242 Threat Detection Jobs

Work Flexibility: Hybrid Lead, Client Security Engineering The Client Engineering Security Engineer will focus on identifying and remediating security gaps, ensuring our systems and infrastructure are secure. This role requires a deep understanding of security best practices, identity and access management, and a proactive approach to threat detection and mitigation. What you will do: Security Management: Develop, implement, and manage security policies, procedures, and practices for Azure, Entra ID, Office 365, and Active Directory. Incident Monitoring: Monitor security incidents and alerts, ensuring timely identification and resolution. Security Assessments: Conduct regular security assessments and audits to identify vulnerabilities and risks. Identity and Access Management: Manage identity solutions, implementing multi-factor authentication (MFA) and role-based access control (RBAC) to enforce least privilege principles. Compliance and Governance: Ensure compliance with industry standards and maintain documentation for security policies and incidents. Collaboration and Support: Work closely with IT, DevOps, and other teams to integrate security into the development and deployment processes. Other Responsibilities: Support team members by providing expertise on complex issues and sharing knowledge on best practices. What you need: 7-10 years of experience in IT, infrastructure engineering/security experience in Office 365, Azure AD/Entra ID, Active Directory Bachelors degree in technology related discipline or equivalent work experience. Certifications in advance for expert level for specific technology platform. Experience designing, implementing, supporting and maintaining enterprise scale IT solutions. Excellent interpersonal, written and verbal, communication skills with ability to present ideas effectively both in-person and remotely. Strong technical, troubleshooting, and problem-solving skills, with a proactive and flexible approach to work in a fast-paced environment. Travel Percentage: 20%

Role Overview: As a Manager, Detection and Response at Synchrony, you will be a part of the Synchrony Joint Security Operations Center (JSOC) and will play a crucial role in cyber detection of information security alerts and assisting in the investigation and reporting of major information security incidents across all business units. Your responsibilities will include operating the detection and response program, handling escalated incidents, and ensuring the security of both traditional on-premise and cloud management plane. You will be expected to have a strong understanding of communication technologies, emerging cloud security practices, and building relationships within the organization. Key Responsibilities: - Respond to security incidents by mitigating and containing impacts, coordinating remediation efforts, and providing recommendations for improvements to senior management. - Utilize security technologies such as Security Incident and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection and Response (EDR), and other tools to proactively detect security threats. - Collaborate with the Cyber Intelligence team to develop threat detection logic and enhance Detection and Incident Response processes. - Document findings, create detailed reports, enumerate risks, and prioritize mitigation efforts based on business priorities. - Act as a subject matter expert on incident response tasks and coordinate IT resources effectively. - Identify and recommend process improvements to enhance overall security posture. Qualifications Required: - Bachelor's degree in Computer Science or related discipline with a minimum of 4 years of work experience in information security or related technology, or a High School Diploma/GED with equivalent work experience. - Minimum 2 years of experience in cyber security, incident response, or security operations related to detection, analysis, containment, eradication, and recovery from cyber security incidents. - Strong verbal and written communication skills. - Ability to perform logical problem-solving. - Experience working in high-performing teams and understanding teamwork dynamics in a SOC environment. - Industry certifications such as CISSP, GCIH, AWS Certified Cloud Practitioner, AWS Certified Security Specialty, and other cybersecurity certifications are a plus. Company Details: Synchrony (NYSE: SYF) is a premier consumer financial services company with a focus on delivering digitally enabled product suites across various industries. Recognized for its employee-friendly policies and career advancement opportunities, Synchrony offers flexibility, choice, and best-in-class employee benefits to promote work-life integration and overall well-being. Grade/Level: 09 Work Timings: Rotational shifts,

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Operational Technology (OT) Security Good to have skills : Platform Engineering Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Skilled and detail-oriented IT/OT Security Engineer with hands-on experience in Dispel or similar SRA tools for OT Secure Remote Access and Armis or similar tools for asset visibility and risk management across IT and Operational Technology environments. The ideal candidate will also have expertise in ServiceNow ITSM for incidents, problems, and change management processes. This role is critical for ensuring security and operational resilience across both enterprise and industrial networks, supporting continuous monitoring, risk analysis, and workflow automation. You will work closely with IT, OT, and security teams to ensure accurate asset inventory, threat detection, and efficient incident resolution. Roles and Responsibilities:-Deploy, configure, and manage the Armis platform for complete visibility of IT/OT/IoT devices. -Monitor device behavior, identify threats, and respond to anomalies in real time. -Integrate Armis with SIEM and other security tools to enhance detection and response capabilities. -Collaborate with OT/ICS teams to ensure non-intrusive visibility into critical infrastructure. -Conduct asset risk assessments and report on vulnerable or non-compliant devices. -Deploy, configure, and manage the Dispel platform for Remote Access system. -Ensure the platform is running without any issues and facilitate the access to the site people as and when required. -Utilize ServiceNow ITSM for ticket management (Incidents, Problems, Changes). -Automate workflows and ensure timely resolution and proper escalation of security incidents. -Integrate asset and threat data from Armis into ServiceNow for centralized incident management. -Support audits and compliance efforts related to IT/OT security (e.g., NIST, ISO, NERC CIP). Professional and Technical Skills: -Real-time monitoring of OT platform infrastructure, incident triage and investigation, patching, upgrades, and configuration/backup lifecycle management. -Monthly vulnerability assessments and reporting using Armis; asset enrichment, validation, and reporting in alignment with enterprise standards. -Policy and rule maintenance, alert fine-tuning based on SOC feedback, and continuous baseline updates to reflect changes across Client sites. -Support for security incident enrichment, alert prioritization, and collaboration with SOC and Client teams to suppress noise and escalate meaningful events. -Vendor engagement for RMA, feature requests, and escalated troubleshooting; coordination of platform lifecycle activities and tool enhancements. -Experience with security policy governance and compliance frameworks. -Monitor the health of OT platform infrastructure and ensure high availability. -Lead incident management and root cause investigations. -Oversee patch management and platform upgrades. -Manage configuration backups and restoration processes. -Coordinate with vendors for RMA, feature enhancements, and troubleshooting. -Generate and deliver monthly vulnerability assessment reports using Armis in the agreed format. -Track and report remediation progress and risk posture improvements. -Enrich asset metadata and validate asset inventory with client stakeholders. -Provide accurate and timely asset reports for compliance and operational use. -Maintain and update platform security policies and rules. -Fine-tune security alerts based on SOC feedback and operational insights. -Continuously fine tune and update the baseline. -Support alert enrichment by providing contextual data from Armis. -Partner with client stake holders and SOC teams to triage, tune, and respond to alerts. -Deprioritize noisy alarms and escalate meaningful security events. -Demonstrated expertise in Dispel & Armis for asset visibility, vulnerability reporting, and alert enrichment in OT environments. -Strong background in incident management, patching, configuration backup, and vendor coordination. -Ability to stay current with emerging OT threats, security technologies, and industry best practices Additional Information:- The candidate should have minimum 5 years of experience in Operational Technology (OT) Security.- This position is based at our Gurugram office.- A 15-year full time education is required. Qualification 15 years full time education

Job Discription: Threat Intelligence Roles & Responsibilities: o Use various intelligence collection and reporting tools and frameworks to create customized threat Intelligence reports o Publish, present, and explain the reports to relevant stakeholders Collect, process, catalog, and document information using an all-source approach and various technical and human means on cyber-security topics as required based on defined intelligence requirements. Development of various tactical and strategic intelligence products including advisories and threat landscape reports Maintain a deep understanding of threat actor groups, campaigns and tactics, techniques, and procedures o Act as an escalation point for CTI analysis and investigation-related events Work with members of various teams, such as incident response and security monitoring, to carry out joint investigations or other threat management functions Identifies gaps in available intelligence information and engages with leadership on strategies to meet intelligence requirements through Intelligence collection processes. Aid in and participate in daily, weekly, quarterly, and yearly production reporting for clients, partners, and internal teams. Required Skillset: Should have hands on experience in various OSINT tools o Should be able to perform with dark and deep web scans Should have experience in deployment/management of various tools pertaining o Threat Intelligence including MISP, Recorded Future etc. Should have basic understanding vulnerability scanning solutions Must possess intermediate level of Cyber Security threats and various attack vectors

Role Overview: As a member of KPMG in India, you will be responsible for monitoring SIEM alerts for suspicious activity, triaging security alerts generated in SIEM, investigating security incidents to determine root cause and scope of impact, performing malware dynamic and static analysis, responding to security incidents in a timely manner, providing suggestions to enhance threat detection capabilities, staying updated on cyber threats, providing technical support, and documenting security incidents and activities clearly. You will also participate in security training and awareness programs, demonstrating the ability to work independently or as part of a team in a fast-paced environment. Possessing security certifications such as Security+, CEH, GCIH, GCFA, GREM will be considered a plus. Key Responsibilities: - Monitor SIEM alerts for suspicious activity - Triage Security Alerts generated in SIEM - Investigate security incidents to determine the root cause and scope of impact - Perform Malware Dynamic and Static analysis (reverse engineering) - Respond to security incidents in a timely and efficient manner, taking appropriate mitigation actions - Provide suggestions to build SIEM use cases to enhance threat detection capabilities - Stay up to date on the latest cyber threats and vulnerabilities - Provide technical support to internal users and security teams - Document security incidents and activities in a clear and concise manner - Participate in security training and awareness programs - Ability to work independently and as part of a team in a fast-paced environment Qualification Required: - Bachelor's degree in Computer Science, Information Security, or a related field (strongly preferred) - Minimum of 5 years of experience in a SOC or relevant security role - Any Technical Graduate (Note: Equal employment opportunity information is omitted as it does not provide specific details related to the job description.),

Threat Intelligence & Research: - Collect, analyze, and operationalize cyber threat intelligence from open-source, commercial, and proprietary sources. - Monitor and track emerging cyber threats, including nation-state actors, cybercriminal groups, and hacktivists. - Develop and maintain threat intelligence reports, briefings, and dashboards to inform security teams and leadership. Digital Risk Management: - Identify and mitigate digital risks related to brand reputation, social media threats, impersonation, and fraudulent activities. - Monitor dark web, underground forums, and illicit marketplaces for leaked credentials, intellectual property theft, and data breaches. - Assess and track third-party and supply chain risks, providing intelligence-driven recommendations. - Work with legal, fraud, and risk teams to develop mitigation strategies for digital threats. Threat Hunting & Incident Response: - Collaborate with SOC and Incident Response teams to provide intelligence-driven threat detection and response. - Investigate advanced persistent threats (APTs) and targeted attacks using frameworks like MITRE ATT&CK and Cyber Kill Chain. - Correlate threat intelligence with security events to enhance proactive threat detection. Automation & Tooling: - Utilize Threat Intelligence Platforms (TIPs), SIEM (Splunk, ELK), SOAR, and EDR for threat enrichment and automation. - Develop custom threat detection rules and signatures using YARA, Sigma, and other frameworks. - Work with AI/ML teams to enhance automated risk identification and threat detection capabilities.

Job Description Mission The Triager CERT position is part of the Groups Computer Emergency Response Team (CERT), the organization’s cyber defense division. The team’s mission is centered around three critical areas: 1. Threat Prevention & Crisis Preparedness – Proactively anticipating and mitigating threats while preparing for potential cyber crises. 2. Threat Detection & Analysis – Identifying vulnerabilities, detecting threats, and uncovering attacks. 3. Incident Response – Investigating, managing, and resolving security incidents while mitigating their impact on the IT ecosystem. 4. Analyzes risks, performs studies and implements solutions to ensure the security of IT and digital solutions (availability, integrity, confidentiality, traceability). Additional Information: This position operates within a follow-the-sun model to ensure global coverage and requires 3-4 days of office presence per week. Weekend on-call support will be on a rotational basis. Experience and Skills Required: 5- 10 years of experience in the IT security domain, with a background in IT development or DevOps. Proven ability to maintain confidentiality and discretion in handling sensitive information. Extensive experience with incident management and familiarity with SIEM tools. Strong collaboration skills, with the ability to work effectively in a global team environment. Behavior skills: Exceptional organizational and analytical skills. Ability to work in a fast-paced environment while maintaining attention to detail. Strong communication and interpersonal skills to liaise with global teams and stakeholders. Proactive mindset with a commitment to continuous improvement in incident management processes. KEY EXPECTED ACHIEVEMENTS: Service Delivery Manager (SDM) – 70% The primary responsibility of the SDM is to ensure the efficient functioning of the incident response process within CERT, ensuring that attacks are detected and contained. Key duties include: Monitoring security alerts raised through various channels. Understanding incidents, assessing their criticality and priority. Creating or modifying tickets and assigning them to analysts. Tracking ticket resolution to ensure closure in compliance with SLAs. Maintaining constant communication with global CERT teams (France, Americas, India, and China) and other stakeholders (e.g., DOTI, DOMF). Consolidating and publishing statistics/figures related to incidents handled by CERT and other stakeholders. This includes: Verifying SLA compliance, especially for priority 1 incidents. Quantifying the number of incidents handled by CERT based on various analytical axes. Analyzing SLAs, proposing improvement actions, and following up on their implementation. Keeping the following documentation updated: Skills matrix for ticket orientation. Analyst access management. Decision trees for incident routing. Additional Activities – 30% Depending on their expertise, the triager may be assigned occasional missions within the team, such as: Development projects. Security incident response tasks.

Your Role We are seeking a highly skilled and experienced SOC Lead / L3 Analyst with deep expertise in SIEM platform engineering , log integration , security incident management , and advanced threat detection with 8+ years of experience for Bangalore location . The ideal candidate will lead critical security incidents, guide junior analysts, and contribute to the strategic evolution of security operations through technology evaluations and process enhancements. Design, implement, and manage SIEM platforms including log ingestion, parsing, normalization, and correlation. Develop and maintain SIEM dashboards, alerts, and reports to support threat detection and compliance. Oversee production management of SIEM infrastructure ensuring high availability and performance. Integrate logs from diverse sources including network devices, endpoints, cloud platforms, and applications. Collaborate with engineering and operations teams to ensure seamless SIEM deployment and maintenance. Lead and manage high-priority and critical security incidents, ensuring timely resolution and documentation. Provide expert guidance to L1/L2 SOC analysts on complex investigations and escalations. Conduct forensic analysis, threat hunting, and deep-dive investigations using tools like EDR, IPS, DLP, etc. Contribute to the development and refinement of incident response runbooks and playbooks. Align detection strategies with frameworks such as MITRE ATT&CK and other industry standards. Identify and close security gaps through mitigation strategies and track remediation efforts to closure. Your Profile Collaborate with regional SOC and CERT teams for coordinated incident response and threat intelligence sharing. Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight, Sentinel). Strong knowledge of security technologiesEDR, IPS, DLP, forensic tools, threat intelligence platforms and familiarity with MITRE ATT&CK, NIST, ISO 27001, and other security frameworks.

As the Manager, Security Operations APAC at Johnson Controls Global Cyber Security (GCS) team, your role will involve leading the security operations and incident response practices for the APAC region. You will collaborate with enterprise stakeholders to ensure timely mitigation and remediation of incidents. Your responsibilities will also include continuous process improvement for security operations and incident response processes, tracking and reporting metrics, and identifying and implementing processes, procedures, and tools to enhance capabilities. Additionally, you will manage team member workloads, partner with global security operations leaders, and respond to new threats. Key Responsibilities: - Lead Security Operations and Incident Response practices for the APAC region - Collaborate with enterprise stakeholders to ensure incidents are mitigated/remediated in a timely manner - Conduct continuous process improvement for Security Operations and Incident Response processes - Collect, track, measure, and report Security Operations and Incident Response metrics - Identify, evaluate, recommend, and implement processes, procedures, and tools to enhance existing Security Operations and Incident Response capabilities - Manage team member workloads to focus on priorities - Partner with Global Security Operations and Incident Response leaders to track, detect, and respond to new and emerging threats Qualifications: - Experience in the leadership and management of technical teams and individuals - Proven record of talent development - Robust knowledge of Incident Response and Security Operations activities - Advanced experience in threat intelligence, threat hunting, threat detection, and enterprise/cloud security - Ability to recognize common attacker tools, tactics, and procedures - Extensive experience with EDR, SIEM, and other cybersecurity toolsets - Minimum of 10 years of experience in Security Operations, Incident Response, or related Cyber Security field preferred - Excellent verbal, written, and interpersonal communication skills, including the ability to communicate security concepts to both technical and non-technical audiences - Ability to work collaboratively across global teams and manage multiple priorities If you are a strategic thinker with a passion for security management, Johnson Controls offers competitive salary and performance-based bonuses, a comprehensive benefits package including health, dental, and vision insurance, opportunities for professional development and career advancement, and a dynamic and collaborative work environment that fosters innovation. Apply now to join our team!,

Key Responsibilities: Design and enforce security architecture across all environments (Dev, Stage, Prod, DR). Conduct regular VAPT (Vulnerability Assessment and Penetration Testing) and threat modeling. Define and monitor policies for encryption, identity access management (IAM), and secure coding. Implement real-time alerting and SIEM tools for system and app security. Work with developers to review code and dependencies for CVEs and OWASP vulnerabilities. Ensure tokenization, masking, and key management policies are in place. Assist in audits (internal, PCI-DSS, RBI, ISO) and maintain compliance documentation. Develop incident response plans and lead red/blue team exercises. Required Skills: 5+ years in application or infrastructure security roles. Deep understanding of PCI-DSS, ISO 27001, RBI cybersecurity norms. Experience with SIEM (e.g., Splunk, Wazuh), WAFs, firewalls, and intrusion detection tools. Familiarity with TLS certs, HSMs, secrets management, and secure APIs. Strong scripting skills (Python, Bash) for automating security checks. Previous experience in securing financial systems or payment gateways is a must.

We are hiring for our one of reputed government client I4C- MHA for CDTI Hyderabad Role. * MCA or any other post-graduation degree in Engineering in CSE/IT/ Computer Science/ Electronics and Telecommunication, with the area of specialization in cyber security/inf-ormation Security/digital Forensics/ Understanding of network security, ciphers, data on the wire, shell scripting. Experience: 7+ Years Job Role: Detect emerging Cybercrime threats based upon analysis, data feeds crime reporting and sources (internal & external intelligence sources). Working within the team and the wider Information Security group to build new tools for intelligence gathering. * Knowledge of innovative technologies like block-chain, Artificial Intelligence/Machine Learning, IOT Security, Cloud Security will be an added advantage. * Knowledge of cryptography protocols. * Ability to derive intelligence out of data and reports generated and ability to conduct research in that direction and development of tools to handle such threats and overcome such risks. * Building and maintaining senior management dashboards to provide a clear understanding of team activities and threat landscape. * Identify and suggest appropriate infrastructure with suitable mitigation strategies for cyber crime * Evaluate target systems to analyze results of scans, identify and recommend resolutions * Producing periodic Cybercrime threat analysis reports with mitigation measures. * Programming skills with proficiency in one or more of the following, Python, Java, C++. * Excellent knowledge of digital hardware, computer programming, cyber security practices, databases & operating systems artifacts. * Review unlawful and suspicious content in open source and escalate violations to the appropriate govt. department. * Collect, organize, analyze and develop reliable actionable intelligence about cybercrime, criminals, criminal infrastructure from open sources. Must have advanced understanding of how to use open-source including social media for intelligence. * Ability to draft Sop's/ RFP/ Advisory Manuals/ Reports pertaining to Cyber Security/Inf-ormation Security/Cybercrime Investigation. * Proven ability to work both independently and as a team and present/develop ideas. * Ability to work effectively with technical and non-technical stakeholders. * Ability to communicate (verbal and written) with stakeholders in non-technical terms. * Experience with multiple social media platf-orms. * Using data from social media, open sources, search engines, public records, and the deep web to compile detailed reports on cybercrime, criminals and criminal infrastructure. Share your cv to d.darshani@cipl.org.in

Job Overview: A SOC Analyst is responsible for monitoring, detecting and responding to cyber threats and incidents. Play a crucial role in protecting an organization's information and data from security breaches and attacks. Key Responsibilities: Monitor and Analyze: Continuously monitor security alerts from various tools and respond to incidents promptly. Incident Investigation: Conduct thorough investigations to determine the cause of security breaches and implement corrective actions. Vulnerability Assessments: Perform regular assessments to identify and manage security vulnerabilities. Documentation: Document incidents and write detailed reports on the events and steps taken to prevent future occurrences. Procedure Development: Develop and maintain standard procedures for network traffic analysis and anomaly detection. Advisory Role: Provide recommendations on information security issues, trends, and standards. Stay Updated: Keep up to date with the latest information on IT security, compliance regulations and security systems. Required Skills & Qualifications: Educational Background: A bachelor's degree in Cybersecurity, IT or a related field. Technical Skills: Strong understanding of network protocols, security architecture, and various security tools. Problem-Solving: Exceptional problem-solving skills and the ability to respond quickly to security incidents. Detail-Oriented: Ability to monitor multiple aspects simultaneously and respond to threats effectively. Technical Knowledge: Network Protocols: Understanding of TCP/IP, DNS, HTTP, and other network protocols. Security Tools: Proficiency with SIEM (Security Information and Event Management) tools, firewalls, IDS/IPS, and antivirus software. Threat Intelligence: Knowledge of threat intelligence platforms and methodologies for threat detection and response. Certifications: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Soft Skills: Communication: Strong verbal and written communication skills to effectively report and explain security incidents. Teamwork: Ability to work collaboratively with other IT and security professionals. Adaptability: Flexibility to adapt to new security challenges and technologies. Attention to Detail: Keen eye for detail to identify and respond to security threats accurately Education Requirements: A bachelor's degree in Cybersecurity, IT or a related field Location: Hyderabad Shift: General

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, while also addressing any emerging security challenges that may arise during the implementation process. Your role will be pivotal in shaping a secure cloud environment that aligns with organizational objectives and enhances overall security posture. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and maintain comprehensive documentation of cloud security architecture and controls.- Collaborate with cross-functional teams to ensure security measures are integrated into all cloud-based projects. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security compliance frameworks such as ISO 27001, NIST, or CIS.- Familiarity with incident response and threat detection methodologies.- Knowledge of security tools and technologies relevant to cloud environments. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Greetings !!! We are looking for a Threat Hunter who has hands-on experience in Threat hunting, Threat Intelligence and Threat Analysis technologies. Job Summary: Perform quality threat hunting in identifying and analyzing advanced persistent threats (APTs). Develop and execute threat hunting based on threat intelligence, behavioral analytics. Ability to form hypothesis and execute the same to identify the threats in the environment. Understanding(working experience) of on-premises & cloud environments (AWS, Azure, GCP). Understanding of how scripts/process work Stay updated on emerging threats, vulnerabilities, and attack vectors. Working in collaboration with SOC and incident response teams to action preventive steps to mitigate the threats. Query and analyze logs and datasets to identify IOCs and tactics, techniques, and procedures (TTPs). Use-case creation in SIEM & relevant technology post threat hunting to generate alerts in case of an event. Building of scripts for analysis and queries, and to automate threat detection and reduce false positives. Provide detailed reports and dashboards on threat hunting activities and outcomes. Communicate findings and recommendations to technical and non-technical stakeholders. Strong analytical and problem-solving skills. Ability to think like an adversary and simulate attack scenarios. Excellent communication, reporting and presentation capabilities. If you're passionate about Threat Hunting and meet the criteria, we would love to hear from you on gayathri.ramaraj@locuz.com along with the below mentioned details. Current CTC: Expected CTC: Notice Period:

As a Senior Associate Information Security Incident Response Analyst at NTT DATA, you will play a crucial role in assisting with the detection and monitoring of threats and suspicious activity affecting the organization's technology domain. You will support various business areas and third-party technical experts by utilizing your developing technical competencies to detect unauthorized activity on company information assets. Your responsibilities will include assisting with the prevention and resolution of security breaches, supporting access management activities, implementing security service audit schedules, and participating in the global team of Cyber Security Analysts and specialists. You will be responsible for notifying internal and/or external teams regarding security alerts, events, and notifications, as well as communicating the status of response, resolution, and final root cause analysis to the appropriate stakeholders. Additionally, you will be expected to follow and update established processes, work instructions, and create procedures where deficiencies are identified. Your role will also involve logging, managing, and coordinating service requests through to resolution, developing an understanding of current and emerging threats, vulnerabilities, and trends, and supporting the review of current configurations of company's production information systems and networks against compliance standards. To excel in this role, you should possess knowledge of technological advances within the information security arena, an understanding of inter-relationships in an overall system or process, knowledge of information security management and policies, and the ability to think critically, analyze information, and solve less complex problems. Academic qualifications such as a Bachelor's degree in Information Technology, Computer Science, or related field, along with certifications like SANS GIAC Security Essentials (GSEC), SANS GIAC Certified Intrusion Analyst (GCIA), and SANS GIAC Certified Incident Handler (GCIH) are preferred. The ideal candidate will have moderate experience in the Technology Information Security Industry, using End Point Protection Software, Enterprise Detection and Response software, SIEM and IPS technologies, as well as familiarity with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors. This role offers a remote working environment, providing you with the flexibility to work from anywhere while contributing to NTT DATA's mission as a trusted global innovator of business and technology services committed to helping clients innovate, optimize, and transform for long-term success.,

Join a company that is pushing the boundaries of what is possible. NTT DATA is renowned for its technical excellence, leading innovations, and making a difference to clients and society. The workplace embraces diversity and inclusion, providing a space where you can grow, belong, and thrive. As a Senior Associate Information Security Incident Response Analyst at NTT DATA, you will be a developing subject matter expert responsible for assisting in detecting and monitoring threats and suspicious activities within the organization's technology domain. You will support technical staff from various business areas and third-party experts, utilizing your technical competencies to detect unauthorized activity on company information assets. Key responsibilities of this role include assisting in preventing and resolving security breaches, supporting access management activities, implementing security service audit schedules, supporting a global team of Cyber Security Analysts, and communicating effectively with stakeholders regarding incident response and resolution. To excel in this role, you should have knowledge of technological advances in information security, an understanding of system inter-relationships, familiarity with information security management and policies, and the ability to think critically and solve problems. Academic qualifications and certifications required for this role include a Bachelor's degree in Information Technology, Computer Science, or a related field, along with certifications such as SANS GIAC Security Essentials (GSEC), SANS GIAC Certified Intrusion Analyst (GCIA), and SANS GIAC Certified Incident Handler (GCIH). The ideal candidate will have moderate experience in the Technology Information Security industry, using End Point Protection Software, Enterprise Detection and Response software, SIEM and IPS technologies, as well as Wireshark or tcpdump for identifying abnormal/malicious traffic patterns. This is a remote working position at NTT DATA, a trusted global innovator of business and technology services with a commitment to helping clients innovate, optimize, and transform for long-term success. NTT DATA invests significantly in R&D each year to support organizations and society in confidently transitioning into the digital future. As a Global Top Employer, NTT DATA boasts diverse experts in over 50 countries and a robust partner ecosystem. Services offered by NTT DATA include business and technology consulting, data and artificial intelligence, industry solutions, as well as application, infrastructure, and connectivity development, implementation, and management. NTT DATA is also a leading provider of digital and AI infrastructure globally, and is part of the NTT Group headquartered in Tokyo. NTT DATA is an Equal Opportunity Employer, committed to providing an inclusive and diverse workplace for all employees.,

As a skilled and proactive SOC Lead, you will play a crucial role in managing and enhancing our Security Operations Center capabilities. Your strong experience in cybersecurity operations, threat analysis, incident response, and team leadership will be instrumental in establishing and overseeing the SOC process. You will lead the day-to-day monitoring, manage a team of analysts, and drive the evolution of our threat detection and response processes. Your key responsibilities will include implementing various SIEM / XDR solutions, leading and coordinating the daily operations of the Security Operations Center, and supervising and mentoring SOC analysts. You will provide guidance on threat detection, triage, and incident handling, as well as review, escalate, and respond to security incidents in a timely manner. Continuous improvement of SOC playbooks, procedures, and incident response plans will be under your purview, along with overseeing threat intelligence gathering and its integration into detection capabilities. Collaboration with IT, network, and application teams to enhance security posture, leading threat-hunting initiatives, and proactively identifying potential risks are also part of your responsibilities. Moreover, you will be responsible for maintaining and optimizing SIEM, SOAR, and other security tools for effective coverage and alerting, while staying current on emerging threats, vulnerabilities, and best practices in security operations. To qualify for this role, you should have a Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent experience. A minimum of 5-6 years of experience in cybersecurity, including at least 2 years of team handling experience, is required. Deep understanding of XDR / SIEM platforms, hands-on experience with incident response, threat analysis, malware analysis, and vulnerability management, as well as knowledge of attack frameworks and regulatory frameworks are essential. Strong analytical, problem-solving, and communication skills are also necessary. Preferred qualifications include professional certifications such as GCIA, GCIH, CEH, CISSP, ECIH, CHFI, experience with SOAR platforms and automation of security workflows, and exposure to cloud security environments and monitoring. If you are looking to make an impact in the field of cybersecurity and lead a dynamic team in safeguarding our organization's assets, this role as a SOC Lead is the perfect opportunity for you. Join us in our mission to stay ahead of emerging threats and ensure the highest level of security for our operations.,

Overview We are looking for a Security Engineer III to join the Critical Start Technologies Private Ltd. team, operating under the Critical Start umbrella, supporting our India operations. This is an exciting opportunity for a skilled security professional with 5–8 years of hands-on experience in security engineering, threat detection, and investigation. We are looking for a curious, technically adept individual who thrives in a fast-paced, high-impact environment. You bring deep technical expertise, a proactive mindset, and a passion for solving complex security challenges using industry-leading tools and frameworks. The ideal candidate is a driven and resourceful security professional who thrives on diving deep into threat activity—whether it’s analyzing port scans or crafting custom detection queries. With a strong understanding of the MITRE ATT&CK framework, you’re capable of building your own detection content and conducting investigations independently, without relying solely on predefined rules. You take initiative, enjoy improving processes, and excel in autonomous, project-based environments. Your analytical mindset, technical curiosity, and collaborative spirit enable you to contribute meaningfully to both team goals and larger security objectives. Responsibilities Investigate and validate alerts generated by industry-standard EDR and SIEM platforms, ensuring data quality and investigative clarity for our Security Operations Center (SOC). Proactively identify opportunities to improve alert fidelity through detection tuning, custom rule development, and the creation of IOCs and IOAs. Author and maintain clear, user-centric investigation procedures to guide SOC analysts and drive consistency in alert handling. Collaborate cross-functionally with Engineering and Product teams to enhance security tools and improve platform efficacy. Conduct periodic quality assurance checks on alerts—especially during platform updates or vendor API changes—to maintain actionable fidelity. Design, write, and translate threat detection content across tools including but not limited to Splunk, Microsoft Sentinel, Devo, Microsoft 365 Defender, Palo Alto Cortex XDR, CrowdStrike, and SentinelOne. Lead internal knowledge-sharing sessions and mentor junior team members to foster a culture of collaboration and continuous learning. Operate effectively in a global, agile team spanning multiple time zones, balancing independence with team collaboration. Qualifications Required Qualifications: 5+ years of experience in cybersecurity with a focus on threat detection, security engineering, or incident investigation. Hands-on experience with multiple EDR and SIEM tools such as Splunk, Microsoft Sentinel, Devo, Microsoft 365 Defender, Palo Alto Cortex XDR, CrowdStrike, SentinelOne, Carbon Black, or Cylance. Proficiency in one or more query languages (e.g., SPL, KQL, Sumo Logic). Experience building use cases for SIEM platforms and a solid grasp of log source types including firewalls, operating systems, and proxies. Strong verbal and written communication skills with the ability to convey complex concepts to both technical and non-technical stakeholders. Ability to work independently while effectively collaborating with distributed teams. Familiarity with tools like GitHub, Jira, and Confluence. Preferred Qualifications: Professional certifications such as OSCP, CISSP, or equivalent. Experience creating parsers or custom log processing logic. Exposure to agile development environments and DevSecOps culture.

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Operational Technology (OT) Security Good to have skills : Platform Engineering Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Skilled and detail-oriented IT/OT Security Engineer with hands-on experience in Dispel or similar SRA tools for OT Secure Remote Access and Armis or similar tools for asset visibility and risk management across IT and Operational Technology environments. The ideal candidate will also have expertise in ServiceNow ITSM for incidents, problems, and change management processes. This role is critical for ensuring security and operational resilience across both enterprise and industrial networks, supporting continuous monitoring, risk analysis, and workflow automation. You will work closely with IT, OT, and security teams to ensure accurate asset inventory, threat detection, and efficient incident resolution. Roles & Responsibilities:-Deploy, configure, and manage the Armis platform for complete visibility of IT/OT/IoT devices. -Monitor device behavior, identify threats, and respond to anomalies in real time. -Integrate Armis with SIEM and other security tools to enhance detection and response capabilities. -Collaborate with OT/ICS teams to ensure non-intrusive visibility into critical infrastructure. -Conduct asset risk assessments and report on vulnerable or non-compliant devices. -Deploy, configure, and manage the Dispel platform for Remote Access system. -Ensure the platform is running without any issues and facilitate the access to the site people as and when required. -Utilize ServiceNow ITSM for ticket management (Incidents, Problems, Changes). -Automate workflows and ensure timely resolution and proper escalation of security incidents. -Integrate asset and threat data from Armis into ServiceNow for centralized incident management. -Support audits and compliance efforts related to IT/OT security (e.g., NIST, ISO, NERC CIP). Professional & Technical Skills: -Real-time monitoring of OT platform infrastructure, incident triage and investigation, patching, upgrades, and configuration/backup lifecycle management. -Monthly vulnerability assessments and reporting using Armis; asset enrichment, validation, and reporting in alignment with enterprise standards. -Policy and rule maintenance, alert fine-tuning based on SOC feedback, and continuous baseline updates to reflect known good changes across Client sites. -Support for security incident enrichment, alert prioritization, and collaboration with SOC and Client teams to suppress noise and escalate meaningful events. -Vendor engagement for RMA, feature requests, and escalated troubleshooting; coordination of platform lifecycle activities and tool enhancements. -Experience with security policy governance and compliance frameworks. -Monitor the health of OT platform infrastructure and ensure high availability. -Lead incident management and root cause investigations. -Oversee patch management and platform upgrades. -Manage configuration backups and restoration processes. -Coordinate with vendors for RMA, feature enhancements, and troubleshooting. -Generate and deliver monthly vulnerability assessment reports using Armis in the agreed format. -Track and report remediation progress and risk posture improvements. -Enrich asset metadata and validate asset inventory with client stakeholders. -Provide accurate and timely asset reports for compliance and operational use. -Maintain and update platform security policies and rules. -Fine-tune security alerts based on SOC feedback and operational insights. -Continuously update baselines to reflect known good changes at client stake holders sites. -Support alert enrichment by providing contextual data from Armis. -Partner with client stake holders and SOC teams to triage, tune, and respond to alerts. -Deprioritize noisy alarms and escalate meaningful security events. -Demonstrated expertise in Dispel & Armis for asset visibility, vulnerability reporting, and alert enrichment in OT environments. -Strong background in incident management, patching, configuration backup, and vendor coordination. -Ability to stay current with emerging OT threats, security technologies, and industry best practices Additional Information:- The candidate should have minimum 5 years of experience in Operational Technology (OT) Security.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Competitor Analysis Good to have skills : Security Architecture Design Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :To drive competitive intelligence initiatives focused exclusively on cybersecurity services. This role supports strategic stakeholders by delivering deep-dive insights on peer organizations in the cybersecurity services space. The analyst will research, track, and interpret competitor strategies, offerings, market moves, and client positioning to inform go-to-market actions and service differentiation. Roles & Responsibilities:Conduct in-depth competitive research on global and regional cybersecurity service providers, including consulting-led firms, MSSPs, and niche players.Develop and maintain competitor profiles that include service offerings (e.g., MxDR, Identity & Access Management, Cloud Security, OT Security), delivery models, alliances, certifications, and client segments.Monitor market movements such as deal wins/losses, acquisitions, leadership changes, analyst rankings, investments, and capability launches.Support the creation of battle cards, SWOT analyses, benchmarking reports, and win-loss summaries tailored to specific cybersecurity service lines.Track and interpret positioning of competitors across analyst reports (e.g., Gartner, IDC, Forrester, ISG, HFS, Everest Group) and translate these insights for sales, marketing, and delivery teams.Collaborate with internal stakeholders (e.g., Client account teams, Cyber industry leads, MU leads) to refine competitive narratives and validate field intel.Contribute to periodic competitive landscape reports and newsletters focused on trends in the cybersecurity services market.Maintain an internal repository of intelligence assets, including slides, transcripts, and data extracts for easy consumption and reuse. Professional & Technical Skills: -Basic understanding of cybersecurity domains such as threat detection, managed services, incident response, IAM, and zero trust.Proficiency in secondary research techniques and comfort with navigating open-source and premium databases (e.g., Gartner, IDC, LinkedIn, company filings).Strong analytical mindset with the ability to structure insights from fragmented data points.Excellent PowerPoint and business writing skills able to write succinct, executive-ready outputs.Comfort working in a fast-paced environment, balancing ad hoc requests with structured deliverables.A collaborative mindset with a willingness to learn from technical and business stakeholders. Additional Information:- The candidate should have minimum 3 years of experience in Competitor Analysis.- This position is based at our Bengaluru office.- A 15 years full time education is required.Exposure to market intelligence or strategy support functions within a services organization is a plus.Understanding of cybersecurity services value chain:advisory, implementation, and managed services.Familiarity with analyst frameworks like Gartner Magic Quadrants, Forrester Waves, and ISG Provider Lens in cybersecurity. Qualification 15 years full time education

About The Role Project Role : Technology Platform Engineer Project Role Description : Creates production and non-production cloud environments using the proper software tools such as a platform for a project or product. Deploys the automation pipeline and automates environment creation and configuration. Must have skills : Email Security Good to have skills : Microsoft 365 Security & Compliance Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Technology Platform Engineer, you will be responsible for creating production and non-production cloud environments using the proper software tools. Your role involves deploying the automation pipeline and automating environment creation and configuration.Roles & Responsibilities:-Deploy and manage Proofpoint Email Security solutions to protect against phishing, malware, and other email threats.-Assist in configuring security policies tailored to individual user needs.-Configure recipient verification processes to ensure the authenticity of email communications.-Manage whitelisting and blacklisting of domains, IP addresses, and email addresses to strengthen security.-Develop and modify security rules based on service requests to address specific threats.-Analyze and refine quarantine policies to enhance threat detection and email filtering.-Diagnose and resolve inbound/outbound email delays and routing issues for seamless communication.-Categorize emails for whitelisting and blacklisting to maintain a secure email environment.-Continuously monitor and analyze email traffic to detect and mitigate potential threats.-Collaborate with Registration, DNS, and M365 teams to integrate new or acquired domains into the existing setup.-Configure external email banners and manage exceptions for vendors/partners.-Expertise in creating and modifying Regular Expressions based on security requirements.-Understand URL rewriting scenarios and manage exceptions as needed.-Hands-on experience in diagnosing and resolving URL isolation issues.-Define and implement email security policies to ensure compliance and protect sensitive data.-Conduct training sessions to educate employees on email security best practices and risk mitigation.-Experience in managing security awareness training platforms and initiate related training and take initiative to train users via email or assigning new training on ongoing threats.-Work closely with relevant teams to integrate email security measures with broader security strategies.-Generate reports on security incidents, trends, and the effectiveness of implemented measures.-Stay updated on emerging email security threats and recommend improvements to strengthen the security posture.-Deep understanding of SPF, DKIM, DMARC, and hands-on expertise with EFD to enhance domain security against phishing and malware threats.- Hands on Experience in TAP, TRAP, CTR, PhishAlarm, Email DLP- Experience in Proofpoint IMD for the protection from Phish, Malware, Spam etc.Professional & Technical Skills: - Must To Have Skills: Proficiency in Email Security.- Good To Have Skills: Experience with Microsoft 365 Security & Compliance.- Strong understanding of cloud security principles.- Knowledge of email security protocols and encryption methods.- Experience in configuring and managing email security solutions.- Ability to analyze and respond to email security incidents. Additional Information:- The candidate should have a minimum of 3 years of experience in Email Security.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Job Description: Cloud Security and Solution Architect Job Title: Cloud Security and Solution Architect Job Summary: We are seeking an experienced Cloud Security and Solution Architect to design, implement, and manage secure, scalable cloud solutions. The ideal candidate will provide leadership in cloud architecture and security best practices, ensuring the safety of data and systems while driving innovation and operational efficiency. This role involves collaboration with stakeholders, ensuring that cloud systems align with business goals and comply with industry standards. Key Responsibilities: Cloud Architecture: 1. Design and implement robust, scalable, and secure cloud architectures across multi-cloud environments (e.g., AWS, Azure, Google Cloud). 2. Define and document architectural frameworks, standards, and best practices. 3. Evaluate emerging technologies and integrate them into cloud solutions as appropriate. 4. Collaborate with development and operations teams to optimize cloud resources and costs. Cloud Security: 1. Design and implement secure cloud configurations and ensure compliance with security policies and regulations. 2. Conduct risk assessments and implement security controls to mitigate vulnerabilities. 3. Develop Identity and Access Management (IAM) strategies, including role-based access and single sign-on (SSO) mechanisms. 4. Establish encryption standards for data in transit and at rest. 5. Implement and manage cloud-specific security tools such as firewalls, intrusion detection/prevention systems, and endpoint protection. Solution Architecture: 1. Lead the design and deployment of end-to-end solutions for cloud-based applications. 2. Provide expertise on API management, microservices architecture, and serverless computing. 3. Define workflows and integration strategies for hybrid and multi-cloud environments. 4. Optimize application performance, reliability, and scalability. Compliance and Governance: 1. Ensure compliance with industry standards such as GDPR, HIPAA, ISO 27001, and SOC 2. 2. Develop and enforce cloud governance policies, including cost management, resource tagging, and usage monitoring. 3. Create disaster recovery and business continuity plans for cloud environments. Leadership and Collaboration: 1. Collaborate with DevOps teams to establish CI/CD pipelines aligned with security and architecture standards. 2. Mentor technical teams in secure coding and cloud best practices. 3. Act as a technical advisor to stakeholders and guide decision-making on cloud strategies. 4. Conduct regular training sessions and workshops to enhance cloud security awareness across the organization. Qualifications: Education: Bachelors or Master’s degree in Computer Science, Information Technology, or a related field. Certifications (preferred): AWS Certified Solutions Architect – Professional Microsoft Certified: Azure Solutions Architect Expert Google Professional Cloud Architect Certified Cloud Security Professional (CCSP) Certified Information Systems Security Professional (CISSP) TOGAF Certified (optional but beneficial) Experience: 8+ years in IT, with at least 5 years in cloud architecture and 3 years in cloud security roles. Proven experience in designing solutions across major cloud platforms (AWS, Azure, GCP). Skillsets: Technical Skills: 1. Cloud Platforms : Proficiency in AWS, Azure, Google Cloud, and hybrid environments. Expertise in cloud-native services like Lambda, Kubernetes, App Services, and BigQuery. 2. Cloud Security : IAM (Identity and Access Management) Security Information and Event Management (SIEM) tools (e.g., Splunk, Sentinel) Network security (firewalls, VPNs, VPC configurations) Threat detection and incident response 3. Infrastructure as Code (IaC) : Terraform, CloudFormation, or ARM Templates 4. Programming & Scripting : Python, Java, PowerShell, or Bash 5. DevOps Tools : CI/CD pipelines with Jenkins, GitLab, or GitHub Actions Containerization tools like Docker and orchestration using Kubernetes 6. Data Management : Data encryption, masking, and lifecycle management Backup and disaster recovery strategies 7. Monitoring & Optimization : CloudWatch, Azure Monitor, or Google Stackdriver Performance tuning for cloud environments 8. Compliance : Knowledge of regulatory standards like GDPR, HIPAA, PCI DSS, ISO 27001 Willingness to travel abroad and work on-site when required. Why Join Us? Opportunity to work on cutting-edge technologies and impactful projects. Be part of a dynamic, innovative, and supportive team. professional development opportunities.

You are a seasoned professional with expertise in the Cyber Security Domain and Cloud, specifically focused on Telecom, IT Security & AI/ML. As a Practice Specialist, your role will involve utilizing your strong technical background and hands-on experience to drive innovation and design solutions that meet client needs within these domains. This customer-facing position requires you to be adept at developing and enhancing service offerings that leverage AI/ML, collaborating with internal teams and customers, and ensuring the efficient implementation of solutions. Your responsibilities will include: - Leading practice innovation by developing service offerings that leverage AI/ML in Telecom, Security, and Cloud domains. - Acting as a subject matter expert to guide internal teams and customers in adopting advanced technologies. - Consulting on Cyber Security and Cloud domain towards Architecture, Design, Compliance Audits, etc. - Building trusted relationships with customers and providing strategic advice on technology solutions. - Collaborating with sales, solution & delivery teams to design solutions in IT Security, Cloud, and AI/ML. - Identifying and implementing AI/ML-driven use cases in IT Security and Cloud. - Staying updated on emerging technologies in Security, Cloud, and AI/ML. Qualifications and Experience: - Education: Bachelor's or master's degree in computer science, Information Technology, Data Science, or related field. - Experience: 15+ years of experience in Telecom, Security, and Cloud technologies, with at least 2+ years of experience in AI/ML use cases. - Skills: Deep knowledge of Security standards, cloud computing architectures, and AI/ML techniques. Hands-on experience with cloud platforms (AWS, Azure, GCP) and security tools (SIEM, firewalls, SASE). - Certifications like CISSP, CCSP, AWS/Azure Solutions Architect, and AI/ML certifications are highly desirable.,

As a Cloud Security Analyst & Incident Response Specialist, you will be responsible for monitoring and investigating high-risk alerts from Wiz across AWS, Azure, and GCP environments. Your role will involve analyzing attack paths, exposed services, and identity risks using Wiz Security Graph. You will collaborate with DevSecOps and Cloud Platform teams to triage and contain incidents, correlating Wiz alerts with signals from SIEM, endpoint, and identity tools to understand the full attack context. Supporting incident response efforts by conducting root cause analysis and post-incident reviews will also be part of your responsibilities. Your critical skills should include a degree in Cybersecurity, Information Security, Computer Science, or equivalent practical experience. You should have 3-6 years of experience in security operations, incident response, or threat detection, ideally with a cloud focus. Familiarity with Wiz, including security graph analysis, alert triage, and custom WQL queries is required. Understanding common cloud threats and misconfigurations in AWS, Azure, and/or GCP is essential, along with experience in tools like Microsoft Sentinel, Defender for Cloud, or other SIEM/SOAR platforms. Knowledge of core security concepts such as IAM, network security, and the MITRE ATT&CK framework is crucial. In this role, you will develop or improve playbooks for automated cloud incident response and stay current on evolving threats in cloud environments, such as identity-based attacks, privilege escalation, and lateral movement. Documenting response workflows, findings, and lessons learned to support continuous improvement is also expected. You should be comfortable working in fast-paced environments with cross-functional teams, possessing strong analytical and communication skills for documenting and sharing threat insights.,

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure that security architecture aligns with business objectives and regulatory requirements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat detection methodologies.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education