115 Threat Detection Jobs

The role of Data Protection & IAM (Identity and Access Management) Senior Lead involves developing, implementing, and overseeing data security and IAM strategies for the organization's business units. Your responsibilities will include ensuring compliance with regulatory requirements, enforcing security policies, and strengthening access control mechanisms to safeguard sensitive business data. Collaboration with IT, security, risk, compliance, 2LOD, and business stakeholders is crucial to maintaining a strong security posture. Key Responsibilities: - Developing and executing data protection policies, procedures, and standards to protect sensitive business information. - Implementing encryption, tokenization, and data loss prevention (DLP) solutions to secure critical assets. - Ensuring compliance with data privacy regulations like GDPR, CCPA, HIPAA, and industry-specific security frameworks. - Collaborating with business units to classify and manage data based on sensitivity, risk, and business impact. - Leading the design and enforcement of IAM policies, including role-based access control (RBAC) and least privilege principles. - Managing identity lifecycle processes (provisioning, de-provisioning, access reviews) to prevent unauthorized access. - Overseeing authentication mechanisms like multi-factor authentication (MFA) and single sign-on (SSO) to enhance security. - Conducting periodic access audits and ensuring alignment with security best practices. - Assisting in the investigation and resolution of security incidents related to data protection and IAM. - Partnering with cybersecurity teams to enhance threat detection and response capabilities. - Continuously assessing and improving IAM and data protection frameworks to align with evolving business and security needs. - Monitoring and reporting on security metrics, vulnerabilities, and compliance status to leadership. - Having experience working with commercial IAM products for a sizeable enterprise. This role requires a thorough understanding of data protection, IAM principles, and regulatory requirements. Effective communication and collaboration skills are essential for engaging with various stakeholders to ensure a robust security posture.,

About the Role We are seeking a highly skilled Security Analyst (Level 2) to join our MSSP SOC team. The ideal candidate will have expertise in SIEM (Splunk, QRadar), XDR/EDR solutions, and security analysis with hands-on experience in investigating and responding to security alerts. This role requires proficiency in reviewing and analyzing Level 1 alerts, providing detailed recommendations, and engaging with customers for incident handling. The candidate should also have basic SIEM administration knowledge and Python scripting skills for troubleshooting and playbook development. Key Responsibilities Threat Detection & Response: Analyze and investigate security alerts, events, and incidents generated by SIEM, XDR, and EDR solutions. Incident Investigation & Handling: Conduct in-depth security incident investigations, assess impact, and take appropriate actions. Incident Escalation & Communication: Escalate critical incidents to Level 3 analysts or senior security teams while maintaining detailed documentation. Content Management: Develop and fine-tune correlation rules, use cases, and alerts in SIEM/XDR platforms to improve detection accuracy. Malware Analysis: Perform basic malware analysis and forensic investigation to assess threats. Customer Request Handling: Collaborate with customers to address security concerns, provide recommendations, and respond to inquiries. SIEM Administration: Assist in the administration and maintenance of SIEM tools like Splunk or QRadar, ensuring smooth operations. Automation & Playbooks: Utilize Python scripting for automation, troubleshooting, and playbook development to enhance SOC efficiency. Reporting & Documentation: Prepare detailed reports on security incidents, trends, and mitigation strategies. Basic Qualifications B.E/B. Tech degree in computer science, Information Technology, Masters in Cybersecurity 3+ years of experience in a SOC or cybersecurity operations role. Strong knowledge of SIEM tools (Splunk, QRadar) and XDR/EDR solutions. Hands-on experience in threat detection, security monitoring, and incident response. Knowledge of network security, intrusion detection, malware analysis, and forensics. Basic experience in SIEM administration (log ingestion, rule creation, dashboard management). Proficiency in Python scripting for automation and playbook development. Good understanding of MITRE ATT&CK framework, security frameworks (NIST, ISO 27001), and threat intelligence. Strong analytical, problem-solving, and communication skills. Ability to work in a 24x7 SOC environment (if applicable) Preferred Qualifications Certified SOC Analyst (CSA) Certified Incident Handler (GCIH, ECIH) Splunk Certified Admin / QRadar Certified Analyst CompTIA Security+ / CEH / CISSP (preferred but not mandatory

We are seeking an experienced and visionary Head of Cyber Security to lead our global and regional cybersecurity efforts. This senior leadership role will be responsible for defining and executing a comprehensive security strategy that safeguards our digital assets and operations across multiple geographies. Key Responsibilities Develop and implement a robust cybersecurity strategy aligned with global and regional business goals. Lead the design, development, and operation of a world-class Security Operations Center (SOC) . Oversee threat monitoring , incident response , digital forensics , and penetration testing activities. Manage cybersecurity architecture and ensure compliance with international standards, including ISO 27001 , NIST , and GDPR . Architect and implement proprietary threat detection and cyber defense platforms. Serve as the principal cybersecurity advisor to internal stakeholders, clients, regulatory bodies, and strategic partners. Drive cyber readiness, conduct internal risk assessments, and lead employee awareness training programs. Recruit, mentor, and develop high-performing cybersecurity teams and technical staff. Qualifications & Experience 5+ years in a senior cybersecurity leadership role , preferably in critical infrastructure, defense, or government environments. Deep expertise in network security , SIEM , IDS/IPS , incident response , and digital forensics tools and methodologies. Proven experience managing large-scale cyber operations across multiple countries or regions. Strong understanding of global cybersecurity frameworks: ISO 27001 , NIST , GDPR , etc. Excellent leadership, communication, and stakeholder engagement skills. Show more Show less

10+ yrs Exp in cybersecurity Multi-tenant MSSP SOC Analytics rules KQL Playbooks Logic Apps Workbooks Connectors Incident response Detection use cases-MITRE ATT&CK Defender XDR stack PowerShell ISO 27001 SOC 2 /PCI DSS CISSP CISM GIAC (GCIA, GCIH)

Note: By applying to this position you will have an opportunity to share your preferred working location from the following: Hyderabad, Telangana, India; Bengaluru, Karnataka, India Minimum qualifications: Bachelor's degree or equivalent practical experience, 5 years of experience with working in security analysis, network security, intrusion detection system, threat intelligence or threat detection, 2 years of experience as a technical security professional, with digital forensics or systems administration, Experience with executive or customer stakeholder management and communication, Experience with a data motivated approach towards solving information security tests, Preferred qualifications: Master's degree in Computer Science or a related field, Knowledge of defensive security concepts such as adversity tactic and technique, MITRE ATT and CK framework, logging etc Knowledge of networking and internet protocols( e-g , TCP/IP, HTTP, SSL) and analyzing malicious network traffic, Excellent organizational and multitasking skills, About The Job Product Security Engineering (PSE) is the team within the Cloud CISO organization responsible for helping to ensure every product Cloud ships is as secure as it can be and increasing the assurance levels of security in the infrastructure underlying all our products This team also focus on increasing the capabilities of each product team to develop more secure products by design and by default, from patterns, tools and frameworks to increasing the skill level of embedded security leads, In this role, you will be part of the team that is responsible for protecting Google and its users from attacks and abuses originating from Google Cloud Platform You will ensure trust and reputation not only for this product, but also for Google as a brand and company You will work globally and cross-functionally with several internal stakeholders, Google Cloud accelerates every organizations ability to digitally transform its business and industry We deliver enterprise-grade solutions that leverage Googles cutting-edge technology, and tools that help developers build more sustainably Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems, Responsibilities Research new detection techniques to prevent/mitigate abusive activities such as outbound security attacks, botnet, DDoS and other malicious behaviors which violate Google Cloud Platform's (GCP) Terms of Service, Develop fidelity detection to identify malicious activity based on raw network and host level telemetry, Analyze logs, packets to increase accuracy of detections, Hunt for threats/abusers and respond, Google is proud to be an equal opportunity workplace and is an affirmative action employer We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status We also consider qualified applicants regardless of criminal histories, consistent with legal requirements See also Google's EEO Policy and EEO is the Law If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form , Show

Note: By applying to this position you will have an opportunity to share your preferred working location from the following: Hyderabad, Telangana, India; Bengaluru, Karnataka, India Minimum qualifications: Bachelor's degree or equivalent practical experience, 5 years of experience with working in security analysis, network security, intrusion detection system, threat intelligence or threat detection, 2 years of experience as a technical security professional, with digital forensics or systems administration, Experience with executive or customer stakeholder management and communication, Experience with a data motivated approach towards solving information security tests, Preferred qualifications: Master's degree in Computer Science or a related field, Knowledge of defensive security concepts such as adversity tactic and technique, MITRE ATT and CK framework, logging etc Knowledge of networking and internet protocols( e-g , TCP/IP, HTTP, SSL) and analyzing malicious network traffic, Excellent organizational and multitasking skills, About The Job Product Security Engineering (PSE) is the team within the Cloud CISO organization responsible for helping to ensure every product Cloud ships is as secure as it can be and increasing the assurance levels of security in the infrastructure underlying all our products This team also focus on increasing the capabilities of each product team to develop more secure products by design and by default, from patterns, tools and frameworks to increasing the skill level of embedded security leads, In this role, you will be part of the team that is responsible for protecting Google and its users from attacks and abuses originating from Google Cloud Platform You will ensure trust and reputation not only for this product, but also for Google as a brand and company You will work globally and cross-functionally with several internal stakeholders, Google Cloud accelerates every organizations ability to digitally transform its business and industry We deliver enterprise-grade solutions that leverage Googles cutting-edge technology, and tools that help developers build more sustainably Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems, Responsibilities Research new detection techniques to prevent/mitigate abusive activities such as outbound security attacks, botnet, DDoS and other malicious behaviors which violate Google Cloud Platform's (GCP) Terms of Service, Develop fidelity detection to identify malicious activity based on raw network and host level telemetry, Analyze logs, packets to increase accuracy of detections, Hunt for threats/abusers and respond, Google is proud to be an equal opportunity workplace and is an affirmative action employer We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status We also consider qualified applicants regardless of criminal histories, consistent with legal requirements See also Google's EEO Policy and EEO is the Law If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form , Show

SUMMARY Job Title: NET IQ - IAM & PAM Location: Mumbai Experience: 3-8Years Notice Period: Immediate to 60 Days Job Description: We are seeking a skilled Linux Security Engineer with hands-on experience in troubleshooting, vulnerability management, IAM/PAM systems, and automation scripting using PowerShell. The ideal candidate should have a strong understanding of SSL/TLS, risk mitigation, and penetration threat detection on Linux-based environments. Key Responsibilities: Perform Linux server troubleshooting including performance issues, system logs, and hardware/software faults. Conduct vulnerability assessments, manage security patches, and mitigate potential risks across enterprise infrastructure. Manage and configure SSL certificates and ensure secure communication channels. Utilize PowerShell scripting for automation, system configuration, and reporting. Implement and manage IAM/PAM solutions (NetIQ or equivalent) ensuring proper access control and compliance. Monitor and analyze security threats, penetration attempts, and work with SOC/IR teams to mitigate them. Maintain and update security documentation, procedures, and technical diagrams. Collaborate with cross-functional teams including DevOps, IT, and Security to enhance overall system security posture. Required Skills & Experience: Strong hands-on experience with Linux systems administration. Proven ability to troubleshoot Linux-based systems and resolve complex issues. Working knowledge of PowerShell scripting (including variants like "Power shell", "Power.shell", etc.). Familiarity with IAM/PAM tools like NetIQ, CyberArk, or equivalent. Deep understanding of security principles, risk assessment, SSL/TLS, patching, and penetration testing methodologies. Experience in handling security vulnerabilities and threat management. Good understanding of IT security compliance and best practices.

Good experience in SIEM tools, event logging and event analysis and experience in forensic analysis, Packet Analysis tools like Wireshark, TCP Dump etc. SIRT/SIEM/Threat Hunting Background/intel, netwitness, splunk, qRadar, RSA Netwitness, Linux/python understanding/Ethical hiking/programming background added advantage. Good knowledge in enterprise security products like SIEM tools, SOC, Security Incident Management, Threat Intel, Malware analysis, Firewalls, IPS, Web/content Filtering tools, AV, APT Tools, Wireshark, TCP Dump, Encase/Any other Forensic tool kit Very good understanding of security fundamentals and principles, attack techniques, Mitre, TTP, hacking tools etc Having experience of managing team of 24X7 team members across multiple locations. Red/Blue teaming activities Hands on experience on Threat Intel Management/Platform (TIM/TIP) Leveraging knowledge of the Cyber Kill Chain Framework and working familiarity of the MITRE ATT&CK Framework. Location: Noida. Must be willing to work in 24/7 shifts (including night shifts).

As a Cyber Security Analyst at our organization, you will play a crucial role in safeguarding our enterprise systems and networks. With a minimum of 1 year of experience in cybersecurity tools and operations, you will focus on endpoint protection, proxy management, and threat analysis. Your responsibilities will include monitoring, investigating, and responding to security incidents, administering McAfee endpoint security tools, managing web proxy solutions, identifying potential threats using SIEM tools, and collaborating with internal IT teams and external vendors to resolve security issues effectively. You will be required to perform vulnerability assessments, maintain detailed documentation of configurations and incident reports, support audits, and implement remediation plans based on security findings. To excel in this role, you should hold a Bachelor's degree in Computer Science, Information Technology, or a related field, along with hands-on experience with McAfee Endpoint Security suite, Zscaler, and Netskope Cloud Security Platform. Additionally, you should possess a good understanding of firewall rules, threat detection, malware analysis, and data loss prevention, as well as familiarity with security incident management processes and tools like SIEM. Your strong analytical and problem-solving skills, coupled with excellent communication and documentation abilities, will be essential for success in this position. This is a full-time, permanent role based in Navi Mumbai, Maharashtra, and proficiency in English is required. If you have the necessary experience and skills in domains like Proxy-Netskope, we encourage you to apply for this exciting opportunity to contribute to our cybersecurity efforts.,

Role & responsibilities Handling of all cloud security and controls Understanding of major cloud setup, services and offering AWS and Azure Cloud setup and controls Solutioning and provisioning applications in cloud Cloud security controls Cloud functioning Authentication Authorization Access control WAF Integrity of data Loss of data Data storage Continuity of business Compliance with the rules and regulations Cloud computing treats Information workflow and touchpoints validation Data security and controls

As a Cyber Security Engineer, you will collaborate closely with the Engineering Organization, IT, Information Security, Software Engineers, and our DevOps departments. Your team will ensure our back-end and front-end services, cloud infrastructure, DevOps pipelines, data pipelines, software and embedded platforms are secured in the most efficient manner. You will work to develop new systems and procedures to counteract threat vectors that arise within our cloud and embedded environments. The ideal candidate will be a meticulous problem solver who can work under pressure when required and will remain current with the latest attack trends and technologies. Responsibilities include participating in the planning, development, implementation, and management of security measures across various cloud platforms to ensure robust security. Utilizing advanced security tools like Wiz, BurpSuite, Sumologic, and Sonarqube to identify, analyze, validate, and stop vulnerabilities from entering the environment. Performing regular penetration testing and vulnerability assessments. Conducting comprehensive analysis of security data from microservice architectures, content distribution networks, data lakes, serverless functions, and databases. Using SIEM tools to correlate security events and identify anomalies. Participating in incident response efforts, performing root cause analysis, and implementing or suggesting corrective actions to mitigate security breaches. Developing and maintaining incident response playbooks. Assessing and mitigating security risks associated with the supply chain, like open source libraries, ensuring end-to-end security. Identifying and addressing software security flaws and misconfigurations to enhance overall security posture. Performing code reviews and static/dynamic analysis in languages including but not limited to Python, C++, C#, JS, Python, HCL. Developing and implementing custom security solutions, minimizing reliance on paid services. Creating security automation scripts and integrating security tools into CI/CD pipelines. Developing and implementing automated security testing functions to ensure continuous security validation. At GlobalLogic, we prioritize a culture of caring where you'll experience an inclusive culture of acceptance and belonging, with opportunities for continuous learning and development. You'll have the chance to work on interesting and meaningful projects that matter while maintaining balance and flexibility. As a high-trust organization, integrity is key, and we aim to provide a safe, reliable, and ethical global environment for our employees and clients. GlobalLogic, a Hitachi Group Company, is dedicated to digital engineering, collaborating with clients to transform businesses and redefine industries through intelligent products, platforms, and services.,

As a Security Engineer at Pluang based in Gurgaon, you will play a crucial role in enhancing the investment experience for users by ensuring state-of-the-art security and reliability of the platform. Your responsibilities will include collaborating with software engineering teams, defining security requirements, participating in architecture discussions, and maintaining a vulnerability management program to identify security risks across various systems. Your expertise will be utilized in designing and developing automated solutions for security processes, implementing perimeter security measures, application security practices, cloud security controls, and threat detection mechanisms. Additionally, you will support compliance and regulatory requirements, work with third parties to enhance information security governance, and contribute to security projects as necessary. Required qualifications for this role include a minimum of 3 years of experience in Vulnerability Assessment & Penetration Testing for web and mobile applications, as well as infrastructure. You should be familiar with threat detection tools such as EDR and WAF, possess experience with cloud-based microservice architectures, and have conducted application security reviews and code analysis. Collaboration with product managers and software engineering teams to enhance security throughout the software development lifecycle is also essential. Desirable skills for this position include experience in a fast-paced environment, implementing SAST and DAST technologies, and working with Container Security. Pluang offers an attractive compensation package, opportunities for career growth, a healthy work environment, and policies promoting work-life balance and team building. Join Pluang to be part of a team that aims to empower millennials to achieve financial freedom through a diverse range of investment options. With a focus on providing access to financial products in a simple and inclusive manner, Pluang utilizes robust technology to facilitate financial investments with high returns. As an affiliate of PG Berjangka with a trading license from Bappebti, Pluang is committed to making financial markets accessible to individuals from all backgrounds.,

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Network Security Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, while also addressing any emerging security challenges that may arise during the implementation process. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development and maintenance of security policies and procedures.- Evaluate and recommend security technologies and solutions to enhance the security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Security Operations.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with security tools and technologies for threat detection and response.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 2 years of experience in Network Security Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Educational Qualification : 15 years full time education Summary :As an Application Developer, you will design, build, and configure applications to meet business process and application requirements. A typical day involves collaborating with various teams to understand their needs, developing innovative solutions, and ensuring that applications are aligned with business objectives. You will engage in problem-solving activities, participate in team meetings, and contribute to the overall success of projects by leveraging your expertise in application development. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate knowledge sharing sessions to enhance team capabilities.- Monitor project progress and ensure timely delivery of application features. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of application development methodologies.- Experience with security protocols and compliance standards.- Familiarity with incident response and threat detection processes.- Ability to analyze and interpret security logs and alerts. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Educational Qualification : 15 years full time education Summary :As an Application Developer, you will engage in the design, construction, and configuration of applications tailored to fulfill specific business processes and application requirements. Your typical day will involve collaborating with team members to understand project needs, developing innovative solutions, and ensuring that applications are optimized for performance and usability. You will also participate in testing and debugging processes to ensure the applications function as intended, contributing to the overall success of the projects you are involved in. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the documentation of application processes and workflows.- Engage in continuous learning to stay updated with industry trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of application development methodologies.- Experience with security protocols and compliance standards.- Familiarity with incident response and threat detection techniques.- Ability to analyze and interpret security logs and alerts. Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security architecture.- Evaluate and recommend new security technologies to improve the existing framework. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Strong understanding of cloud security principles and practices.- Experience with risk assessment and management methodologies.- Knowledge of compliance frameworks such as ISO 27001, NIST, or CIS.- Familiarity with security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Architecture Design.- This position is based in Mumbai.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard information and assets. Professional & Technical Skills: - Must To Have Skills: Proficiency in Accenture MxDR Ops Security Threat Analysis.- Strong understanding of threat detection and incident response.- Experience with security information and event management tools.- Knowledge of network security protocols and best practices.- Familiarity with compliance standards and regulations related to cybersecurity. Additional Information:- The candidate should have minimum 2 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security threat hunting initiatives- Develop and implement threat detection strategies- Conduct security assessments and audits Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting- Strong understanding of threat intelligence analysis- Experience with security incident response- Knowledge of cloud security best practices- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Threat Hunting- This position is based at our Gurugram office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities:- SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization.- Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows.- Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools.- Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization.- Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations.- Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: - Proficiency in scripting and programming Python to develop custom playbooks and integrations.- Strong understanding of security operations, incident response, and threat intelligence workflows.- Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools.- Ability to troubleshoot complex integration and automation issues effectively. Additional Information:- Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent.- Experience with cloud-native SOAR deployments and hybrid environments.- Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001.- A 15 year full-time education is required- 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide guidance on implementing effective security measures across the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security practices.- Evaluate emerging security technologies and recommend improvements to existing frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Knowledge of compliance standards such as ISO 27001, NIST, and GDPR.- Familiarity with security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Architecture Design.- This position is based in Chennai.- A 15 years full time education is required. Qualification 15 years full time education

As Manager / Senior Manager Cloud Security at our company, you will play a crucial role in leading the implementation, monitoring, and enhancement of security architecture and controls across Mobileum's hybrid cloud environments. We are looking for a proactive and hands-on individual who can take ownership, drive solutions, and oversee cloud security programs end-to-end while collaborating effectively across teams to maintain a robust security posture. Your core responsibilities will include evaluating, recommending, and implementing key cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), Identity and Access Management (IAM), Cloud Access Security Brokers (CASB), Web Application Firewalls (WAF), cloud encryption and key management services, Security Information and Event Management (SIEM), and DevSecOps security automation tools. Your focus will be on strengthening our hybrid cloud security posture across AWS, Azure, GCP, and on-premises environments. You will ensure the effective implementation and continuous improvement of vulnerability management and patching programs, enforce security hardening standards, assess and enhance cloud security controls, drive DevSecOps initiatives, lead investigations and resolution of security incidents, define and report on security metrics and KPIs, support audits, assist in customer security assessments, and undertake additional Information Security projects as required. In terms of stakeholder and collaboration management, you will work closely with various teams including Cloud Operations, IT, Engineering, Product, Legal, SOC, and Business units to align cloud security initiatives with organizational goals. Clear communication of cloud security risks, strategies, and remediation plans to technical teams, senior management, and other stakeholders will be crucial. Collaboration on risk assessments, mitigation strategies, incident response activities, and integration of cloud security monitoring capabilities with the Security Operations Center (SOC) will also be part of your responsibilities. As a leader, you will provide guidance, mentoring, and leadership to the Cloud Operations security team, drive a culture of security awareness, facilitate knowledge sharing, and encourage cross-team collaboration to enhance cloud security maturity. Your work style should be hands-on, proactive, solution-oriented, and focused on delivering practical security solutions aligned with business needs. Strong decision-making and problem-solving skills, along with the ability to work independently and as part of a team, will be essential. In terms of qualifications, we are looking for candidates with 7-12 years of experience in cloud security, hands-on expertise in hybrid and multi-cloud environments, strong technical knowledge of AWS, Azure, GCP, and on-premises security architectures and controls, proven ability to evaluate and implement cloud security technologies and processes, experience managing cloud security metrics, reporting, and audit readiness, excellent communication and stakeholder management skills, and familiarity with DevSecOps and secure CI/CD practices. If you possess a Bachelors or Masters degree in Computer Science, Cybersecurity, Information Technology, or a related discipline, along with the relevant certifications such as CCSP, AWS Certified Security Specialty, Azure Security Engineer Associate, Google Cloud Professional Cloud Security Engineer, CISSP, CISM, CISA, Certified DevSecOps Professional (CDP), or PMP, you are encouraged to apply for this position based in Gurgaon.,

As a Cyber Security Engineer, you will collaborate closely with the Engineering Organization, IT, Information Security, Software Engineers, and our DevOps departments. Your team will ensure our back-end and front-end services, cloud infrastructure, DevOps pipelines, data pipelines, software and embedded platforms are secured in the most efficient manner. You will work to develop new systems and procedures to counteract threat vectors that arise within our cloud and embedded environments. The ideal candidate will be a meticulous problem solver who can work under pressure when required and will remain current with the latest attack trends and technologies. Other duties to include: Cloud Security Posture Management: Participate in the planning, development, implementation and management of security measures across various cloud platforms to ensure robust security. Threat Detection and Analysis: Utilize advanced security tools like Wiz, BurpSuite, Sumologic, and Sonarqube to identify, analyze, validate, and stop vulnerabilities from entering the environment. Perform regular penetration testing and vulnerability assessments. Data Analysis and Security Monitoring: Conduct comprehensive analysis of security data from microservice architectures, content distribution networks, data lakes, serverless functions, and databases. Use SIEM tools to correlate security events and identify anomalies. Incident Response and Management: Participate in incident response efforts, perform root cause analysis, and implement or suggest corrective actions to mitigate security breaches. Develop and maintain incident response playbooks. Supply Chain Security: Assess and mitigate security risks associated with the supply chain, like open source libraries, ensuring end-to-end security. Software Security Flaws Mitigation: Identify and address software security flaws and misconfigurations to enhance overall security posture. Perform code reviews and static/dynamic analysis. Languages include but not limited to Python, C++, C#, JS, Python, HCL. Security Solutions Development: Develop and implement custom security solutions, minimizing reliance on paid services. Create security automation scripts and integrate security tools into CI/CD pipelines. Automating Security Test Functions: Develop and implement automated security testing functions to ensure continuous security validation. What we offer: Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you'll experience an inclusive culture of acceptance and belonging, where you'll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. Learning and development. We are committed to your continuous learning and development. You'll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally. Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you'll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what's possible and bring new solutions to market. In the process, you'll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today. Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way! High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you're placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.,

Vaibhav Global Ltd (VGL) is a well-established electronic deep discount retailer of fashion jewelry, gemstones, and lifestyle products, with operations in the US, UK, Germany, and Canada. The company, listed on Indian stock exchanges since 1996-97, has a wide reach across 124 million households in key markets. As the digital retail landscape evolves, VGL continues to innovate its portfolio and omni-channel strategy to meet customer demands for convenience. With a group turnover of approximately Rs. 3,041 Crore (FY 2023-2024) and a global workforce of over 3800 employees, VGL is dedicated to sustainable business practices and social responsibility. The company's commitment to environmental sustainability is reflected in its renewable energy initiatives and accolades such as the Excellence Award for IGBC Performance Challenge 2021. Through initiatives like "Your Purchase Feeds.", VGL has provided millions of meals to school children, showcasing its dedication to giving back to the community. VGL is also recognized as a Great Place to Work (GPTW) certified organization. Shop LC and TJC are key subsidiaries of VGL, operating in the US and UK markets respectively. Shop LC, established in 2007 in Austin, TX, broadcasts live to millions of homes in the US and ships thousands of products daily. TJC, founded in London in 2006, is a prominent teleshopping and digital retail brand in the UK. The acquisitions of Mindful Souls B.V. and Ideal World have further strengthened VGL's digital business capabilities and product offerings. As a Security Specialist at VGL, your role is crucial in maintaining the security of the company's digital systems. Responsibilities include setting up and managing firewalls, monitoring network activity, responding to security incidents promptly, and collaborating with other teams on technical tools. You will also support compliance efforts, document security procedures, and evaluate and implement new security tools as needed. Key Responsibilities: - Install and manage firewalls and WAF tools - Set up and maintain Azure networking - Monitor logs, detect threats, and resolve incidents - Implement security tools in Azure cloud environments - Collaborate with DevOps on security for CI/CD pipelines - Support audits and compliance requirements - Write SOPs, runbooks, and incident support documentation Required Skills And Experience: - 4-7 years of experience in network and cloud security - Strong knowledge of NGFWs, WAFs, and Azure cloud security tools - Familiarity with SIEM platforms and packet capture tools - Understanding of VPNs, TCP/IP, and application security - Excellent problem-solving and communication skills At VGL, our purpose is to deliver joy, our vision is to be the Value Leader in Electronic Retailing of Jewelry and Lifestyle Products, and our core values include teamwork, honesty, commitment, passion, and a positive attitude. Join us in our mission to deliver one million meals per day to children in need by FY40 through our one-for-one meal program, "Your Purchase Feeds.".,

Shift : 9x5 Job Description for Threat Hunter/TIP admin Skillset Must : Network forensic (Packet Capture andRe-Construction Capability), Knowledge on Threat Intelligence Platform (TIP)/Anti APT/ EDR Certified with any threat hunting certification,or equivalent . Responsible for conducting all threat-huntingactivities necessary for identifying the threats including zero day. Hunt for security threats, identify threat actorgroups and their techniques, tools and processes. Strong knowledge of APT lifecycle, tactics,techniques, and procedures (TTPs). Familiarity with MITRE ATT&CK framework andmapping threats to techniques. Provide expert analytic investigative support toL1 and L2 analysts for complex security incidents. Proficiency in malware behavior analysis andsandboxing. Perform analysis of security incidents forfurther enhancement of rules, reports, AI/ML models. Perform analysis of network packet captures,DNS, proxy, NetFlow, malware, host-based security and application logs, as wellas logs from various types of security sensors uncovering the unknown aboutinternet threats and threat actors. Analyse logs, alerts, suspicious malwaressamples from all the SOC tools, other security tools deployed such asAnti-Virus, Anti APT solutions, EDR, IPS/IDS, Firewalls, Proxies, ActiveDirectory, Vulnerability assessment tools etc. Using knowledge of the current threat landscape,threat actor techniques, and the internal network, analyze log data to detectactive threats within the network. Build, document and maintain a comprehensivemodel of relevant threats to customer. Proactively identify potential threat vectorsand work with team to improve prevention and detection methods. Identify and propose automated alerts for newand previously unknown threats. Incident Response for identified threats. Strong knowledgeof APT lifecycle, tactics, techniques, and procedures (TTPs). Hands-onexperience with Trellix (formerly McAfee) APT solutions, EDR, and ThreatIntelligence. Proficiency inmalware behavior analysis and sandboxing. Familiarity withMITRE ATT&CK framework and mapping threats to techniques. Experience withsecurity monitoring tools such as SIEM, SOAR, EDR, and Threat IntelligencePlatforms (TIPs). Solidunderstanding of network protocols, endpoint protection, and intrusiondetection systems. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 6+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certification : CSA/CEH

We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment, configuration, and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations. The ideal candidate will play a critical role in enhancing security monitoring, investigating incidents, and ensuring seamless SIEM operations. This role requires a blend of expertise in QRadar deployment, incident handling, and forensic analysis to improve the organization’s security posture, Plan, design, and deploy QRadar SIEM environments including Incident forensic, ensuring proper integration with network devices, servers, and applications Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Develop and maintain documentation, including deployment guides, SOPs. Generate forensic reports and compliance dashboards for internal stakeholders and external audits. Proactively identify gaps in threat detection capabilities and recommend enhancements. Implement updates, patches, and upgrades to maintain system reliability and performance. Optimize architecture and storage allocation to ensure scalability and efficiency. Hands-on experience with QRadar architecture, deployment, and administration. Strong knowledge in Linux, unix, redhat OS. Strong knowledge in TCP/IP & networking. Proven track record in incident handling, forensic investigations, and log analysis. Expertise in QRadar features such as AQL queries, rule creation, offense management, and dashboards. Proficiency in forensic tools and methodologies for log analysis and evidence gathering Preferred technical and professional experience Support threat hunting activities by leveraging anomaly detection and root cause analysis. Research and implement emerging QRadar features, integrations, and third-party tools to enhance functionality. Perform daily health checks, ensure system availability, and resolve performance bottlenecks. Use the tools in IBM QRadar Incident Forensics in specific scenarios in the different types of investigations, such as network security, insider analysis, fraud and abuse, and evidence-gathering. Investigate security incidents by analyzing logs, offenses, and related data within QRadar. Manage and troubleshoot log ingestion, data flow, and parsing issues across multiple data sources. Extract and analyze digital evidence to support forensic investigations and incident response. Reconstruct attack scenarios and provide root cause analysis for post-incident reviews