands-on experience and skills on advanced and integrated key Threat Detection Technology like SIEM, SOAR, EPP, EDR solutions, Firewalls, IDPS, Web Proxy, Enterprise Forensics tools. Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure. Good knowledge in threat modelling. Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement. Brief the engagement team on the client's environment and industry trends. Maintain relationships with client to manage expectations of service including work products, timing, fees and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations Create and demonstrate innovative insights for clients, adapts methods and practices to fit operational team needs & contributes to thought leadership documents Apply extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services Drive discussions / knowledge sharing with key client personnel and contribute to EY’s thought leadership Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Strong collaboration with EY senior executives, other key stakeholders and importantly other EY SOC leaders to co-establish, promote and drive a Cyber SOC ecosystem Key responsibilities: Provide industry insights (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) that energize growth Demonstrate deep understanding of the client’s industry and marketplace Lead consulting engagements that solve complex Cyber security issues Help mentor, coach and counsel their team members and help us build an inclusive culture and high-performing teams Maximize operational efficiency through standardization and process automation on client engagements and internal initiatives Monitor delivery progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes Successfully manage engagement time and budgets Convey complex technical security concepts to technical and non-technical audiences including executives. Provide strategic and relevant insight, connectedness and responsiveness to all clients to anticipate their needs Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Define, develop and implement strategic go-to-market plans in collaboration with local EY member firms in Americas, EMEIA and APAC. Drive new business opportunities by developing ideas, proposals and solutions Strongly represent EY and its service lines and actively assess what the firm can deliver to serve clients. Assist Consulting Partners in driving the business development process on existing client engagements by gathering appropriate esources, gaining access to key contacts & supervising proposal preparation Develop long-term relationships with networks both internally and externally Enhance the EY brand through strong external relationships across a network of existing and future clients and alliance partners Driving the quality culture agenda within the team Manage and contribute in performance management for the direct reportees and team members, as per the organization policies Able to examine and act on people related issues both strategically and analytically. Participating in the EY-wide people initiatives including recruiting, retaining and training Cybersecurity professionals Use technology to continually learn, share knowledge and enhance client service delivery Support the EY inclusiveness culture To qualify, candidates must have: At least 15 years of industry experience and serving as Manager for minimum of 10 years or 5 years as Senior Manager, of recent relevant work experience in information security or information technology discipline, preferably in a business onsulting role with a leading technology consultancy organization Strong technical experience in not limited to, attack and penetration testing, vulnerability management, cloud, privacy, incident response, governance, risk and compliance, enterprise security strategies, and architecture. Any one of the following technical certifications: CISSP, CISM, GSOC Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major Any one of the following project management experience - Prince2 / PMI / MSP / CSM Experience with data analysis and visualization technologies Fluency in English, other language skills are considered an asset EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Kyndryl Bengaluru, Karnataka, India Posted on Jul 26, 2025 Apply now Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Kyndryl’s Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested; we're committed. We're not just protecting data; we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills. When you walk through our doors, you're not only joining a team but you're also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn't just a job – it’s a passion; a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure. In this role, you won't just monitor; you'll actively engage in the relentless hunt for cyber adversaries. In a world where every click and keystroke could be a potential gateway for attackers, your role will be nothing short of critical as you seek out advanced threats, attackers, and Indicators of Compromise (IOCs). Your expertise in endpoint detection and response (EDR) will be the shield that safeguards individual workstations, laptops, servers, and other devices from cybercrime. Your responsibilities go beyond vigilance. When it comes to network security, you'll utilize Network Detection and Response (NDR) to monitor the ever-flowing currents of network traffic. The incident management process will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy – helping Kyndryl stay one step ahead of security breaches. In Cybersecurity Defense at Kyndryl, you’re not just protecting the present – you’re shaping the future of digital security. Join us on this cybersecurity venture where your expertise and creativity will have a lasting impact in the world of digital defense. Your Future at Kyndryl When you join Kyndryl, you're not just joining a company – you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles – we’re invested in your journey. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills And Experience Provide and manage vulnerability scanning and assessment tools for traditional IT assets. 6 - 8 years of security analyst experience, preferably in a managed services environment Analyze scan results, prioritize findings using risk-based methodology. Deliver actionable remediation and mitigation recommendations. Maintain continuous visibility and reporting for servers, endpoints, and network infrastructure. Vulnerability Scanning: Tenable.io, Qualys, or Rapid7, Tanium (based on agreement) Vulnerability Scanning: Tenable.io, Qualys, or Rapid7, Tanium (based on agreement) Ticketing Integration: ServiceNow, Jira Reporting: Custom dashboards (Power BI/Tableau) or native tool reports Experience with cloud security, devops, cyber resiliency/incident management, Zero Trust, network/EDGE security, and emerging technologies such as IoT and AI. Experience threat hunting, proactively and iteratively searching to detect advanced threats that evade existing security solutions. Deep understanding of the current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks Expertise with security incident response process. Preferred Skills And Experience Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or other related fields Preferred Certifications in Cyber Security: ECTHP (Certified Threat Hunting Professional) or ECMAP (Malware Analysis Professional); other specialized security analyst certifications Experience in Cloud Security monitoring and in advanced analytics (UEBA) Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address. Apply now See more open positions at Kyndryl

Kyndryl Bengaluru, Karnataka, India Posted on Jul 26, 2025 Apply now Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Kyndryl’s Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested; we're committed. We're not just protecting data; we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills. When you walk through our doors, you're not only joining a team but you're also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn't just a job – it’s a passion; a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure. In this role, you won't just monitor; you'll actively engage in the relentless hunt for cyber adversaries. In a world where every click and keystroke could be a potential gateway for attackers, your role will be nothing short of critical as you seek out advanced threats, attackers, and Indicators of Compromise (IOCs). Your expertise in endpoint detection and response (EDR) will be the shield that safeguards individual workstations, laptops, servers, and other devices from cybercrime. Your responsibilities go beyond vigilance. When it comes to network security, you'll utilize Network Detection and Response (NDR) to monitor the ever-flowing currents of network traffic. The incident management process will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy – helping Kyndryl stay one step ahead of security breaches. In Cybersecurity Defense at Kyndryl, you’re not just protecting the present – you’re shaping the future of digital security. Join us on this cybersecurity venture where your expertise and creativity will have a lasting impact in the world of digital defense. Your Future at Kyndryl When you join Kyndryl, you're not just joining a company – you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles – we’re invested in your journey. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills And Experience Provide and manage vulnerability scanning and assessment tools for traditional IT assets. 6 - 8 years of security analyst experience, preferably in a managed services environment Analyze scan results, prioritize findings using risk-based methodology. Deliver actionable remediation and mitigation recommendations. Maintain continuous visibility and reporting for servers, endpoints, and network infrastructure. Vulnerability Scanning: Tenable.io, Qualys, or Rapid7, Tanium (based on agreement) Vulnerability Scanning: Tenable.io, Qualys, or Rapid7, Tanium (based on agreement) Ticketing Integration: ServiceNow, Jira Reporting: Custom dashboards (Power BI/Tableau) or native tool reports Experience with cloud security, devops, cyber resiliency/incident management, Zero Trust, network/EDGE security, and emerging technologies such as IoT and AI. Experience threat hunting, proactively and iteratively searching to detect advanced threats that evade existing security solutions. Deep understanding of the current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks Expertise with security incident response process. Preferred Skills And Experience Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or other related fields Preferred Certifications in Cyber Security: ECTHP (Certified Threat Hunting Professional) or ECMAP (Malware Analysis Professional); other specialized security analyst certifications Experience in Cloud Security monitoring and in advanced analytics (UEBA) Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address. Apply now See more open positions at Kyndryl

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Senior Manager_TDR (threat detection and response) Job Summary As a Senior Manager with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagement and services development activities. You will be focused on helping client’s grow and turn their Cyber security strategy into reality. You’ll work in high-performing teams that drive growth and deliver exceptional client service, making certain you play your part in building a better working world. You will be responsible for overall client service quality delivery in accordance with EY’s quality guidelines & methodologies. You will need to manage accounts and relationships on a day-to-day basis and explore new business opportunities for EY. Establishing, strengthening and nurturing relationships with clients (functional heads & key influencers) and internally across service lines. You will assist in developing new methodologies and internal initiatives and help in creating a positive learning culture by coaching, counselling and developing junior team members. Client responsibilities: Technical leadership and knowledge of cybersecurity concepts and methods including, but not limited to, SOC transformation, CTI, cloud, privacy, incident response, governance, risk and compliance, enterprise security strategies, and architecture. Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Generate new business opportunities by participating in market facing activities, executive briefings and developing thought leadership materials Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Should have worked in a security operations center and gained understanding of SIEM and other log management platforms. Having experience in best in breed SIEM (Splunk, Sentinel and Qradar etc) content development / architecting will be an added advantage. Should have good hands-on experience and skills on advanced and integrated key Threat Detection Technology like SIEM, SOAR, EPP, EDR solutions, Firewalls, IDPS, Web Proxy, Enterprise Forensics tools. Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure. Good knowledge in threat modelling. Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement. Brief the engagement team on the client's environment and industry trends. Maintain relationships with client to manage expectations of service including work products, timing, fees and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations Create and demonstrate innovative insights for clients, adapts methods and practices to fit operational team needs & contributes to thought leadership documents Apply extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services Drive discussions / knowledge sharing with key client personnel and contribute to EY’s thought leadership Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Strong collaboration with EY senior executives, other key stakeholders and importantly other EY SOC leaders to co-establish, promote and drive a Cyber SOC ecosystem Key responsibilities: Provide industry insights (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) that energize growth Demonstrate deep understanding of the client’s industry and marketplace Lead consulting engagements that solve complex Cyber security issues Help mentor, coach and counsel their team members and help us build an inclusive culture and high-performing teams Maximize operational efficiency through standardization and process automation on client engagements and internal initiatives Monitor delivery progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes Successfully manage engagement time and budgets Convey complex technical security concepts to technical and non-technical audiences including executives. Provide strategic and relevant insight, connectedness and responsiveness to all clients to anticipate their needs Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Define, develop and implement strategic go-to-market plans in collaboration with local EY member firms in Americas, EMEIA and APAC. Drive new business opportunities by developing ideas, proposals and solutions Strongly represent EY and its service lines and actively assess what the firm can deliver to serve clients. Assist Consulting Partners in driving the business development process on existing client engagements by gathering appropriate esources, gaining access to key contacts & supervising proposal preparation Develop long-term relationships with networks both internally and externally Enhance the EY brand through strong external relationships across a network of existing and future clients and alliance partners Driving the quality culture agenda within the team Manage and contribute in performance management for the direct reportees and team members, as per the organization policies Able to examine and act on people related issues both strategically and analytically. Participating in the EY-wide people initiatives including recruiting, retaining and training Cybersecurity professionals Use technology to continually learn, share knowledge and enhance client service delivery Support the EY inclusiveness culture To qualify, candidates must have: At least 15 years of industry experience and serving as Manager for minimum of 10 years or 5 years as Senior Manager, of recent relevant work experience in information security or information technology discipline, preferably in a business onsulting role with a leading technology consultancy organization Strong technical experience in not limited to, attack and penetration testing, vulnerability management, cloud, privacy, incident response, governance, risk and compliance, enterprise security strategies, and architecture. Any one of the following technical certifications: CISSP, CISM, GSOC Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major Any one of the following project management experience - Prince2 / PMI / MSP / CSM Experience with data analysis and visualization technologies Fluency in English, other language skills are considered an asset EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Senior Manager_TDR (threat detection and response) Job Summary As a Senior Manager with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagement and services development activities. You will be focused on helping client’s grow and turn their Cyber security strategy into reality. You’ll work in high-performing teams that drive growth and deliver exceptional client service, making certain you play your part in building a better working world. You will be responsible for overall client service quality delivery in accordance with EY’s quality guidelines & methodologies. You will need to manage accounts and relationships on a day-to-day basis and explore new business opportunities for EY. Establishing, strengthening and nurturing relationships with clients (functional heads & key influencers) and internally across service lines. You will assist in developing new methodologies and internal initiatives and help in creating a positive learning culture by coaching, counselling and developing junior team members. Client responsibilities: Technical leadership and knowledge of cybersecurity concepts and methods including, but not limited to, SOC transformation, CTI, cloud, privacy, incident response, governance, risk and compliance, enterprise security strategies, and architecture. Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Generate new business opportunities by participating in market facing activities, executive briefings and developing thought leadership materials Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Should have worked in a security operations center and gained understanding of SIEM and other log management platforms. Having experience in best in breed SIEM (Splunk, Sentinel and Qradar etc) content development / architecting will be an added advantage. Should have good hands-on experience and skills on advanced and integrated key Threat Detection Technology like SIEM, SOAR, EPP, EDR solutions, Firewalls, IDPS, Web Proxy, Enterprise Forensics tools. Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure. Good knowledge in threat modelling. Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement. Brief the engagement team on the client's environment and industry trends. Maintain relationships with client to manage expectations of service including work products, timing, fees and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations Create and demonstrate innovative insights for clients, adapts methods and practices to fit operational team needs & contributes to thought leadership documents Apply extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services Drive discussions / knowledge sharing with key client personnel and contribute to EY’s thought leadership Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Strong collaboration with EY senior executives, other key stakeholders and importantly other EY SOC leaders to co-establish, promote and drive a Cyber SOC ecosystem Key responsibilities: Provide industry insights (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) that energize growth Demonstrate deep understanding of the client’s industry and marketplace Lead consulting engagements that solve complex Cyber security issues Help mentor, coach and counsel their team members and help us build an inclusive culture and high-performing teams Maximize operational efficiency through standardization and process automation on client engagements and internal initiatives Monitor delivery progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes Successfully manage engagement time and budgets Convey complex technical security concepts to technical and non-technical audiences including executives. Provide strategic and relevant insight, connectedness and responsiveness to all clients to anticipate their needs Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Define, develop and implement strategic go-to-market plans in collaboration with local EY member firms in Americas, EMEIA and APAC. Drive new business opportunities by developing ideas, proposals and solutions Strongly represent EY and its service lines and actively assess what the firm can deliver to serve clients. Assist Consulting Partners in driving the business development process on existing client engagements by gathering appropriate esources, gaining access to key contacts & supervising proposal preparation Develop long-term relationships with networks both internally and externally Enhance the EY brand through strong external relationships across a network of existing and future clients and alliance partners Driving the quality culture agenda within the team Manage and contribute in performance management for the direct reportees and team members, as per the organization policies Able to examine and act on people related issues both strategically and analytically. Participating in the EY-wide people initiatives including recruiting, retaining and training Cybersecurity professionals Use technology to continually learn, share knowledge and enhance client service delivery Support the EY inclusiveness culture To qualify, candidates must have: At least 15 years of industry experience and serving as Manager for minimum of 10 years or 5 years as Senior Manager, of recent relevant work experience in information security or information technology discipline, preferably in a business onsulting role with a leading technology consultancy organization Strong technical experience in not limited to, attack and penetration testing, vulnerability management, cloud, privacy, incident response, governance, risk and compliance, enterprise security strategies, and architecture. Any one of the following technical certifications: CISSP, CISM, GSOC Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major Any one of the following project management experience - Prince2 / PMI / MSP / CSM Experience with data analysis and visualization technologies Fluency in English, other language skills are considered an asset EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Senior Manager_TDR (threat detection and response) Job Summary As a Senior Manager with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagement and services development activities. You will be focused on helping client’s grow and turn their Cyber security strategy into reality. You’ll work in high-performing teams that drive growth and deliver exceptional client service, making certain you play your part in building a better working world. You will be responsible for overall client service quality delivery in accordance with EY’s quality guidelines & methodologies. You will need to manage accounts and relationships on a day-to-day basis and explore new business opportunities for EY. Establishing, strengthening and nurturing relationships with clients (functional heads & key influencers) and internally across service lines. You will assist in developing new methodologies and internal initiatives and help in creating a positive learning culture by coaching, counselling and developing junior team members. Client responsibilities: Technical leadership and knowledge of cybersecurity concepts and methods including, but not limited to, SOC transformation, CTI, cloud, privacy, incident response, governance, risk and compliance, enterprise security strategies, and architecture. Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Generate new business opportunities by participating in market facing activities, executive briefings and developing thought leadership materials Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Should have worked in a security operations center and gained understanding of SIEM and other log management platforms. Having experience in best in breed SIEM (Splunk, Sentinel and Qradar etc) content development / architecting will be an added advantage. Should have good hands-on experience and skills on advanced and integrated key Threat Detection Technology like SIEM, SOAR, EPP, EDR solutions, Firewalls, IDPS, Web Proxy, Enterprise Forensics tools. Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure. Good knowledge in threat modelling. Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement. Brief the engagement team on the client's environment and industry trends. Maintain relationships with client to manage expectations of service including work products, timing, fees and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations Create and demonstrate innovative insights for clients, adapts methods and practices to fit operational team needs & contributes to thought leadership documents Apply extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services Drive discussions / knowledge sharing with key client personnel and contribute to EY’s thought leadership Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Strong collaboration with EY senior executives, other key stakeholders and importantly other EY SOC leaders to co-establish, promote and drive a Cyber SOC ecosystem Key responsibilities: Provide industry insights (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) that energize growth Demonstrate deep understanding of the client’s industry and marketplace Lead consulting engagements that solve complex Cyber security issues Help mentor, coach and counsel their team members and help us build an inclusive culture and high-performing teams Maximize operational efficiency through standardization and process automation on client engagements and internal initiatives Monitor delivery progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes Successfully manage engagement time and budgets Convey complex technical security concepts to technical and non-technical audiences including executives. Provide strategic and relevant insight, connectedness and responsiveness to all clients to anticipate their needs Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Define, develop and implement strategic go-to-market plans in collaboration with local EY member firms in Americas, EMEIA and APAC. Drive new business opportunities by developing ideas, proposals and solutions Strongly represent EY and its service lines and actively assess what the firm can deliver to serve clients. Assist Consulting Partners in driving the business development process on existing client engagements by gathering appropriate esources, gaining access to key contacts & supervising proposal preparation Develop long-term relationships with networks both internally and externally Enhance the EY brand through strong external relationships across a network of existing and future clients and alliance partners Driving the quality culture agenda within the team Manage and contribute in performance management for the direct reportees and team members, as per the organization policies Able to examine and act on people related issues both strategically and analytically. Participating in the EY-wide people initiatives including recruiting, retaining and training Cybersecurity professionals Use technology to continually learn, share knowledge and enhance client service delivery Support the EY inclusiveness culture To qualify, candidates must have: At least 15 years of industry experience and serving as Manager for minimum of 10 years or 5 years as Senior Manager, of recent relevant work experience in information security or information technology discipline, preferably in a business onsulting role with a leading technology consultancy organization Strong technical experience in not limited to, attack and penetration testing, vulnerability management, cloud, privacy, incident response, governance, risk and compliance, enterprise security strategies, and architecture. Any one of the following technical certifications: CISSP, CISM, GSOC Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major Any one of the following project management experience - Prince2 / PMI / MSP / CSM Experience with data analysis and visualization technologies Fluency in English, other language skills are considered an asset EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Senior Manager_TDR (threat detection and response) Job Summary As a Senior Manager with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagement and services development activities. You will be focused on helping client’s grow and turn their Cyber security strategy into reality. You’ll work in high-performing teams that drive growth and deliver exceptional client service, making certain you play your part in building a better working world. You will be responsible for overall client service quality delivery in accordance with EY’s quality guidelines & methodologies. You will need to manage accounts and relationships on a day-to-day basis and explore new business opportunities for EY. Establishing, strengthening and nurturing relationships with clients (functional heads & key influencers) and internally across service lines. You will assist in developing new methodologies and internal initiatives and help in creating a positive learning culture by coaching, counselling and developing junior team members. Client responsibilities: Technical leadership and knowledge of cybersecurity concepts and methods including, but not limited to, SOC transformation, CTI, cloud, privacy, incident response, governance, risk and compliance, enterprise security strategies, and architecture. Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Generate new business opportunities by participating in market facing activities, executive briefings and developing thought leadership materials Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Should have worked in a security operations center and gained understanding of SIEM and other log management platforms. Having experience in best in breed SIEM (Splunk, Sentinel and Qradar etc) content development / architecting will be an added advantage. Should have good hands-on experience and skills on advanced and integrated key Threat Detection Technology like SIEM, SOAR, EPP, EDR solutions, Firewalls, IDPS, Web Proxy, Enterprise Forensics tools. Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure. Good knowledge in threat modelling. Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement. Brief the engagement team on the client's environment and industry trends. Maintain relationships with client to manage expectations of service including work products, timing, fees and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations Create and demonstrate innovative insights for clients, adapts methods and practices to fit operational team needs & contributes to thought leadership documents Apply extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services Drive discussions / knowledge sharing with key client personnel and contribute to EY’s thought leadership Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Strong collaboration with EY senior executives, other key stakeholders and importantly other EY SOC leaders to co-establish, promote and drive a Cyber SOC ecosystem Key responsibilities: Provide industry insights (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) that energize growth Demonstrate deep understanding of the client’s industry and marketplace Lead consulting engagements that solve complex Cyber security issues Help mentor, coach and counsel their team members and help us build an inclusive culture and high-performing teams Maximize operational efficiency through standardization and process automation on client engagements and internal initiatives Monitor delivery progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes Successfully manage engagement time and budgets Convey complex technical security concepts to technical and non-technical audiences including executives. Provide strategic and relevant insight, connectedness and responsiveness to all clients to anticipate their needs Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Define, develop and implement strategic go-to-market plans in collaboration with local EY member firms in Americas, EMEIA and APAC. Drive new business opportunities by developing ideas, proposals and solutions Strongly represent EY and its service lines and actively assess what the firm can deliver to serve clients. Assist Consulting Partners in driving the business development process on existing client engagements by gathering appropriate esources, gaining access to key contacts & supervising proposal preparation Develop long-term relationships with networks both internally and externally Enhance the EY brand through strong external relationships across a network of existing and future clients and alliance partners Driving the quality culture agenda within the team Manage and contribute in performance management for the direct reportees and team members, as per the organization policies Able to examine and act on people related issues both strategically and analytically. Participating in the EY-wide people initiatives including recruiting, retaining and training Cybersecurity professionals Use technology to continually learn, share knowledge and enhance client service delivery Support the EY inclusiveness culture To qualify, candidates must have: At least 15 years of industry experience and serving as Manager for minimum of 10 years or 5 years as Senior Manager, of recent relevant work experience in information security or information technology discipline, preferably in a business onsulting role with a leading technology consultancy organization Strong technical experience in not limited to, attack and penetration testing, vulnerability management, cloud, privacy, incident response, governance, risk and compliance, enterprise security strategies, and architecture. Any one of the following technical certifications: CISSP, CISM, GSOC Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major Any one of the following project management experience - Prince2 / PMI / MSP / CSM Experience with data analysis and visualization technologies Fluency in English, other language skills are considered an asset EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

#ContractualOpportunity We are seeking a seasoned Service Design leader with a strong grasp of user-centered methods and a working knowledge of UI/UX practices to support a large-scale IT transformation initiative. This role will help shape the vision, strategy, and operating model for Experience Management for EUC (End User Computing) - driving data-informed experience improvements across enterprise IT systems. Key Responsibilities Design & Strategy Leadership Define and evolve end-to-end service experiences across IT operations, with a focus on improving digital employee experience (DEX). Lead discovery and co-creation sessions with cross-functional stakeholders to uncover needs, identify pain points, and shape strategic interventions. Translate service design outputs into actionable roadmaps, operating models, and system-level recommendations. Experience Intelligence & Value Mapping Partner with data and engineering teams to extract insights from existing systems (e.g., ServiceNow, Intune, Tanium, etc.). Drive the design and articulation of experience KPIs, user sentiment insights, and automation opportunities. Identify gaps in data coverage and provide guidance on addressing them to enable more complete experience measurement. Interface Design Oversight Support the conceptualization of intuitive dashboards and visual reporting tools that translate complex data into clear, decision-ready insights. Collaborate with UX team/s to ensure interfaces are aligned with user needs and strategic goals. Tooling Strategy & Future-State Design Contribute to the evaluation of strategic DEX platforms and their alignment with organizational goals (optional, not core skill) Help define the value case for future tools that enable self-healing IT, proactive support, and continuous experience improvement (optional, should be able to weigh in on these conversations with the techno-functional teams) Ideal Candidate Profile About 10 years of experience in service design, digital strategy, or experience-led transformation. Proven ability to work at the intersection of design, technology, and operations within complex enterprise environments. Strong systems thinker with the ability to connect user needs, operational realities, and data signals. Familiarity with digital experience tooling, IT support ecosystems, and enterprise platforms. Confident communicator and facilitator with the ability to influence stakeholders and synthesize insights into clear strategies. Want to know more? Check out our open jobs around the world. https://www.designit.com/ Designit is committed to ensuring that all candidates have an equal opportunity to be considered for employment. Please let us know if you need any reasonable accommodation to participate in the job application or interview process.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Sentinel SOAR) - Senior KEY Capabilities : Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Sentinel SOAR related analytical processes and tasks Management and administration of Sentinel SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Sentinel SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Sentinel) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in any one of the SIEM Solution such as Splunk or SC-200 will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Sentinel SOAR) - Senior KEY Capabilities : Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Sentinel SOAR related analytical processes and tasks Management and administration of Sentinel SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Sentinel SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Sentinel) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in any one of the SIEM Solution such as Splunk or SC-200 will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

We're Hiring: Linux Administrator Location: Noida / Gurgaon / Bangalore Experience: 5+ Years Shifts: Alternate weeks (Night + EMEA), Hybrid mode Tech Stack: RedHat Linux (7/8/9), Satellite, Ansible Shell Scripting, Boot Process, LVM, ZFS VMware, AWS/Azure, Patch Management Key Responsibilities: Linux/Unix system administration and troubleshooting Linux patching using Tanium/Redhat Satellite/YUM Manage server performance, storage (NAS/SAN), LVM/ZFS/UFS/SVM Cloud: Experience with AWS, Azure, VMware, VPCs Ensure high system availability, DRP/BCP readiness Collaborate on ITSM processes and SLA compliance Create and maintain shell scripts (a plus) Good knowledge and experience on Redhat linux 7.x/8.x/9.x,Redhat Satellite, Ansible, Unix shells and scripting. Good understanding of Unix/Linux booting process & system startups. Sound knowledge of services like NFS, NTP and utilities like tar, top, sar, ssh Hands-on experience on LVM, ZFS, UFS, SVM etc. Working knowledge and experience of different types of storages (NAS/SAN) Hands-on experience of Linux patching using Tanium/Redhat Satellite / YUM/other tools Troubleshooting of boot issues, LVM issues etc Working knowledge of VMware / VPCs, AWS or Azure to manage the configuration and maintenance of System related tasks Server performance monitoring and analysis Good knowledge of ITSM process, adhere to SLA response Knowledge of Unix shell scripting would be an added advantage Working knowledge of DRP (disaster recovery plan) and BCP (business continuity plan) Able to translate business requirements and needs into technical requirements Configuration and maintenance of both UFS and ZFS file Systems Azure Experience on building VMs/Maintenance work and BAU work.

Country India Working Schedule Full-Time Work Arrangement Hybrid Relocation Assistance Available No Posted Date 21-Jul-2025 Job ID 10271 Description and Requirements Job Responsibilities Responsible for creating and testing Windows software installation packages for automated deployments in an Enterprise environment Experience in creating packaging for server operating system, mostly for Citric end user platform hosting on server platform. Initiates, plans, coordinates, designs, develops, and tests software distribution packages. Work with end customer to perform the UAT testing of the package before distribution of the package in production environment. End-to end support in packaging, testing , distributing in test and production rollout, help operations team in case of any failure in prod deployments Participates in project activities beyond technical tasks, to include collecting data, contributing to designs/decisions, and communicating with customers Research and recommend innovative, and where possible, automated approaches for anything related to software packaging and deployment Generate and maintain operational and other procedural documentation as needed Experience with multi-site, large environment with application package deployments using tools such System Center Configuration Manager, Intune, or equivalent technologies such as Chef Infra , Ansible Experience with producing complex software packages and software deployments Minimum of two years' experience in Config Management, SCCM, Intune or similar product for application packaging and distribution Expertise with Desktop Virtualization - VMWare Workstation, Hyper-V, Azure AVD, Citrix VDI, or equivalent technologies is preferred In-depth knowledge of operating systems (Windows Desktop OS 7/10/11, Windows Server 20XX Server). Ex. (DLL conflicts, Windows registry, environment variables, batch files, and client/ server operations/connectivity Strong knowledge in windows application package creation and installation using Windows installation components and third-party tools such as Admin Studio, InstallShield, Wise Studio, Orca Expertise in Windows automation scripting such as PowerShell, WMI, VBScript, PowerShell App Deployment Toolkit. PowerShell and App Deployment Kit strongly preferred Working knowledge in Microsoft‚ÄØIntune‚ÄØsoftware administration, software packaging and deployment Comprehensive knowledge and experience with Windows installer technologies such as MSI,‚ÄØMSIX, AppX, virtualization, and other installer technologies. Candidate should also have a strong understanding of the following areas as relates to application packaging: MSI patches and transforms MSIX packaging and App Attache MSI merge modules, macros, and custom actions Security modifications within MSI packages Installation impersonation (system, user etc.) Experience with DLL conflicts, Windows registry modifications Environment variables TCP/IP networks, Network Protocols Knowledge, Skills and Abilities Education Bachelor’s degree (Any Stream) or diploma with a minimum of 15 years of education. Experience Minimum Experience of 5 years with at least 3 years of relevant experience Expertise in windows Application packaging via Installadhiled, Experites in windows desktop and server operating systems Expertise in Citrix/Virtualization services Preferred experience in , Chef , Ivanti, Tanium and Ansible Good knowledge in PowerShell Knowledge and skills (general and technical) Application virtualization – Intermediate Citrix App Layering - Intermediate Microsoft Terminal services - Intermediate Good understanding on Citrix/virtualization Environment ITIL Framework knowledge Basic understanding of CRM tools (ServiceNow/Remedy) Should have experience in XenApp. About MetLife Recognized on Fortune magazine's list of the 2025 "World's Most Admired Companies" and Fortune World’s 25 Best Workplaces™ for 2024, MetLife , through its subsidiaries and affiliates, is one of the world’s leading financial services companies; providing insurance, annuities, employee benefits and asset management to individual and institutional customers. With operations in more than 40 markets, we hold leading positions in the United States, Latin America, Asia, Europe, and the Middle East. Our purpose is simple - to help our colleagues, customers, communities, and the world at large create a more confident future. United by purpose and guided by empathy, we’re inspired to transform the next century in financial services. At MetLife, it’s #AllTogetherPossible. Join us!

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of yourself. And EY is counting on your unique voice and perspective to help the organization become even better. Join us and build an exceptional experience for yourself, and contribute to creating a better working world for all. As a CMS-TDR Staff at EY, you will be part of the cyber security team and work as a SOC analyst to assist clients in detecting and responding to security incidents with the support of SIEM, EDR, and NSM solutions. **The Opportunity:** We are seeking a Security Analyst with experience in SIEM, EDR, and NSM solutions. **Your key responsibilities include:** - Providing operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. - Performing the first level of monitoring and triaging of security alerts. - Conducting initial data gathering and investigation using SIEM, EDR, NSM solutions. - Providing near real-time analysis, investigation, and reporting of security incidents for customers. **Skills and attributes for success:** - Customer Service oriented with a commitment to meeting customer needs and seeking feedback for improvement. - Hands-on knowledge of SIEM technologies like Splunk, Azure Sentinel, CrowdStrike Falcon LogScale from a Security analyst's perspective. - Exposure to IOT/OT monitoring tools like Claroty, Nozomi Networks is a plus. - Good knowledge and experience in Security Monitoring and Cyber Incident Response. - Familiarity with Network monitoring platforms like Fidelis XPS, ExtraHop and endpoint protection tools such as Carbon Black, Tanium, CrowdStrike, Defender ATP, etc. **To qualify for the role, you must have:** - B. Tech./ B.E. with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English language. - Technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Hands-on experience in SIEM, EDR, and NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certification such as CEH, ECSA, ECIH, Splunk Power User. **What working at EY offers:** At EY, you will work on inspiring and meaningful projects with a focus on education, coaching, and personal development. You will have opportunities for skill development, career progression, and the freedom to handle your role in a way that suits you best. EY offers support, coaching, and feedback from engaging colleagues, along with an environment that emphasizes high quality and knowledge exchange. EY is dedicated to building a better working world, creating value for clients, people, and society, and building trust in the capital markets. With diverse teams in over 150 countries, EY provides trust through assurance and helps clients grow, transform, and operate across various domains.,

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMS-TDR Staff As part of our EY-cyber security team, who shall work as SOC analyst who will assist clients in detecting and responding to security incidents with support of their SIEM, EDR and NSM solutions. The opportunity We’re looking for Security Analyst with experience in SIEM, EDR and NSM solutions. Your key responsibilities Operational support using SIEM solutions (Splunk, Sentinel), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. First level of monitoring and triaging of security alerts Initial data gathering and investigation using SIEM, EDR, NSM solutions. Provide near real-time analysis, investigation and, reporting security incidents for customer Skills and attributes for success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS, ExtraHop Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender ATP etc. To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Ability to work in 24x7 shifts Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Hands-on experience in SIEM, EDR and NSM solution Certification in any of the SIEM platforms Knowledge of RegEx, Perl scripting and SQL query language. Certification - CEH, ECSA, ECIH, Splunk Power User What working at EY offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection and Response - Security Orchestration, Automation and Response - Sentinel SOAR - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Sentinel SOAR related analytical processes and tasks Management and administration of Sentinel SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification and experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Sentinel SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Sentinel) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in any one of the SIEM Solution such as Splunk or SC-200 will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.