154 Threat Analysis Jobs - Page 3

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will engage in proactive monitoring and response to security incidents, while also contributing to the development of security policies and procedures that align with organizational goals. Your role is crucial in safeguarding information and maintaining the integrity of business processes in a constantly evolving threat landscape. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Role & responsibilities Must Have: 3 + years hands-on experience with cybersecurity Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), antivirus (AV), Identity and Access Management (IDAM), Security Information and Event Monitoring (SIEM) Security Orchestration and Automation (SOAR) platforms Key Ask for the discussed role: Candidate should be able to support for security related incidents Troubleshooting experience is essential. Should be able to identify and applies mitigation controls (where possible) to remediate alerts Good to have Skills: Cybersecurity certifications including CompTIA Network+, Security+, Cloud+, Ethical Hacker, EnCE, GCFE, GCFA, GNFA, GDAT, GCIH, GREM, CISA, CISM, CISSP, and/or similar cybersecurity certifications

Opportunity Overview As a Platform Specialist Team Lead at ZeroFOX, you will join a team of highly skilled individuals working to prevent cyber attacks for enterprise-level commercial and government customers. Using our proprietary hybrid intelligence platform, this role specifically focuses on supporting existing customers by providing detailed analysis and contextualization regarding a variety of cyber risks. You will have the opportunity to research these risks, develop notification and alert packages, and present your findings to customers. Your goal: Keep our customers safe with detailed threat intelligence information, and present findings in a professional manner. Responsibilities: Analyze large volumes of data for customer-related risks. Create risk notification and alert packages for customers. Interface with customers and stakeholders to provide analysis reports and details. Support and respond to customer requests for further information and analysis. Responsible for communications with the customers including: phone, video, email, and authoring reports. Triage alerts for customers to give real time intelligence. Act as an escalation point for Tier 1 alert analysis, platform configuration, and trend analysis; Managing the team based on metric driven outcomes Serve as a resource for the Account Management team to explain the managed service. Act as a customer advocate internally, working across appropriate teams to solve customer challenges Support team productivity and outputs during assigned shifts. Identify opportunities for process improvement and efficiency. Provide coaching, training, and mentorship to team members. Act as a liaison between team members and upper management. Conduct regular performance evaluations and provide feedback to team members. Provide regular updates and reports on team progress to upper management. Requirements: Attention to detail Experience working in a team environment and responsible for certain aspects of service delivery Ability to lead a team and be a point of contact as a subject matter expert Knowledge of the cyber threat environment including how the following sources of data enable cyber operations: major social networks (knowledge of emerging networks a big plus); dark web; domain abuse; analyze security incidents, such as account breaches, unauthorized access, or malicious content etc. Superior research and analysis skills Ability to convey complex ideas, trends, and information in a simple way (a writing sample will be requested as part of the interview process) Ability to extrapolate trends from mass amounts of disparate data Solid interpersonal and social skills Experience with other SaaS, cyber security, or social media products or services is preferred Must be willing to work alternative work schedule including partial weekends Big Bonus: Basic scripting capabilities: JavaScript, Python, or similar; at minimum being able to review and edit basic code structure Comfort working with a quickly growing team Ability to quickly adapt and recommend solutions as needed A self-starting mentality, when you find a problem, you alert the team, and fix ityou dont wait for the next task. Familiarity and comfort with producing superior work while meeting aggressive deadlines Benefits Competitive compensation Community-driven culture with employee events Generous time off Best-in-class benefits Fun, modern workspace Respectful and nourishing work environment, where every opinion is heard and everyone is encouraged to be an active part of the organizational culture

OPPORTUNITY OVERVIEW As a Platform Data team member, you will join the Technology team, a group of highly skilled individuals working to protect enterprise-level commercial customers from digital risk. In this role, you will support our team by identifying and conducting detailed analysis of cyber risks. Your goal: find the real-time information that will impact our customers, identifying risks and applying the appropriate escalation path. Role and responsibilities • Work with internal teams to determine various attack vectors for our customers • Familiarize yourself with the customers protected entities to help learn and set expectations • Determine best methods of finding customer-related risks across the internet • Find and analyse these risks for high-value use cases • Learn and work from pre-established workflows established by our customers and threat-intel teams • Utilize the ZeroFox tool set to create correct meaningful alerts for each customer/network Qualifications • Experience in threat-hunting, threat-intel, or cybersecurity role, typically obtained in 6-8 yrs • Understanding of basic network and host security concepts • Extreme attention to detail • Strong analytical skills • Knowledge of major social networks • Knowledge and familiarity with cyber-threats (e.g. phishing) • Solid interpersonal and social skills • Spoken and written fluency in the English language • Comfort working on a quickly growing team • Ability to quickly adapt and recommend solutions as needed • Self-starting; when you find a problem, you alert the team, and fix ityou dont wait for the next task • A track history of producing superior work while meeting aggressive deadlines Huge Plus • Experience with other SaaS, cyber security, or social media products or services • Knowledge of emerging social networks • Experience in Customer Success Benefits • Competitive compensation • Community-driven culture • Generous time off • Comprehensive health benefits • Fun, modern workspace

Threat Hunter & Threat Huner lead roles JD : 8 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detection

Role & responsibilities Threat Hunter JD : 5 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections

LTI Mindtree hiring Threat Hunting Lead role. 6 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections Job Location: Pan India Experience: 8 to 12 years If you are ready to embark on a new chapter in your career, kindly share your resume at Muthu.Pandi@ltimindtree.com Please share below details: Contact Number: Preferred time to connect: Total Experience : Relevant Experience : Current Location: Preferred Location: Notice Period: Current CTC: Expected CTC: Reason for job change: Regards, Muthu Pandi HR LTIMindtree

SOC Analyst 3+ Years of exp in SOC, and should have exp with Azure/AWS cloud. Exp in Remediation and "Defender for Cloud " is a must . About the role As a SOC Analyst, you will play a critical role in strengthening our organization's security posture through proactive threat detection and response. You will monitor system and network activity for any dangers or weaknesses and delve into the details of potential security incidents. Along the way, you will get to: Incident Analysis: Analyze security notifications to identify potential security issues and evaluate their impact and severity. Incident Response: Oversee the response to verified security incidents, including containment measures and investigation. Threat and Vulnerability Analysis: Investigate, document, and report on information security issues and emerging trends. Adjust Security Tools and Processes: Fine-tune security tools and processes to improve the organization's overall security posture. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. What were looking for Technical Proficiency: In-depth knowledge of security protocols, techniques, and technologies. Analytical Skills: Ability to analyze system performance and troubleshoot complex security issues. Communication: Effective communication skills to interact with team members and stakeholders. What you can expect Were legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another locationeven an international destinationfor up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Today's talent leads tomorrow's success. Learn more about Insight: https://www.linkedin.com/company/insight/

C, QNX, Linux, Kernel, Device Drivers, MACSec, BSP, SoC Cybersecurity, Secure Boot, Cryptography, OPTEE, Penetration testing. Required Skills Technical Security concept and Software Security concept. Vulnerability analysis (System and Software). Threat analysis and risk assessment, Threat modelling. Security Testing like Fuzz and Penetration testing. Expertise in MACSec concepts. Good understanding of HSM, Secure boot, Secure updates, cryptographic libraries, True Random number generator, Signing (ECDSA, RSA). Good understanding on OPTEE OS, ARM Trusted Firmware, E-fusing. Aware of Crypto terminologies like encryption (AES, ECC), signing (ECDSA, RSA), Hash (SHA-256). Understanding on RFS protection like dm-verity. Ability to work in a fast-paced environment building hardware and software products. Good knowledge on Yocto framework is added advantage. Preferred Skills Experience in Automotive domain. Experience in Linux build systems: Yocto. Real-time systems programming experience considered an asset. Experience with developing safety ISO26262 certified BSP and product considered an asset. Experience in design tools such as EA and Rhapsody. Contributions to Linux kernel and other open-source projects.

LTIMindtree Hiring for Threat Hunter/Threat Hunter Lead Notice period-immediate to 15 days. Exp-5 to 12 yrs. Location- Hyderabad if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview- Are you okay with Rotational shift- Job description- 6 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections

LTIMindtree Hiring for Malware Analyst. Notice period-immediate to 15 days. Exp-3 to 5 yrs. Location- Hyderabad, Chennai, Pune, Bangalore if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview- Are you okay with Rotational shift- Job description- Static and dynamic malware analysis(aware of file structure like, PE, PDF, OLE, windows short cut files etc...) someone who has hands on writing signatures for malware samples(at-least initial vector malware). Aware of trending malware family campaign and analysis for threat write ups for that follow up family. (example malware family - Emotet/Qakbot/AgentTesla etc..) Email security and Endpoint Security (EOP) Investigating the Phishing campaign and spam emails which users have received and reported. Threat Intelligence analysis/ Threat hunting Analyzing PE files (Dynamic and static analysis) and providing detection for malicious PE files.(RE/Malware Analysis) Analyzing non-PE file s (like OLE / PDF / HTML / HTA / VBS|VBE /JS/ WSF/JAR/LNK) and providing detection for malicious files. Malware Analysis and Reversing. Reverse Engineering skills: familiar with debuggers, disassemblers, network protocols, file formats, sandboxes, hardware/firmware internals, software communication mechanisms, Classification, clustering and labelling of Malware. Knowledge of Advanced Techniques of Malware Analysis. Knowledge of Malware kill chain and MITRE ATT&CK techniques and tactics. Knowledge of AV evasion techniques and Pen testing tools like - Veil (equal rank), PowerShell Empire, Meterpreter, Unicorn, Cactus Torch, and Any other similar tools Additionally, Experience with advanced persistent threats, human adversary compromises and incident response. Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvements. Excellent analytical skills and ability to identify patterns and trends. Strong research skills, data knowledge, and ability to analyze and present complex data in a meaningful way. Strong understanding of Cyber Security, modern security problems and threat landscape, Operating Systems (internals), computer networking concepts. Required Skills: Olly DBG, IDA PRO, Static and dynamic malware analysis, PE and non-PE file analysis

Conduct testing to identify vulnerabilities, and collaborate with cybersecurity team to update defensive protocols when necessary Configure antivirus systems, firewalls, data centers, and software updates with a security-first mindset

As an India lead, Cyber Response, you will lead a team of talented and passionate cyber security professionals who are responsible for defending the cyber threats. You will be part of the global Cyber Response function and you will collaborate with your peers and stakeholders across the organisation. You will have a dual role of people leader and technical leader. You will use your extensive experience and skills in cyber incident response to guide and coach your team and occasionally be hands-on with the data and tools. You will also ensure that your team has the resources, support, and direction they need to perform their core mission. You will also contribute to the continuous improvement and maturity of the Cyber Response function, by driving innovation, quality, and efficiency in the processes, methods, and capabilities. You will need to have a strong background in managing and leading global teams, leading an operational SOC/IR function, and demonstrating excellent technical and leadership skills. Your key accountabilities will include: - Managing 24/7 Cyber Response function in India, including daily operations, escalation, quality, reporting, supplier management, etc - Leading and directing Cyber Response on major incidents as part of the global team - Uplifting the Cyber Response capability, methodology and tradecraft - Managing and reporting on operational performance and meeting KPIs and stretch targets - Contributing to strategy, planning and investment activities to enhance the Cyber Response capability - Leading and supporting projects delivering new Cyber Response capability or requiring integration to Cyber Response services, including requirements, delivery and operational acceptance - Working with stakeholders to improve BAU security posture and defence against current & emerging threats - Working closely with other related teams including Cyber Threat Intelligence, Red Team, Vulnerability Management and Application Security - Performing other related activities as required by Management

Scope of Position: The Senior Analyst for Cybersecurity will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against the company's global networks. You will be charged with part of leading the maturation and optimization of our EDR capability through the development of custom content that focuses on threat actor TTPs and reduces false positives. You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources and provide reporting and briefings to other teams and leadership to maintain appropriate levels of situational awareness. RESPONSIBILITIES: Review and build host-based detection content in EDR solutions such as Sentinel One, Microsoft Defender and other leading vendors. Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output and mentor cyber analysts. Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and evolve custom detections that mitigate highly dynamic threats to the enterprise. Proactively research advanced and emerging cyber threats, and apply analytical understanding of attacker methodologies, system vulnerabilities, and key indicators of attacks and exploits in threat hunting efforts Execute as needed in each of the six phases of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned Collaborate using information and knowledge sharing networks and professional relationships. Education and Experience: Bachelor's degree and 5+ years of threat analysis and/or incident response experience - additional years of relevant experience may be considered in lieu of Bachelor's degree Relevant certifications (CISSP, SANS GIAC, CEH, etc.) REQUIREMENTS: Threat analysis and/or incident response experience Understanding of cyber threat models, including ATT&CK, Cyber Kill Chain, Racetrack, Diamond Model, etc. Experience working with EDR tools Experience with a SIEM-type platform Experience performing analysis and correlation of log data and forensic artifacts from multiple sources. Must be proficient, verbally and in writing with the English language.

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Architecture Design Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud and Enterprise security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of cloud and enterprise security controls and transitioning to security-managed operations. You will play a crucial role in safeguarding the organization's data and infrastructure and perform threat modeling using threat modeling tools like Microsoft threat modeler/ IRIUS Risk /OWASP Threat dragon Roles & Responsibilities:- Expected to be an SME in Security Architecture Design and threat modeling.-Lead and conduct threat modeling exercises (STRIDE, PASTA, Kill Chain, MITRE ATT&CK) on new and existing systems, applications, and architectures -Build and maintain detailed Data Flow Diagrams (DFDs) , prioritize threats/Risk , developing countermeasures- Collaborate and manage the team to perform effectively.- Responsible for team decisions and ensuring adherence to security best practices.- Engage with multiple teams and contribute to key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Ensure the implementation of robust security controls.- Conduct risk assessments and vulnerability testing.- Develop and maintain security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design, Threat modelling.- Strong understanding of threats, vulnerabilities, Risk prioritization ,security design principles and best practices.- Experience in designing and implementing security controls for cloud environments.- In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST).- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with cloud platforms such as AWS or Azure. Additional Information:- The candidate should have minimum 12 years of experience in Security Architecture Design.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. Were looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like youThen it seems like youd make a great addition to our vibrant team. Siemens founded the new business unit Siemens Advanta (formerly known as Siemens IoT Services) on April 1, 2019 with its headquarter in Munich, Germany. It has been crafted to unlock the digital future of its clients by offering end-to-end support on their outstanding digitalization journey. Siemens Advanta is a strategic advisor and a trusted implementation partner in digital transformation and industrial IoT with a global network of more than 8000 employees in 10 countries and 21 offices. Highly skilled and experienced specialists offer services which range from consulting to craft & prototyping to solution & implementation and operation- everything out of one hand. We are looking for a Product & Solution Security Professional Youll make a difference by Mandatory Skills - Needs to be specialized in at least one/two of different areasSecure Architecture & Design, Threat & Risk Analysis, Secure Project Integration. Network security- firewall & network IDS, IPS PSSE will be primarily involved in the secure architecture and design, defines secure design principles, supports selection of secure suppliers and technologies and the development of secure configuration standards and security topics such as IDS, security patch management or Anti-Virus systems must be considered. Also, as part of project integration- defines, supervises, and tests the components/ subsystems with regards to system security, defines and establishes zones and conduits taking physical security concerns into account and prepares and performs security handover of complex systems to customers. Supports and consults the project leaders in implementing the required product & solution security. Supports project teams in conducting the corresponding security activities during the project execution process and / or services. Can support multiple projects and should occupy the function for the main part of is defined working time. Reports to the Project / Functional Lead and the Product & Solution Security Officer. Specification and maintenance of secure coding, secure design guidelines, configuration, and hardening guidelines Synchronize adequately with Information Security organization to ensure architecture and design, and integration IT-infrastructure is sufficiently secure. Specification and maintenance of security requirements for the project. Support for meeting international and regional security standards and regulations (like IEC62443, ISO27000, CENELEC, NIST, SANS) in the project. Planning and performing threat and risk analysis and definition of countermeasures in line with risk acceptance criteria of organization. Evaluation of third-party components regarding product & solution security. Clearance of implementation and documentation of security critical components (e.g., cryptographic functions, hidden function, firewall settings) Verification of implementation regarding security requirements (e.g., as part of system test, factory, or site acceptance test). This includes recommendation and creation of security testing tools. Validation (e.g., friendly hacking, penetration testing) to ensure that implementation fulfills security expectations. Involvement in the analysis and handling of security vulnerabilities & incidents. Sound understanding of Product and solution security topic. Hands on experience of Threat and Risk Analysis (TRA) Supporting the systems engineering for security issues. Monitoring and evaluation of vulnerabilities and security incidents Assessment of security-related requirements Proficient in MS Word, Excel (Writing Macros) and PowerPoint Management and Reporting Exhibiting excellent communication and analytical skills Desired Skills: 9+ years of experience is required. Great Communication skills. Analytical and problem-solving skills Join us and be yourself! Make your mark in our exciting world at Siemens. This role is based in Pune and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. Find out more about Siemens careers at & more about mobility at https://new.siemens.com/global/en/products/mobility.html

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Level 2 SOC Analyst, your role involves deeper investigation of security alerts and confirmed incidents. You will validate escalated events using Sumo Logic and CrowdStrike Falcon, enrich them with context, and work closely with L3 analysts to assist in containment and timely remediation. You will also assist in improving detection fidelity and supporting SOAR automation. Roles & Responsibilities:-Intermediate Sumo Logic SIEM query and dashboarding skills-Alert Triage & Investigation:Experience investigating escalated alerts using SIEM or EDR-Hands-on experience with CrowdStrike EDR investigations-Incident Response and Containment:Take necessary actions to contain, eradicate and recover from security incidents.-Malware Analysis:Perform malware analysis using the sandboxing tools like CS etc.-SOAR Execution:Running and modifying basic playbooks in Sumo Logic SOAR-Incident Reporting and Documentation:Strong reporting skills with accurate detail capture to provide the RCA for the true positive security incidents with detailed documentation.-Communication & Collaboration:Send emails to request information, provide updates, and coordinate with different teams to ensure tasks are completed efficiently.-MITRE ATT&CK Mapping:Ability to classify incidents with tactics/techniques-Alert fine tuning recommendations to reduce false positive noise-Investigate alerts escalated by L1 to determine scope, impact, and root cause-Perform in-depth endpoint and network triage using CrowdStrike-Use CrowdStrike Falcon to perform endpoint analysis and threat validation-Correlate multiple log sources in Sumo Logic to trace attacker activity-Execute or verify SOAR playbooks for containment actions (isolate host, disable user)-Enrich events with asset, identity, and threat intelligence context-Document investigation workflows, evidence, and final conclusions-Support L3 during major incidents by performing log or memory triage-Suggest improvements in alert logic or SOAR workflow to reduce false positives-Conduct threat research aligned to alert patterns and business context-Enhance alert fidelity with threat intel and historical context-Document investigation findings and communicate with stakeholders Professional & Technical Skills: -Exposure to threat hunting techniques-Scripting to assist SOAR playbook tuning-Triage Automation:Ability to identify playbook gaps and recommend improvements-Cloud Security Basics:Awareness of log patterns from AWS/Azure-Log Analysis:Correlation and trend identification in Sumo Logic-Certifications:SC-200, CySA+, ECSA or relevant advanced certification-SIEM:Advanced queries, dashboards, correlation logic-SOAR:Execute and troubleshoot playbooks-Tools:CrowdStrike (RTR, detections, indicators), Sumo Logic SIEM-Threat Analysis:IOC enrichment, TTP identification-Primary Skill:Incident Investigation and Enrichment Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, monitoring systems for vulnerabilities, and responding to potential threats to ensure the integrity and safety of the organization's information and infrastructure. You will engage in proactive measures to safeguard against cyber threats while continuously improving security protocols and practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance organizational security. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM).- Strong understanding of security protocols and best practices.- Experience with incident response and threat analysis.- Familiarity with network security technologies and tools.- Knowledge of compliance standards and regulations related to information security. Additional Information:- The candidate should have minimum 2 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team skills and knowledge in security practices.- Monitor project progress and implement necessary adjustments to meet deadlines and objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls and Palo Alto Prisma Access.- Excellent knowledge on Palo Alto firewall, content update, wild fire , URL filtering, NAT.- Hands on Experience on Prisma, Prisma Gateway, security policy, dns security, decryption ,file block and Tunnel Management, Good Troubleshooting skill on Firewall issue, Global Protect, application slowness issue.- Understanding of Threat protection, EDL, SSL Inspection ,VPN technology.- Strong understanding of network security protocols and best practices.- Experience with security incident response and threat analysis.- Familiarity with compliance standards and regulatory requirements in security.- Ability to design and implement security architectures tailored to organizational needs. Additional Information:- The candidate should have minimum 5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Strong understanding of OWASP Threats classification Exp with establishing penetration testing procedures & processes. Exp with standard security tools such as Metasploit, SQLMap, Nmap, OWASP ZAP, Burp Suite etc. Stay current with evolving threats Required Candidate profile Understanding of threat modelling, vulnerability assessment, and penetration testing Exp on application & infrastructure vulnerabilities, automated/manual testing, auditing and remediation techniques

Secondary skill Experience with security tools and technologies (e.g., SIEM, IDS/IPS, firewalls). Familiarity with DevSecOps practices. Missions We are seeking a skilled Cloud Security Analyst to join our team. The ideal candidate will have extensive experience in cloud security, particularly with Azure, AWS, and Microsoft 365 (M365). This role involves ensuring the security of our cloud infrastructure, identifying and mitigating risks, and implementing best practices to protect our data and systems Design, implement, and manage security measures for cloud environments (Azure, AWS, M365). Monitor cloud infrastructure for security breaches and respond to incidents. Conduct regular security assessments and audits. Develop and enforce security policies and procedures. Collaborate with IT and development teams to ensure secure deployment of applications. Stay updated with the latest security trends and threats. Responsible to managed cloud operational security Review users request on Azure and provide approval or implement required configuration (ex admin consent (permissions to internal or external applications to access Cloud Tenant with the user account)) Azure access reviews configuration and follow-up (report on non-completed reviews, send reminder to reviewers and reschedule access reviews) Monitor and provide report on Conditional access group exception groups Monitor and report on security alerts (Defender for Cloud) not managed by SG SOC. Provide training and guidance to staff on cloud security best practices. Profile Strong organizational, analytical and reporting as well as determination skills Previous experience of network security components administration Experience with security tools and technologies (e.g., SIEM, IDS/IPS, firewalls). Familiarity with DevSecOps practice

Conduct investigations into phishing emails and security threats, analyzing patterns and identifying potential risks. You will collaborate with teams to mitigate cybersecurity risks. Experience in threat analysis and phishing investigations is required.

Implements cybersecurity solutions to protect IT infrastructure from threats. Responsibilities include threat analysis, security monitoring, compliance audits, and security tool deployment. Expertise in SIEM, IDS/IPS, and vulnerability management is required.

Job Summary Synechron is seeking a detail-oriented and collaborative Business Analyst specialized in Cyber Security to join our team. In this role, you will serve as a key liaison between business stakeholders and technical teams, translating complex security requirements into clear, actionable specifications. You will contribute to the development of secure and resilient digital solutions that protect organizational assets, support compliance, and enable strategic business objectives. Your expertise will help ensure that cybersecurity risks are effectively managed while delivering high-quality, compliant solutions aligned with organizational goals. Software Requirements Required Software Skills: Business analysis tools and methodologies, including Agile, Waterfall, and BPMN Project management platforms such as JIRA, Asana, and Trello Data analysis tools like SQL and Microsoft Excel (preferred: advanced skills) Familiarity with SDLC (Software Development Life Cycle) and testing processes Preferred Software Skills: Basic knowledge of cybersecurity tools and platforms (e.g., SIEM, vulnerability scanners) Overall Responsibilities Facilitate the collection and analysis of cybersecurity and business requirements to identify security needs and risks. Collaborate with stakeholders to prioritize cybersecurity controls, risk mitigation strategies, and compliance requirements. Work closely with IT and cybersecurity teams to ensure requirements are accurately interpreted and translated into technical solutions. Develop and maintain comprehensive project documentation, including requirement specifications, process models, test plans, and risk assessments. Communicate project status, risks, and issues transparently to stakeholders at all levels. Support project delivery by ensuring solutions meet security standards, are delivered on schedule and within budget, and comply with relevant regulations. Assist in identifying process improvements and best practices for cybersecurity initiatives. Ensure a clear understanding of security-related impacts within broader project implementation. Technical Skills (By Category) Business Analysis Methodologies: Essential: Agile, Waterfall, BPMN Preferred: Lean, Six Sigma principles for process optimization Data Analysis & Reporting Tools: Essential: SQL, Microsoft Excel (pivot tables, formulas, data modeling) Preferred: Power BI or similar visualization tools Cybersecurity Knowledge: Basic understanding of security concepts, threats, and controls is preferred but not mandatory Project Management Tools: Essential: JIRA, Asana, Trello Preferred: Confluence or other documentation tools Development Lifecycle & Testing: Good understanding of SDLC processes, testing types (unit, integration, user acceptance testing) Experience Requirements Typically requires 3+ years of experience in business analysis, with a focus on cybersecurity or information security projects. Proven success in delivering complex projects with security components in finance, healthcare, or technology sectors is preferred. Experience working with cross-functional teams, including security specialists, developers, and business units. Alternative qualifications include relevant certifications (e.g., ECBA, CCBA, or CBAP) or experience in cybersecurity consulting. Day-to-Day Activities Lead requirements gathering workshops with stakeholders to understand cybersecurity controls, policies, and business needs. Collaborate with technical teams to define security specifications, controls, and compliance measures. Analyze and document security processes, workflows, and controls using BPMN or similar tools. Prepare detailed documentation including risk assessments, requirements traceability matrices, and test plans. Track project progress, identify potential delays or risks, and communicate updates proactively. Support testing activities to verify security requirements are met. Engage in stakeholder meetings to review security implications of solutions and manage expectations. Contribute to continuous improvement initiatives in cybersecurity governance and processes. Qualifications Bachelors degree in Business Administration, Computer Science, Information Technology, or related fields. Professional certification in Business Analysis (e.g., ECBA, CCBA, CBAP) or cybersecurity certifications (optional but advantageous). Training in security frameworks such as ISO 27001, NIST, or CIS Controls is a plus. Commitment to ongoing professional development in cybersecurity trends and best practices. Professional Competencies Strong analytical and problem-solving skills with the ability to interpret security requirements into practical solutions. Excellent communication skills to liaise effectively with both technical and non-technical stakeholders. Proven ability to manage multiple priorities and deliver high-quality work under tight deadlines. Ability to work independently while actively collaborating within teams. Adaptability to evolving security threats and organizational changes. Critical thinking, decision-making skills, and a proactive approach to risk management.

Say hello to possibilities. Its not everyday that you consider starting a new career. We’re RingCentral, and we’re happy that someone as talented as you is considering this role. First, a little about us, we’re the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. We’re a $2 billion company that’s growing at 30+% annually. Job Type: Full-Time Department: Security This is a great opportunity to work at a rapidly growing, market leading Unified Communications as-a-service company. RingCentral provides Voice-over-IP (VoIP), hosted PBX, voicemail, SMS, e-fax, and HD video meeting solutions for business. About this role: As a SOC Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentral’s global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel. Successful Candidates will: Have proven skills in application security, security monitoring, incident response and intrusion analysis Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills Demonstrated track record of quality processes in candidate’s work history Be strongly self-motivated with an aptitude for both individual and team-oriented work Have experience following and refining standard operating procedures and playbooks Responsibilities: Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment Engage teams within and outside of RingCentral to mitigate and resolve cases Maintain relevant documentation and audit artifacts Identify and track suspicious system activity Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems This role participates in on-call rotations Qualifications / Requirements: 3+ years in a security engineering, SRE, or SOC roles in a cloud services environment Experience with SIEM Experience investigating security incidents Basic knowledge AWS or GCP Experience with IDS, case management, and related tools and practices Experience with Linux, RedHat preferred Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc. Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP) Preferred Skills/Experience: Any combination of the following certifications: GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) GNFA (GIAC Certified Network Forensic Analyst) GCFE (GIAC Forensic Examiner) GASF (GIAC Advanced Smartphone Forensics) GICA GCTI (GIAC Certified Cyber Threat Intelligence) GPEN (GIAC Certified Pentester) GWAPT (GIAC Certified Web Application Pentester) GPYC (GIAC Certified Python Coder) OSCP (Offensive Security Certified Pentester) Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events Strong knowledge of Microsoft Windows Experience automating security tasks, including scripting, programming and/or SecDevOps Experience working with global teams