154 Threat Analysis Jobs - Page 5

Job Description: At least 10 years of experience in Information Security operations & management with hand on experience in large security operations center using IBM QRadar/Splunk/ArcSight or similar SIEM tool. Manage network, endpoints and forensics initiatives, malware triage and cyber security incident response Managing Cyber Security Services engagements and engagement teams Recognizing common attacker tools, tactics, and procedures Providing oversight for on-site examinations and collections and technology advisory services to enhance forensic client engagements Researching and developing new digital forensics scripts, tools, and methodologies Assessing and troubleshooting a variety of technical issues and support a cyber response lab on our clients SIEM tool and UEBA platform Assist in conducting peer reviews and providing quality assurance reviews for junior personnel and will support the mentoring of junior incident managers and provide guidance to others on incident management prioritization, triage and report writing in support of onsite engagements. Guiding the team to Monitor, identify and investigate the security alerts and perform incident response activities related to cybersecurity incidents Creates new trouble tickets for alerts that signal an incident and require Tier 2 / Incident Response review Respond to cybersecurity incidents, conduct threat analysis as directed and address detected incidents for resolution Should be able do multitasking to coordinate incident with Sr analyst and escalation manager Recommend enhancements to SOC security process, Operations efficiencies. Create Incident response (IR) plan, IR play books, manage all incidents and crisis situations. Log Analysis, handle, resolve security incidents. Collaborate with respective tracks/technical team for remediation of the incident. Periodical review of incident response plan and procedures. Recommend and document specific countermeasures and mitigating controls Develop comprehensive and accurate reports and presentations for both technical and executive audiences Preferred Skills: Strong knowledge of cyber-attacks and techniques, Cyber Kill chain, incident management best practices. A high-level understanding of multi-tiered applications and various network and security devices/protocols Knowledge of various operating system flavour including but not limited to Windows, Linux, Unix Proficient in preparation of reports and documentation. Knowledge of Cyber-criminal techniques, Compliance, and regulatory standards. Excellent verbal and written communication skills.

Job Description: Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps.

As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources.

SOC Analyst 5+ Years of exp in SOC, and should have exp with Azure/AWS cloud. Exp in Remediation and "Defender for Cloud " is a must. About the role As a SOC Analyst L3, you will play a critical role in strengthening our organization's security posture through proactive threat detection and response. You will monitor system and network activity for any dangers or weaknesses and delve into the details of potential security incidents. Along the way, you will get to: Incident Analysis: Analyze security notifications to identify potential security issues and evaluate their impact and severity. Incident Response: Oversee the response to verified security incidents, including containment measures and investigation. Threat and Vulnerability Analysis: Investigate, document, and report on information security issues and emerging trends. Adjust Security Tools and Processes: Fine-tune security tools and processes to improve the organization's overall security posture. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. What were looking for Technical Proficiency: In-depth knowledge of security protocols, techniques, and technologies. Analytical Skills: Ability to analyze system performance and troubleshoot complex security issues. Communication: Effective communication skills to interact with team members and stakeholders. What you can expect Were legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another locationeven an international destination—for up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Today's talent leads tomorrow's success. Learn more about Insight: https://www.linkedin.com/company/insight/

Job Title Cybersecurity Lead Incident Management Network Security Signature Writing Job Summary The Cybersecurity Lead will manage the Incident Management Network Security Signature Writing team This role involves overseeing incident response and signature development direct stakeholder management team management and project management The ideal candidate will have a strong background in cybersecurity incident response and network security with excellent communication and leadership skills Key Responsibilities Incident Monitoring and Response Monitor security alerts and incidents respond promptly and escalate as needed Threat Analysis and Detection Investigate security incidents develop detection rules and signatures Signature Development Create signatures for vulnerabilities and perform vulnerability hunting Tool Management Deploy configure and manage NDR tools Alert Tuning and Optimization Optimize alerts to reduce false positives Reporting and Documentation Document and report on security incidents Research and Development Stay updated with cybersecurity trends and improve detection capabilities Stakeholder Management Engage with stakeholders and manage escalated issues Team Management Lead and support the team Project Management Oversee projects related to incident response and signature development Preferred Skills Experience with Microsoft Defender or similar endpoint protection solutions Strong understanding of endpoint and network security threat detection and response Proficiency with SIEM platforms and scripting languages Knowledge of network protocols firewall rules and intrusion detection prevention systems Familiarity with advanced persistent threats threat hunting and incident response frameworks Understanding of IPSIDS signatures and Rapid7 recog signatures Good to have malware and threat analysis and CVE hunting This role operates within a 24x7x365 environment requiring flexibility for shifts holidays and on call responsibilities.

Role & responsibilities Cyber Threat Intelligence Operating System-Understanding of how different system work, especially windows, Linux, MacOS. Programming Languages: Java, Python (Basic Understanding needed) Malware Analysis Techniques: Static & Dynamic analysis, code analysis, behavioral analysis, forensic analysis. Malware Analysis Tools: Need to have proficiency in using various malware analysis tools Static Analysis- CFF Explorer, PEiD, PEStudio, Stings, FLoss, ExeInfo PE, SSDEEP Dynamic Analysis Tools: Process Monitor, Process, Process Hacker, Sysmon, Autoruns, Regshot Reverse Engineering Tools: IDA Pro, Ghidra Analyzing Suspicious Files / Sandboxing by using :Virus Total, Hybrid Analysis , Cuckoo , Any.run , Intezer, Joe Sandbox Network Tool: Wireshark, InetSim. Malware Mitigation strategies: Have knowledge of various malware mitigation strategies such as preventation, detection removal , recovery and response. Good understanding on MITRE framework(TTP, IOC ,Threat Actor). Cyber kill chain, Dark web Analysis Should be able to setup the malware analysis lab with minimum support Threat Analysis- Analyze threat data from various sources to identify trends, tactics, techniques, and procedures (TTPs) used by cyber adversaries. Incident Response: Collaborate with the incident response team to provide intelligence support during security incidents. Reporting: Prepare and present intelligence reports to stakeholders, highlighting significant threats and recommended actions. Research: Conduct research on emerging threats, vulnerabilities, and security trends to inform strategic decisions. Collaboration: Work with internal teams and external partners to share intelligence and improve threat detection capabilities. Tool Utilization: Use threat intelligence platforms and tools to gather, analyze, and disseminate threat information-MISP, Threat Connect, Cyble , Anomali Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or GIAC Cyber Threat Intelligence (GCTI) are preferred. Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL-210438

Job Title: Senior Security Analyst Threat Hunting & Incident Response Location: Bangalore (Rotational Shifts) Mode of work- 5 days WFO Experience: 8+ Years Job Type: Full-time Job Description: We are looking for a highly skilled and experienced Senior Security Analyst to join our client's Cybersecurity team. This role involves leading incident response activities, performing proactive threat hunting, and enhancing our overall security posture through innovative detection strategies and forensic investigations. Key Responsibilities: Lead end-to-end security incident response, including analysis, containment, mitigation, and reporting. Design and implement detective controls for emerging threats and vulnerabilities. Perform proactive threat hunting across multiple platforms and environments. Continuously enhance SIEM/SOAR/XDR alert use cases and threat detection capabilities. Research emerging threats, vulnerabilities, and attack techniques to improve defenses. Participate in a 24/7 on-call rotation to support incident response and critical investigations. Document incident response activities and produce detailed reports for stakeholders. Conduct post-incident reviews to drive improvements in tools, processes, and readiness. Collaborate across teams to improve the organization’s threat detection and response maturity. Required Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or related field. Minimum 8 years of experience in Security Operations, Incident Response, or Threat Detection. Strong experience with threat hunting methodologies and frameworks. Hands-on expertise with tools such as SIEM, SOAR, XDR (e.g., Cortex XSIAM, Torq). Working knowledge of MITRE ATT&CK , NIST frameworks, and cyber kill chain concepts. Preferred Skills & Experience: Strong understanding of network and endpoint security, defense-in-depth, and current threat trends. Experience with cloud security (AWS, Azure, GCP) and public cloud defense techniques . Exposure to Endpoint Detection & Response (EDR) tools, forensic analysis, and log correlation. Proficiency in scripting languages (e.g., Python, PowerShell ) for automation and analysis. Relevant certifications such as CISSP, GIAC (GCIA, GCIH, GCFA), CEH are a plus. Strong analytical mindset with the ability to assess risk and prioritize response. Excellent written and verbal communication skills.

Responsibilities: Monitor systems, respond to incidents. Collaborate with teams on threat management strategies. Manage access control & encryption. Maintain compliance standards. Conduct regular security assessments. Office cab/shuttle Food allowance Health insurance Provident fund

Title: Security Analyst (SOC & EDR) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Who We Are: Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and knowledgeable Security Analyst to join our Information Security Operations (SecOps) team . This role will focus on SOC monitoring and Endpoint Detection and Response (EDR) using SentinelOne . The ideal candidate should have solid experience in threat monitoring, incident response, and SentinelOne tool handling. Key Responsibilities: Monitor and respond to SOC alerts and security incidents in real time. Analyze logs and alerts from SIEM and SentinelOne EDR platforms. Perform incident triage , escalation, and coordination with internal teams. Troubleshoot SentinelOne-related issues , including error resolution, agent communication, and performance problems. Understand and manage SentinelOne policies , ensure proper deployment, and make necessary adjustments for better coverage. Quickly identify the root cause of issues related to endpoint protection and take corrective actions. Coordinate with the IT team for issue resolution and endpoint remediation. Collaborate with teams to reduce false positives and improve alert accuracy. Maintain incident documentation , reports, and operational dashboards. Support in threat hunting , vulnerability detection, and other BAU (Business As Usual) security tasks. Required Skills & Qualification: Bachelors/Masters Degree in Computer Science, Information Systems, Engineering. 24 years of experience in SOC operations and endpoint security monitoring. Hands-on experience with SentinelOne EDR , including troubleshooting and policy management. Good knowledge of cybersecurity threats, incident response processes, and log analysis. Ability to investigate and resolve SentinelOne alerts and agent-related errors effectively. Experience working with SIEM tools (like Splunk, Qradar, etc.). Strong understanding of false positive tuning and threat detection improvement. Basic scripting knowledge (PowerShell, Python) is a plus. Good communication and analytical skills. Preferred Skills & Qualifications: CEH , CompTIA Security+ , or any other relevant security certification. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

Client Server Tech is looking for System Security / Engineer to join our dynamic team and embark on a rewarding career journey. Develop and implement system security strategies and solutions. Monitor and analyze security incidents and threats. Conduct incident response and investigation. Collaborate with cross-functional teams on security projects. Ensure compliance with security standards and regulations. Provide training and support on security best practices.

Certbar Security is looking for Junior SOC Analyst to join our dynamic team and embark on a rewarding career journey. Monitor and analyze security events and incidents, identifying and investigating potential threats Maintain the security of our network and systems by implementing security controls and best practices Work closely with the rest of the security team to ensure that our systems and networks are secure and compliant with industry standards Maintain accurate documentation and reports on security events and incidents Communicate effectively with team members and other stakeholders to ensure that security issues are addressed in a timely and effective manner Stay up to date with the latest security technologies and threats

locationsBangalore, Indiaposted onPosted 10 Days Ago job requisition id30684 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity "This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering. What Youll Contribute Detect, identify, and analyze vulnerabilities across FICO environment. Assess the risk of vulnerabilities detected to determine true impact. Support stakeholders as a SME to understand technical details of vulnerabilities and steps to carry out remediation. Coordinate with stakeholders to track issues remediation until closure. Act as a SME for new projects in terms of vulnerability management lifecycle. Manage, maintain, and tune tools used to support the VM process. Update yourself with the latest security and technology developments. What Were Seeking Experience in a similar role such as vulnerability management specialist. Experience with Qualys or other security vulnerability detection technology required. Demonstrates subject-matter expert level understanding in multiple IT, Security and Software disciplines. Ability to understand the cause and effect of application vulnerabilities with Operating System Vulnerabilities. Must be able to multi-task and keep track of large amounts of information across disparate systems. Ability to keep making progress and define future strategy/policy with regards to Enterprise. Adherent to continuous monitoring and continuous improvement thought process. Demonstrated technical IT skills, ability to understand and manage different OS flavors, network technologies and topologies. Demonstrated technical security expertise in a variety of cloud platforms (AWS is preferred). Comfortable interfacing with other internal or external organizations regarding problems that must be addressed to enhance security posture. Ability to effectively translate and present solutions in business or management terms. Ability to work effectively in a team environment. Knowledge of Python scripting or other languages is nice to have. Moderate documentation and analytical skills; documenting processes, policies, and standards. Moderate ability to provide end-to-end support to enterprise counterparts, identifying root- cause of complex enterprise initiatives. Moderate trouble shooting skills across complex enterprise applications, server, and endpoint environments. Moderate ability to learn onboard and adapt to new technologies. Basic privileged access management/right management experience, designing solutions based on least privilege. Basic knowledge of malware operation, indicators or threat. Moderate knowledge of current threat landscape Entry Cybersecurity certifications, such as CompTIA Security +, GIAC Security Fundamentals, GIAC Security Essentials, ISC2 Associate, ISACA Cybersecurity Fundamentals are nice to have. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

About Position: We at Persistent are looking for a Threat Hunter with experience in Threat Hunting, Malware Analysis. Role: Threat Hunter Location: Pune Experience: 5 to 10 years Job Type: Full Time Employment What You'll Do: 3+ years in threat hunting Job Summary: We are seeking a proactive and analytical Threat Hunter to join our cybersecurity team. The ideal candidate will be responsible for identifying, investigating, and mitigating advanced threats that evade traditional security defenses. Analyzing and reviewing and validating the logs from the log sources. Suggesting user case fine tuning, new use case creation. Troubleshooting SIEM issues related to log sources. Collaborating with other members of the SOC team, as well as internal and external stakeholders, to resolve complex security incidents. Keeping up to date with the latest cybersecurity threats, trends, and technologies to improve the efficiency and effectiveness of incident response. As a Threat Hunter, you will leverage threat intelligence, analytics, and internal telemetry to detect signs of compromise and anomalous behavior across the enterprise environment. Key Responsibilities: Proactively hunt for unknown threats in the environment using a hypothesis-driven approach Analyze large volumes of logs, telemetry, and data from EDR, SIEM, network traffic, and other sources Develop and refine detection logic to identify stealthy and novel threats. Expertise You'll Bring: Strong understanding of cyber kill chain, MITRE ATT&CK, and threat actor behavior Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel) Familiarity with EDR solutions (e.g., CrowdStrike, Carbon Black, Cisco Amp Microsoft Defender) Scripting skills in Python, PowerShell, or similar languages Benefits: Competitive salary and benefits package Culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications Opportunity to work with cutting-edge technologies Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards Annual health check-ups Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents Inclusive Environment: Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds. We offer hybrid work options and flexible working hours to accommodate various needs and preferences. Our office is equipped with accessible facilities, including adjustable workstations, ergonomic chairs, and assistive technologies to support employees with physical disabilities. If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment. We are committed to creating an inclusive environment where all employees can thrive. Our company fosters a values-driven and people-centric work environment that enables our employees to: Accelerate growth, both professionally and personally Impact the world in powerful, positive ways, using the latest technologies Enjoy collaborative innovation, with diversity and work-life wellbeing at the core Unlock global opportunities to work and learn with the industry's best Let's unleash your full potential at Persistent "Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind."

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : Accenture MxDR Ops Security EngineeringMinimum 3 year(s) of experience is required Educational Qualification : Minimum a bachelors or a masters degree in addition to regular 15- year full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to assess security measures, implementing protective solutions, and ensuring that all systems are safeguarded against potential cyber threats. You will engage in proactive monitoring and analysis of security incidents, contributing to the overall security posture of the organization while staying updated on the latest security trends and technologies. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance organizational security. Professional & Technical Skills: - Must To Have Skills: Proficiency in Accenture MxDR Ops Security Threat Analysis.- Strong understanding of security frameworks and compliance standards.- Experience with incident response and threat hunting methodologies.- Familiarity with security information and event management tools.- Knowledge of network security protocols and best practices. Additional Information:- The candidate should have minimum 3 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Chennai office.- A minimum a bachelors or a masters degree in addition to regular 15-year full time education is required. Qualification Minimum a bachelors or a masters degree in addition to regular 15- year full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain security policies and procedures to ensure compliance with regulatory requirements.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and threat intelligence.- Familiarity with security frameworks such as NIST, ISO 27001, and CIS.- Ability to analyze and interpret security logs and alerts. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : ForgeRock Access Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will also engage in proactive monitoring of security systems to identify potential threats and vulnerabilities, while continuously improving security protocols to safeguard the organizations information and infrastructure. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security audits and assessments to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management.- Good To Have Skills: Experience with identity and access management solutions.- Strong understanding of security protocols and frameworks.- Experience with incident response and threat analysis.- Familiarity with cloud security practices and technologies. Additional Information:- The candidate should have minimum 7.5 years of experience in ForgeRock Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate emerging security technologies and recommend improvements to existing security frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and best practices.- Experience with threat detection and incident response methodologies.- Familiarity with security compliance frameworks and regulations.- Ability to analyze security incidents and develop effective mitigation strategies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be responsible for overseeing the implementation and delivery of Security Services projects. A typical day involves coordinating with various teams to ensure that projects are executed efficiently, utilizing our global delivery capabilities, including methods, tools, training, and assets. You will engage with stakeholders to align project goals and deliverables, ensuring that security measures are effectively integrated into the overall project framework. Your role will also involve problem-solving and providing guidance to your team, fostering a collaborative environment that promotes innovation and excellence in security delivery. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team skills and knowledge in security practices.- Monitor project progress and implement necessary adjustments to meet deadlines and objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Strong understanding of network security protocols and best practices.- Experience with security incident response and threat analysis.- Familiarity with compliance standards and regulatory requirements in security.- Ability to design and implement security architectures tailored to organizational needs. Additional Information:- The candidate should have minimum 5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

The SOC Analyst is responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents using a variety of tools and technologies. This role is critical in protecting the organizations digital assets and ensuring compliance with security policies and standards. Monitor SIEM systems and security tools for suspicious activity. Analyze and respond to security incidents and threats. Stay updated on threat intelligence and attack trends. Review logs from firewalls, IDS/IPS, and antivirus tools. Escalate critical incidents and document findings. Support vulnerability management and remediation tracking. Configure and tune security tools like SIEM and EDR. Ensure compliance with security policies and audits. Collaborate with IT and network teams on investigations. Contribute to process improvements and incident playbooks. Primary Skills SIEM (e.g., Splunk, QRadar, ArcSight) Incident Response Log Analysis Threat Intelligence Secondary Skills Scripting (Python, PowerShell, Bash) Cloud Security (AWS, Azure, GCP) Endpoint Detection and Response (EDR)

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : Microsoft Azure Sentinel, No Function Specialty Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a key player in ensuring the security of the organization's digital assets and infrastructure. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Implement security measures to protect systems, networks, and data. Conduct security assessments and audits to identify vulnerabilities and risks. Develop and implement security policies, procedures, and best practices. Stay updated on the latest security trends, threats, and technologies. Professional & Technical Skills: Must To Have Skills:Proficiency in Splunk Security Information and Event Management (SIEM). Good To Have Skills:Experience with Microsoft Azure Sentinel. Strong understanding of security principles and practices. Knowledge of network security protocols and technologies. Experience in incident response and threat hunting. Ability to analyze and interpret security data for actionable insights. Additional Information: The candidate should have a minimum of 5 years of experience in Splunk Security Information and Event Management (SIEM). This position is based at our Bengaluru office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SailPoint IdentityIQ Good to have skills : Java Enterprise Edition Minimum 3 year(s) of experience is required Educational Qualification : Bachelor or higher degree in related field or equivalent work experience Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work-related problems. Implement security measures to protect computer systems, networks, and data. Conduct regular security assessments and audits to identify vulnerabilities and risks. Develop and implement security policies, protocols, and procedures. Stay updated on the latest security trends, threats, and technologies. Collaborate with cross-functional teams to enhance overall security posture. Professional & Technical Skills: Must To Have Skills:Proficiency in SailPoint IdentityIQ. Good To Have Skills:Experience with Java Enterprise Edition. Strong understanding of identity and access management principles. Knowledge of security frameworks and standards such as ISO 27001 and NIST. Experience in implementing and managing security solutions. Ability to analyze and respond to security incidents effectively. Additional Information: The candidate should have a minimum of 3 years of experience in SailPoint IdentityIQ. This position is based at our Bengaluru office. A Bachelor or higher degree in a related field or equivalent work experience is required. Qualifications Bachelor or higher degree in related field or equivalent work experience

Provide advanced incident response and threat analysis in a Security Operations Center (SOC). Lead investigations, conduct forensics, and manage escalated security incidents to minimize risks and ensure data protection.

Top Selection & Auto Elimination Criteria: Rotational Shift, Only Immediate joiners (0-15 days ), Cab facility : Yes only late night pick or drop(1 side only for Gurgaon Employees) Location : Gurgaon Mode : 5 days work from Office only (NO Work from home) Relevant experience range 9+ Position : L3 SOC Analyst Position Description: The SOC Level 3 Analyst is a senior-level cybersecurity professional responsible for leading advanced threat detection, response, and mitigation activities within the Security Operations Center. This role acts as the final escalation point for complex security incidents and plays a crucial role in enhancing security monitoring, incident response procedures, and overall threat defense capabilities. The L3 Analyst collaborates with security engineers, incident response teams, threat intelligence analysts, and IT stakeholders to identify, investigate, and remediate security threats in real-time. Role and responsibilities: 1. Incident Response and Escalation Lead and coordinate end-to-end response for critical and high-severity security incidents. Perform advanced investigation and forensics on compromised systems, including log correlation, packet analysis, and endpoint review. Serve as a primary escalation point for SOC Tier 1 and Tier 2 analysts. Conduct root cause analysis and provide detailed incident reports with lessons learned and mitigation steps. 2. Threat Detection and Analysis Analyze and triage alerts generated by the SIEM and other security tools. Hunt for threats in the environment using threat intelligence and behavioral indicators (proactive threat hunting). Analyze and reverse-engineer malware, if required, to understand behavior and determine mitigation steps. Correlate threat intelligence feeds with internal data to identify indicators of compromise (IOCs) and advanced persistent threats (APTs). 3. Tooling and Automation Optimize and fine-tune detection rules and SIEM use cases to reduce false positives and enhance detection accuracy. Build automation scripts and workflows to improve efficiency in incident triage, correlation, and response. Collaborate with security engineers to integrate new data sources and tools into the SOC ecosystem. 4. Documentation and Reporting Maintain detailed and accurate documentation of incidents, investigations, and actions taken. Develop and update SOC standard operating procedures (SOPs) and playbooks. Prepare and present technical reports, dashboards, and metrics to senior management and stakeholders. 5. Mentorship and Leadership Mentor and guide SOC L1 and L2 analysts on technical skills and investigative processes. Provide training on new threats, tools, and techniques. Assist in evaluating and improving team workflows, processes, and overall SOC maturity. 6. Collaboration and Stakeholder Engagement Work closely with threat intelligence, vulnerability management, and risk teams to stay ahead of emerging threats. Communicate with IT, DevOps, and business units to coordinate responses and ensure secure configurations. Participate in red/blue team exercises and post-mortem reviews to enhance SOC readiness. Required Experience / Skills: Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black). Hands-on knowledge of packet capture analysis tools (e.g., Wireshark, tcpdump), forensic tools, and malware analysis tools. Familiarity with scripting or automation languages such as Python, PowerShell, or Bash. Deep understanding of networking protocols, OS internals (Windows/Linux), and security best practices. Familiar with frameworks such as MITRE ATT&CK, NIST, and the Cyber Kill Chain. Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 2+ years of Incident response Experience supporting 24x7x365 SOC operations and willing to operate in Shifts including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Expert in security incident response processes Required Certifications: Two of the following certifications are preferred: GIAC-GCIH Global Certified Incident Handler GIAC-GCFE - Global Information Assurance Certification Forensic Examiner GIAC-GCFA - Global Information Assurance Certification Forensic Analyst GIAC-GREM - GIAC Reverse Engineering Malware GIAC-GNFA - GIAC Network Forensic Analyst GIAC-GCTI - GIAC Cyber Threat Intelligence GIAC-GPen GIAC Certified Penetration Tester GIAC-GWAPT GIAC Certified Web Application Penetration Tester CEPT - Certified Expert Penetration Tester (CEPT) CASS - Certified Application Security Specialist (CASS) CWAPT - Certified Penetration Tester (CWAPT) CREA - Certified Reverse Engineering Analyst (CREA) Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support.

Role & responsibilities Security Architecture & Engineering Design and deploy secure network, infrastructure, and Azure cloud architectures using Defender for Cloud, Sentinel, Entra ID, and Purview. Select, integrate, and optimize security tools (SIEM/SOAR, firewalls, EDR, DLP). Embed security into DevOps/CI-CD pipelines via automation (Logic Apps, PowerShell, KQL). Security Operations & Incident Response Configure and tune detection rules and workbooks in Sentinel; build automated playbooks for common incidents. Lead triage, investigation, and root-cause analysis of alerts from Defender and Sentinel. Conduct proactive threat hunting, log review, and vulnerability assessments. Identity & Access Management Implement and manage Conditional Access, MFA, Privileged Identity Management, and RBAC in Entra ID. Enforce least-privilege principles and lifecycle policies across users, groups, and service identities. Governance, Risk & Compliance Maintain alignment with ISO 27001, NIST, CIS, PCI-DSS, and GDPR using Secure Score and Compliance Manager. Develop and enforce security policies, standards, and audit controls. Team Leadership & Collaboration Mentor SOC analysts and engineers, driving continuous improvement and knowledge sharing. Collaborate closely with IT, DevOps, and business units to integrate security into all projects.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Work with asset owners to ensure the timely and efficient collection of computer security events and logs for the purpose of detecting and responding to information security incidents. Roles & Responsibilities:-Lead the implementation and delivery of Security Services projectsMust Have Skills: Proficiency in any Security Information and Event Management (SIEM) Good To Have Skills: Experience with Security Risk AssessmentStrong understanding of security principles and practicesExperience in implementing security solutionsKnowledge of threat detection and incident responseAbility to analyze and interpret security dataEngage with multiple teams and contribute on key decisions Expected to be an SMEVerify custom reports, manage log source groups, and validate log sources with clientMaintain a close partnership with SIEM on feature requests, upgrade planning, and product roadmap alignmentFocus on content creation regarding advanced threat analysis (rules, variables, trending, watch lists, etc.) of incoming data and for self-monitoring of the solution itself.Perform supporting tasks such as system hardening, high availability configurations, and developing backup strategies.Identify and implement Automation opportunities in projectTroubleshoot issues with log sources or systems with vendor, and report system defects as neededIdentify root cause of security incidents.Implement SOC best practices to deliver business outcomes Professional & Technical Skills: Experience in Information Security, Risk Management, Infrastructure Security and ComplianceExperience on SOC OperationExperience in working UBA and Advanced Threat DetectionAny Security device Installations, Configuration, and troubleshooting (e.g., firewall, IDS, etc.) Hands on experience in any SIEM toolMid-level expertise in UNIX, Linux, and Windows Excellent verbal and written communication skillsExcellent time management skills Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM)- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education