154 Threat Analysis Jobs - Page 4

Essential knowledge• Have over 8+ years of rich experience in information security domain and at least 4-6 years of dedicated experience in Threat-hunting.• Proficiency in using threat intel platforms such as CybelAngel, ThreatConnect, Recorded Future, DarkTrace etc.• Proficiency in using SIEM and SOAR solutions.• Strong understanding of network protocols and security technologies.• Strong understanding of endpoint detection and response (EDR) tools.• Excellent analytical and problem-solving skills• Preferably worked in BFSI domain with proven experience in SOC function.• Knowledge of key security standards and regulations such as NIST 800-61, CERT/CC, ISO 27035 etc.Skills and Application• Maintaining up-to-date knowledge of security landscape, threats, attack patterns and counter measures• Assess and design threat-hunting processes through solutions, tools and methodologies• Reviewing use cases/playbooks for integrating threat-intel• Continuously monitor security hygiene and performance using tools and processes• Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilienceOther• Knowledge of evolving advanced tech stacks and related control and risk universe from a threat-hunting perspective.• The ideal candidate will have a technical or computer science degree.• Professional certifications: GCIH, CISSP, CEH,etc.

Hi, Job Location : Guwahati Qualifications BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. Security certifications like CEH or equivalent preferred. Experience and Skillset Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. Proficient in Incident Management and Response. Basic knowledge of Windows and Unix environments. Knowledge of OSI Model, TCP/IP Protocols, network security. Knowledge about other security tools like Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities Responsible for working in a 24x7 Security Operation center (SOC) environment. Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. Monitor various dash boards from different security solutions on shift basis. Work with the engineering team for Sensor and SIEM rules fine-tuning. Prepare various management reports from SIEM and other security solutions. Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. If youre interested for Guwahati location please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email Id : ashwini.chakor@ril.com

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities:Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations.Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis.Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues.Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations.Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance.Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes.Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms.Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices.Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation.Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness.Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services.Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434.Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers.Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals.Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering.Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms.Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information:3+ years experience implementing and performing Automotive CybersecurityKnowledge of tools like CANoe, Wireshark, or Ghidra.Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules.This position is based at our Bengaluru officeA 15-year full-time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

JD: Work Location Mumbai (Aeroli) Experience – 3-4years Install, configure, and manage FleetDM and OSQuery across the bank's critical endpoints, ensuring continuous monitoring of core banking systems and financial infrastructure. Create and deploy custom queries, alerts, and rules to detect unauthorized activities, internal threats, and system anomalies. Leverage FleetDM and OSQuery to gather and analyze endpoint telemetry data (e.g., processes, network activity, financial transactions, file system changes) for signs of malicious activity targeting banking applications and infrastructure. Proactively hunt for advanced persistent threats (APTs), malware, and other security risks across Windows and Linux environments, with a focus on protecting critical banking systems. Utilize data from FleetDM and OSQuery to identify potential risks and detect fraudulent activities across financial systems and customer-facing services. Investigate malware to understand its impact on financial services, and develop detection rules to mitigate future incidents. Track and respond to threats involving online banking, mobile banking apps, payment systems, and other financial platforms. Knowledge on operating systems, networking, any query language etc

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work-related problems.- Implement security measures to protect computer systems, networks, and data.- Conduct regular security assessments and audits to identify vulnerabilities and risks.- Develop and implement security policies, protocols, and procedures.- Stay updated on the latest security trends, threats, and technologies.- Collaborate with cross-functional teams to enhance overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Strong understanding of identity and access management principles.- Experience with security tools and technologies such as SIEM, IDS/IPS, and DLP.- Knowledge of regulatory compliance requirements like GDPR, HIPAA, or PCI DSS.- Hands-on experience in incident response and security incident management. Additional Information:- The candidate should have a minimum of 3 years of experience in SailPoint IdentityIQ.- This position is based at our Chennai office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem. Roles & Responsibilities:Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements.Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity.Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces.Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle.Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular).Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules.Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification.Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning.Lead red team exercises and security reviews in coordination with product security and development teams.Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262.Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements. Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis.Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces.Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular.In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications.Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments.Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434.Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards.Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering.Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment.Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams.Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information:7+ years experience implementing and performing Automotive CybersecurityThis position is based at our Bengaluru officeA 15-year full time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

We are RadarRadar, experts in the commodity production, trade and processing industry. As a technology company we continuously aim to support our clients with strong data & analytics and business intelligence tools. It is our mission to enable companies to unlock the full potential of their data to improve risk and margin management and boost performance. Awards won: Top 10 Trading & Risk Management Service Providers 2023 | Energy Business Review Technology Innovation Award 2023 | Commodities People Analytics Technology Leader of the Year 2023 | Commodities People Top Business Information Systems Company 2022 | Data Magazine We are looking for a skilled and proactive Security Associate to join our IT team. This role is very important in ensuring the security of our cloud infrastructure. The ideal candidate will have hands- on experience in Azure security services, Windows Server security, SQL Server security, and infrastructure administration. What you will do Manage and optimize Azure Security services, including Microsoft Sentinel, Azure Monitor, Defender for Cloud, Endpoint/Server, Identity etc. Configure and monitor Log Analytics Workspaces and workbooks for effective threat detection and incident response. Create and manage virtual network configurations, private endpoint connections and other networking/firewall resources. Implement security best practices for Azure resources, ensuring compliance on regulatory standards and respond to incidents. Manage security configurations using Azure Policy Manage and secure mobile devices and applications using Microsoft Intune. Manage identity, access and Conditional Access policies within Azure AD. Apply security hardening techniques to Windows Server environments. Monitor and manage security baselines, patch management, and vulnerability assessments. Implement and maintain Group Policies, security auditing, and logging. Enforce SQL Server security best practices, including log management. Conduct regular audits, compliance checks on Servers Manage roles, permissions, and security configurations to protect data integrity. Create and manage various Azure resource (VMs, SQL Servers, Storage accounts, App services, Gateways, key vaults etc.) Create, manage and optimize Azure automation runbooks Perform administrative tasks for SQL Server, Windows Server, Microsoft 365 services including Intune, Entra ID, Teams, Exchange, Purview for data governance etc. Ensure high availability and performance of servers and services. Troubleshoot and resolve infrastructure-related issues promptly. Support backup and restore, disaster recovery, and business continuity planning. What you will bring Bachelors degree in computer science, Information Technology, or related field. 3+ years of experience in Azure security and infrastructure management. Strong knowledge of Microsoft security tools (Sentinel, Defender for Cloud, Defender for Endpoint/server). Proficiency in Windows Server and SQL Server security practices. Experience with Microsoft 365 and Entra ID administration. Microsoft Certified: Azure Security Engineer Associate Microsoft Certified: Azure Administrator Associate Strong analytical and problem-solving abilities. Excellent communication and teamwork skills. Ability to manage multiple tasks and projects effectively. Strong attention to detail and a proactive security mindset. What you will get: Remote work model A competitive salary and working with an amazing international team. An inspiring environment where you learn every day. Personal development plans to help you reach your personal goals.

About Us Our purpose at Avient Corporation is to be an innovator of materials solutions that help our customers succeed, while enabling a sustainable world. Innovation goes far beyond materials science; its powered by the passion, creativity, and diverse expertise of 9,000 professionals worldwide. Whether youre a finance wizard, a tech enthusiast, an operational powerhouse, an HR changemaker, or a trailblazer in materials development, youll find your place at Avient. Join our global team and help shape the future with sustainable solutions that transform possibilities into realities. Your unique perspective could be the key to our next breakthrough! Job Summary The Information Security Architecture and Engineering Senior Manager is responsible for defining and driving the overall design, implementation and operation of security technologies at Avient. This position requires experience leading local and offshore resources, ensuring compliance with relevant regulations, and driving effective solutions which minimize risk. Essential Functions Design and lead the implementation of the security architecture roadmap, achieving business performance targets and cyber maturity protection goal Ensure security capabilities are properly implemented and tuned as “fit for purpose,” addressing known and emerging threats Collaborate across IT and the business to ensure that technology roadmaps and implemented solutions address risk requirements Establish and maintain architecture and engineering standards for the organization Consult on Operational Technology (OT) security requirements, and recommend, design and deliver capabilities to protect these environments Stay informed of industry trends and relevant threat activity to adapt Avient’s capabilities as needed Other leadership duties as assigned Education and Experience Qualifications Bachelor’s degree in computer science, information technology, or related experience. Cloud and platform certifications preferred. 15+ years' experience leading Information Technology teams, with substantial direct experience leading distributed engineering teams Strong track record of integrating modern architectures (SaaS, PaaS, IaaS, etc.) with traditional environments to achieve an effective security posture Strong application security knowledge of OWASP TOP 10 and other vulnerability frameworks Threat modeling methodologies and experience at an application and enterprise level Strong knowledge of NIST Cybersecurity Framework, and related security standards and best practices Additional Qualifications Knowledge of modern authentication and identity infrastructures and cross-platform interoperability is a strong plus Cyber Incident Response experience Project Management and Quality Management methodologies

Design, implement, and assess cybersecurity controls across IT and OT environments. Conduct vulnerability assessments, develop secure architectures, and ensure compliance with standards Required Candidate profile Experienced in hands-on cybersecurity engineering and threat assessment with exposure to IT and OT. Strong in vulnerability scanning, architecture reviews, and cross-functional collaboration.

Dentsply Sirona is the world’s largest manufacturer of professional dental products and technologies, with a 130-year history of innovation and service to the dental industry and patients worldwide. Dentsply Sirona develops, manufactures, and markets a comprehensive solutions offering including dental and oral health products as well as other consumable medical devices under a strong portfolio of world class brands. Dentsply Sirona’s products provide innovative, high-quality and effective solutions to advance patient care and deliver better and safer dentistry. Dentsply Sirona’s global headquarters is located in Charlotte, North Carolina, USA. The company’s shares are listed in the United States on NASDAQ under the symbol XRAY.. Bringing out the best in people. As advanced as dentistry is today, we are dedicated to making it even better. Our people have a passion for innovation and are committed to applying it to improve dental care. We live and breathe high performance, working as one global team, bringing out the best in each other for the benefit of dental patients, and the professionals who serve them. If you want to grow and develop as a part of a team that is shaping an industry, then we’re looking for the best to join us.. Working At Dentsply Sirona You Are Able To. Develop faster with our commitment to the best professional development.. Perform better as part of a high-performance, empowering culture.. Shape an industry with a market leader that continues to drive innovation.. Make a difference -by helping improve oral health worldwide.. Scope. The Senior Security Analyst is responsible for maintaining security systems, implementing process automation, and responding to security incidents. They must have a thorough understanding of both cloud-based and on-prem environments and threats. They serve as an escalation point for incident response and the support of security toolsets. They must be capable of working on multiple projects and alerts with general supervision.. Key Responsibilities. Administer, monitor, and maintain cloud-based and on-prem security systems.. Coordinate the implementation and upgrade of security systems.. Administer, monitor, and maintain automated security response tools.. Develop and maintain automated security processes and workflows.. Investigate and remediate security related alerts for both cloud-based and on-prem systems.. Investigate and remediate security policy violations.. Research threat actors, tactics, techniques, procedures, malware, and other IOCs.. Engineer and tune custom alerts for security systems.. Research emerging security technologies and make recommendations to influence security initiatives.. Assist with documentation and training related to security systems.. Act as an escalation point and mentor for junior analysts.. Act as an escalation point and oversee relationship with hosted SOC.. Act as a technical point of contact during security incidents.. Prepare security reports for benchmarking security efficiency.. Collaborate with cross-functional teams to support security initiatives of varying complexity.. Typical Background. Education: BS/BA Degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience. Certifications/Licensing: COMPTIA Security+, CEH, CISSP, GIAC Security Essentials, CCNA Security, Google Professional Cloud Security Engineer. Years and Type of Experience: 6+ years of experience in Information Systems with at least 2 years of formal experience in Cyber Security.. Excellent English written and spoken communication skills with the ability to explain technical information to non-technical people.. Key Required Skills, Knowledge And Capabilities. Experience with the Microsoft Suite of Security Tools.. Experience with configuration and management of security solutions for Google Cloud, Microsoft Azure, and/or Amazon Web Services.. Experience with configuration and management of endpoint security solutions including EDR and DLP.. Experience with process and security automation.. Experience with SIEM configuration, alert tuning, and KQL.. Experience with configuration and management of Office 365 services and security solutions.. Experience with incident response.. Must have excellent technical writing and research skills.. Experience with Microsoft Windows, Linux, and macOS.. Willing to work non-standard hours and be on-call.. Team player.. Ability to work with ambiguity.. Resilience to change.. Communication skills.. Integrity.. Open minded, respectful, empathetic ability to work in a multicultural environment.. Analytical thinking, problem solving.. DentsplySirona is an Equal Opportunity/ Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, sexual orientation, disability, or protected Veteran status. We appreciate your interest in DentsplySirona.. If you need assistance with completing the online application due to a disability, please send an accommodation request to careers@dentsplysirona.com. Please be sure to include “Accommodation Request” in the subject.. Show more Show less

Design, implement, and manage enterprise perimeter security solutions including firewalls, proxies, and load balancers, Configure, deploy, and troubleshoot next-generation firewalls (NGFWs) from Palo Alto Networks, Cisco ASA/FTD, and Fortinet (FortiGate), Design secure network architectures involving layer 4-7 load balancers (e-g , F5, Citrix ADC), Manage and optimize proxy servers and secure web gateways (e-g , Blue Coat, Zscaler, or equivalent), Perform packet capture and deep packet inspection (DPI) using tools such as Wireshark, tcpdump, or TShark for incident investigation and traffic analysis, Integrate firewall logs and alerts into SIEM platforms (e-g , Splunk, QRadar, LogRhythm) to support real-time monitoring, correlation, and incident response, Implement and maintain SASE solutions, integrating cloud-delivered security with network connectivity, Document configurations, playbooks, and operational procedures; contribute to security architecture standards, Participate in firewall rule audits, risk assessments, and vulnerability mitigation activities, Stay updated on the latest threats, vulnerabilities, and compliance requirements (PCI-DSS, HIPAA, NIST, etc ), , 10+ years of hands-on experience in perimeter/network security engineering or a similar role, Strong experience with at least two of the following firewall platforms: Palo Alto Networks (PanOS) Cisco ASA / Firepower Threat Defense (FTD) Fortinet FortiGate Proficiency in proxy technologies (e-g , Zscaler, Blue Coat, Squid), Working knowledge of load balancing technologies (e-g , F5 BIG-IP, Citrix ADC), Expertise in network protocols (TCP/IP, BGP, DNS, SSL/TLS) and packet capture analysis, Experience integrating security events into SIEM systems (Splunk, QRadar, etc ), Familiarity with cloud-based security and SASE frameworks (e-g , Zscaler, Netskope, Prisma Access), Solid understanding of firewall rulebase optimization, NAT, VPNs, and threat prevention mechanisms,

Warm Greetings from SP Staffing!! Role :SOC Analyst Experience Required :3 to 8 yrs Work Location :Bangalore Required Skills, Security operations SOC1, SOC2 , FFIEC , GDPR Interested candidates can send resumes to nandhini.spstaffing@gmail.com

Key Responsibilities: Threat Assessment: Identifying potential security risks and vulnerabilities in the client's surroundings. Security Planning: Developing and implementing security strategies and routes to minimize threats. Close Protection: Providing physical protection to the client, both in public and private settings. Escorting and Transportation: Ensuring safe transportation of the client and coordinating logistics. Surveillance and Monitoring: Observing the client's environment for suspicious activity and responding to potential threats. Communication and Coordination: Maintaining clear communication with other security personnel and emergency services. Conflict Resolution: Managing potentially volatile situations and de-escalating conflicts. Emergency Response: Responding effectively to security breaches or emergencies, including evacuating the client when necessary. Confidentiality: Maintaining the client's privacy and discretion. Background Checks: Conducting background checks on employees, staff, and vendors who may interact with the client. Essential Skills: Security Expertise: Strong knowledge of security protocols, risk assessment, and defensive tactics. Physical Fitness: Ability to handle physical challenges and react quickly to threats. Situational Awareness: Excellent observational skills and the ability to remain alert in dynamic environments. Communication Skills: Effective verbal and non-verbal communication, both with the client and other security personnel. Problem-Solving Skills: Ability to analyze situations, identify solutions, and make quick decisions. Professionalism and Discretion: Maintaining a professional demeanor, adhering to strict confidentiality, and respecting the client's privacy. Adaptability: Ability to adjust to changing situations and environments

____________________________________________________________________________ - PLEASE SAVE WHATSAPP # 9315248639 - Nishant/Shreedevi is your POC from RexOreo Pvt Ltd. -Queries : All emails will come from id : team@rexoreo.com , so please keep an eye. _____________________________________________________________________________ Top Selection & Auto Elimination Criteria: Only Delhi NCR Candidates Need to apply as we need Only Immediate joiners (0-30 days) Rotational Shift Cab facility : Yes only late night pick or drop(1 side only for Gurgaon Employees) Location : Gurgaon Mode : 5 days work from Office only (NO Work from home) Relevant experience range 9+ Position : L3 SOC Analyst Experience : 9-14 years Only Current L2/L2+ (more than 2 years) or L3 candidates need to apply Experience in QRadar is mandatory Total Open Positions (as of 16-June 5.30pm) : 5 EMAIL @ team@rexoreo,com : A VOICE NOTE WHY YOU ARE FIT FOR THIS ROLE ___________________________________________________________________________ Position Description: The SOC Level 3 Analyst is a senior-level cybersecurity professional responsible for leading advanced threat detection, response, and mitigation activities within the Security Operations Center. This role acts as the final escalation point for complex security incidents and plays a crucial role in enhancing security monitoring, incident response procedures, and overall threat defense capabilities. The L3 Analyst collaborates with security engineers, incident response teams, threat intelligence analysts, and IT stakeholders to identify, investigate, and remediate security threats in real-time. Role and responsibilities: 1. Incident Response and Escalation Lead and coordinate end-to-end response for critical and high-severity security incidents. Perform advanced investigation and forensics on compromised systems, including log correlation, packet analysis, and endpoint review. Serve as a primary escalation point for SOC Tier 1 and Tier 2 analysts. Conduct root cause analysis and provide detailed incident reports with lessons learned and mitigation steps. 2. Threat Detection and Analysis Analyze and triage alerts generated by the SIEM and other security tools. Hunt for threats in the environment using threat intelligence and behavioral indicators (proactive threat hunting). Analyze and reverse-engineer malware, if required, to understand behavior and determine mitigation steps. Correlate threat intelligence feeds with internal data to identify indicators of compromise (IOCs) and advanced persistent threats (APTs). 3. Tooling and Automation Optimize and fine-tune detection rules and SIEM use cases to reduce false positives and enhance detection accuracy. Build automation scripts and workflows to improve efficiency in incident triage, correlation, and response. Collaborate with security engineers to integrate new data sources and tools into the SOC ecosystem. 4. Documentation and Reporting Maintain detailed and accurate documentation of incidents, investigations, and actions taken. Develop and update SOC standard operating procedures (SOPs) and playbooks. Prepare and present technical reports, dashboards, and metrics to senior management and stakeholders. 5. Mentorship and Leadership Mentor and guide SOC L1 and L2 analysts on technical skills and investigative processes. Provide training on new threats, tools, and techniques. Assist in evaluating and improving team workflows, processes, and overall SOC maturity. 6. Collaboration and Stakeholder Engagement Work closely with threat intelligence, vulnerability management, and risk teams to stay ahead of emerging threats. Communicate with IT, DevOps, and business units to coordinate responses and ensure secure configurations. Participate in red/blue team exercises and post-mortem reviews to enhance SOC readiness. Required Experience / Skills: Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black). Hands-on knowledge of packet capture analysis tools (e.g., Wireshark, tcpdump), forensic tools, and malware analysis tools. Familiarity with scripting or automation languages such as Python, PowerShell, or Bash. Deep understanding of networking protocols, OS internals (Windows/Linux), and security best practices. Familiar with frameworks such as MITRE ATT&CK, NIST, and the Cyber Kill Chain. Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 2+ years of Incident response Experience supporting 24x7x365 SOC operations and willing to operate in Shifts including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Expert in security incident response processes Required Certifications: Two of the following certifications are preferred: GIAC-GCIH Global Certified Incident Handler GIAC-GCFE - Global Information Assurance Certification Forensic Examiner GIAC-GCFA - Global Information Assurance Certification Forensic Analyst GIAC-GREM - GIAC Reverse Engineering Malware GIAC-GNFA - GIAC Network Forensic Analyst GIAC-GCTI - GIAC Cyber Threat Intelligence GIAC-GPen GIAC Certified Penetration Tester GIAC-GWAPT GIAC Certified Web Application Penetration Tester CEPT - Certified Expert Penetration Tester (CEPT) CASS - Certified Application Security Specialist (CASS) CWAPT - Certified Penetration Tester (CWAPT) CREA - Certified Reverse Engineering Analyst (CREA) Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support.

The Opportunity "This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering. What Youll Contribute Collaborate with the Cyber Security Team, business stakeholders, IT partners, and clients to manage and reduce cybersecurity risk. Act as a subject matter expert in vulnerability scanning, compliance monitoring, and risk reporting. Operate and optimize tools such as Wiz, Qualys, or similar for vulnerability scanning across cloud and on-prem environments. Validate, triage, and risk-rank vulnerabilities based on severity, exposure, and potential business impact. Drive remediation planning with Product and IT teams, and oversee patch management cycles. Contribute to threat & vulnerability management strategy, policy, and continuous process improvement. Conduct periodic risk assessments and develop mitigation strategies in line with compliance requirements. Monitor the evolving threat landscapeincluding zero-day exploits, vendor patches, EOL systemsand proactively update mitigation plans. Lead initiatives to improve configuration, cloud asset management, vulnerability and patch management practices. Provide documentation, reporting, and cross-functional collaboration support. What Were Seeking Bachelors degree in Computer Science, Information Security, or a related field (or equivalent work experience). 36 years of hands-on experience with cloud security tools such as Wiz, Qualys, or similar vulnerability scanning platforms. Strong understanding of AWS infrastructure and cloud security principles. Working knowledge of operating system and application-level vulnerabilities and how they relate. Familiarity with risk-based vulnerability management and compliance frameworks. CISSP, CISM or equivalent certifications preferred (or willingness to obtain). Ability to multitask, manage complex data sets, and collaborate with diverse teams. Knowledge of scripting languages (e.g., Python, Bash) is a plus. Demonstrated experience in cloud (especially AWS) patch and configuration management. Familiarity with malware behavior, indicators of compromise, and modern threat vectors. Strong documentation, analytical, and communication skills. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Learn more about how you can fulfil your potential at

Security Specialist Brennan. Where true performance thrives. At Brennan, we believe that how technology is delivered is every bit as important as what the technology is. We focus on creating real and relevant value for customers with solutions that fit their specific needs and always reflect their true interests. Its a claim backed by our True Performance System a way of working engineered to get us closer, and deliver better, for our customers and their actual experience of technology. Why join Brennan True performance for our customers starts with a true belief in our people. Its why weve structured our business to help our teams, and their talents, shine bright. It's why weve created a workplace where people of all backgrounds, beliefs and experiences are welcomed and empowered. And its why weve built an organisation where real innovation makes a genuine impact and generates true rewards for our team members. True rewards In addition to competitive remuneration, Brennan offers extensive benefits, including: Training and certification bonuses Culture Awards that recognize excellence Brennan Daredevils – our annual, all-expenses paid trip awarded to our top performers and outstanding contributors Vibrant, fun social activities. An environment that embraces learning and development The Role This is a new role within Brennan, and its primary purpose is to support the current CISO, Security Team, and IT Operations Team in ensuring that Brennan is able to deliver to internal and external stakeholders with a high level of operational efficiency and efficacy, with the required security posture. This role requires a person who brings a security-centric mindset to the team, to ensure that Brennan’s governance, protection and defense, detection and response activities are being executed consistently and in alignment with obligations. Role Responsibilities Governance: Ensuring that scheduled and periodic security hygiene activities are completed on time and to expectations, aligned with ISO27001 and NIST CSF frameworks. Protection & Defense: Ensuring that the suite of security platforms used within Brennan are maintained to design, updated to meet requirements, and delivering on objectives. Detection & Response: Working with Brennan’s own SOC and other monitoring teams to ensure that detections are triaged and handled with the required level of rigour and responsiveness This role requires a strong understanding of a broad range of IT and Security technologies, with the ability to work across teams to achieve desired outcomes. The role includes an element of “hands-on” activities and is well supported by a range of IT and Security teams who also operate the IT and OT systems within Brennan. In order to deliver the right security outcomes for Brennan the role requires an eye for detail, and a desire for continual improvement. It requires excellent written and verbal communication skills in order to build relationships across Brennan, which will enable you to be a trusted source for security advice within the business. Key Competencies and Qualifications required Maintenance and upkeep of key security technologies; Completion of scheduled and ad hoc security related tasks across the Brennan network; Reporting and assessment of security-related metrics and outcomes; Working with IT (including OT and Network Teams) on a day to day basis to ensure agreed and desired outcomes are met; Liaising with security and IT leadership to ensure that the security program is run to design and requirement; Maintaining a relationship with other internal teams to foster an open and transparent relationship; Responding to automatically detected and manually notified alerts, and working those incidents based on documented and understood incident response processes; Providing subject matter expertise to colleagues and projects outside of the immediate role; Participate in sharing knowledge with other Brennan team members including preparing and reviewing documentation for same. Brennan is an equal opportunity employer.

Dear Candidate, We are seeking a Security Operations Engineer to monitor, detect, investigate, and respond to security incidents and threats across systems and networks. Key Responsibilities: Monitor alerts and logs using SIEM tools (Splunk, QRadar, Sentinel). Analyze security incidents, conduct root cause analysis, and coordinate response. Support threat hunting and vulnerability assessments. Maintain and tune security tools (IDS/IPS, endpoint protection, firewalls). Document incident reports and provide remediation recommendations. Required Skills & Qualifications: Experience in a Security Operations Center (SOC) or similar role. Strong knowledge of cybersecurity concepts and incident response. Familiarity with EDR tools (CrowdStrike, Carbon Black) and log analysis. Scripting and automation skills for detection and response tasks. Security certifications such as CEH, CompTIA Security+, or GCIA are beneficial. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Roles and Responsibilities Conduct threat hunting activities to identify potential security threats and vulnerabilities. Analyze malware samples using various tools such as QRadar, Splunk, and ArcSight. Perform incident response duties including handling incidents, conducting root cause analysis, and implementing remediation measures. Monitor security event logs from multiple sources to detect anomalies and potential security breaches. Collaborate with other teams to develop threat intelligence reports and improve overall security posture. Desired Candidate Profile 7-12 years of experience in Security Operations Center (SOC) or related field. Strong understanding of incident response, threat analysis, threat intelligence gathering, log analysis, and security monitoring concepts. Proficiency in tools like QRadar, Splunk, ArcSight for malware analysis and incident response tasks.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : Security Architecture DesignMinimum 15 year(s) of experience is required Educational Qualification : Minimum 15 years of full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and providing guidance on security best practices and standards. Roles & Responsibilities:- Expected to be a SME with deep knowledge and experience.- Should have Influencing and Advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Collaborate with stakeholders to define security requirements and develop security architecture.- Design and implement security solutions to protect the organization's systems and data.- Conduct security assessments and audits to identify vulnerabilities and recommend remediation measures.- Develop and maintain security policies, standards, and procedures.- Provide guidance and support to development teams on secure coding practices.- Stay up-to-date with the latest security trends, threats, and technologies.- Conduct security awareness training for employees to promote a culture of security.- Assist in incident response and investigation activities.- Participate in security incident management and resolution.- Collaborate with external vendors and partners to ensure the security of third-party integrations.- Contribute to the development and improvement of security processes and controls. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls for cloud environments.- Knowledge of identity and access management (IAM) concepts and technologies.- Familiarity with security frameworks and standards such as ISO 27001 and NIST.- Experience with security assessment tools and techniques.- Excellent problem-solving and analytical skills. Additional Information:- The candidate should have a minimum of 15 years of experience in SailPoint IdentityIQ.- This position is based at our Bengaluru office.- A minimum of 15 years of full-time education is required. Qualification Minimum 15 years of full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Job Area: Engineering Group, Engineering Group > Systems Engineering General Summary: In this position you will join the team responsible for the security architecture of Qualcomm Snapdragon processors. The team works at a system level spanning across hardware, software and infrastructure while striving for industry-leading solutions. This team interacts with product management, customers (e.g., OEMs), partners, HW/SW engineering, and Services engineering teams to find the optimal Security solution. Snapdragon processors are utilized in a variety of devices, including mobile phones, laptops, automotive systems, and data centers, each with distinct security needs. These processors are engineered to address most of these requirements, encompassing a wide range of security technologies found in consumer electronics, such as Root of Trust, Integrated Secure Element, Virtualization, and Confidential Compute. Minimum Qualifications 10+ years industry experience in SoC Security encompassing both architecture and design 5+ years industry experience in Compute and/or Data Centre SoC Architecture Demonstrated expertise in Security Technologies (Root of Trust, TEE, Access Control, I/O Security) Proficient in Confidential Compute Architecture (RME, TDX, SEV-SNP, TDISP) Strong understanding of Security Software Architecture for Compute and Data Centers, with a focus on Secure Boot. Skilled in HW/SW threat analysis Strong capabilities in creating and presenting architecture-level documentation. Preferred Qualifications Proficient in isolation-related extensions, including TrustZone, Virtualization, and RME. Extensive knowledge of Server Platform security architecture covering lifecycle/debug management, provisioning, attestation/measurement. Expertise in Applied Cryptography and Protocols. Knowledgeable about Security Certification Processes and (such as OCP) Excellent communication and teamwork skills. Leadership and management experience at the project level Key Responsibilities Establish system security requirements (both hardware and software) for Server SoC focusing on functionality, performance, and security levels. Specify and review the architecture and implementation of System/SoC level security mechanisms. Conduct platform security threat analysis. Perform competitive analysis of security systems and features Explore future and roadmap server security-related technologies. Serve as the technical interface to product management and standards teams. Minimum Qualifications: Bachelors degree in engineering, Computer Science, or related field and 8+ years of Security Engineering or related work experience. ORMasters degree in engineering, Computer Science, or related field and 7+ years of Security Engineering or related work experience.ORPhD in Engineering, Computer Science, or related field and 6+ years of Security Engineering or related work experience. Note References to a particular number of years experience are for indicative purposes only. Applications from candidates with equivalent experience will be considered, provided that the candidate can demonstrate an ability to fulfill the principal duties of the role and possesses the required competencies. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 4+ years of Systems Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 3+ years of Systems Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 2+ years of Systems Engineering or related work experience.

Dear Candidate, We are seeking a Cybersecurity Analyst to detect, investigate, and prevent security threats across digital assets and systems. Key Responsibilities: Monitor and analyze security alerts, logs, and events. Perform threat intelligence, malware analysis, and incident response. Conduct vulnerability assessments and patch management. Support compliance and audit activities (ISO, NIST, GDPR). Educate staff on cybersecurity best practices and awareness. Required Skills & Qualifications: Experience with SIEM tools (Splunk, AlienVault, QRadar). Knowledge of firewalls, IDS/IPS, endpoint protection, and antivirus. Familiarity with scripting for automation and reporting. Strong analytical, investigative, and communication skills. Security certifications preferred (e.g., CompTIA Security+, SOC Analyst, CISSP). Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Hi , We are hiring for the ITES Company for Carbon Black Role. Overview The Carbon Black Specialist is responsible for supporting and managing Carbon Black security products, with experience and certification in one or more Carbon Black solutions. This role involves independently working with customers through virtual platforms like Webex, providing expert training, mentoring, and exceptional customer service. The Carbon Black Cyber Security professional specializes in deploying, managing, and optimizing Carbon Black endpoint security solutions to protect organizations from cyber threats. Their responsibilities include monitoring security alerts, analyzing threats, and responding to incidents to ensure robust endpoint protection. Attention to detail, professionalism, and adaptability are key, with analysis, debugging, and programming in the enterprise security domain. Key Skills : Any Graduate Minimum 2 years of experience working with all Carbon Black products. Deeper knowledge with at least one of the Carbon Black products Familiarity with analysis and debugging skill a plus Programming experience a plus To Apply, WhatsApp 'Hi' @ 9151555419 Follow the Steps Below: >Click on Start option to Apply and fill the details >Select the location as Other ( to get multiple location option ) a) To Apply for above Job Role ( Chennai ) Type : Job Code # 274 Job description: Minimum 2 years of experience working with all Carbon Black products. Deeper knowledge with at least one of the Carbon Black products Certification obtained on the product(s) of expertise Ability and motivation to work with customers independently via Webex Excellent training and mentoring skills Team motivator who currently serves as an example for their team mates Consistently exceeds personal goal expectations Certification in the enterprise security space Good time management skills and ability to multi task Adaptable, professional, courteous, motivated and works well on their own or as a member of a team Excellent Customer Service skills and a demonstrated success exceeding customer expectations Strong communication (verbal and written) and customer handling skills Strong attention to detail and focus on producing quality work products and results Familiarity with analysis and debugging skill a plus Programming experience a plus

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills. Additional Information:Work as part of analysis team that works 24x7 on a rotational shift The candidate should have minimum 2 years of experience This position is based at our Chennai office.Minimum a bachelors or a masters degree in addition to regular 15- year full time educationAdaptability to accept change Qualification 15 years full time education

Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities.