243 Threat Detection Jobs - Page 10

Job Description: Certifications Preferred: CISSP, ISSMP, SANS, GIAC (GSEC, GCFA, GNFA, GCIH). Education/Experience: Bachelor's in IT/Cybersecurity/CS or equivalent work experience. Frameworks/Knowledge: Familiarity with Cyber Kill Chain, MITRE ATT&CK, and offensive security methods. Analytical Skills: Strong problem-solving, data correlation, and investigative abilities. Incident Response: Hands-on experience in monitoring, triage, and response processes. Leadership: Ability to manage time effectively and mentor junior analysts. Security Domains: Deep knowledge in risk management, governance, IR, forensics, and network security. Tools/Tech: Skilled in Splunk, EnCase, FTK, Wireshark, Volatility, Redline, tcpdump, etc. Experience: 8-11 years in InfoSec or IT; Financial Services experience preferred. Technical Areas: Cloud, web apps, OS, network controls, anomaly detection, and forensics

Project Role Security Architect Project Role Description Define the cloud security framework and architecture ensuring it meets the business requirements and performance goalsDocument the implementation of the cloud security controls and transition to cloud securitymanaged operations Must have skills Program Control Services Good to have skills Minimum year(s) of experience is required Educational Quafication years full time education Summary As a Security Engineer you will apply your security skills to design build and protect enterprise systems appcations data assets and peopleA typical day involves collaborating with various teams to assess security needs implementing protective measures and ensuring compance with security protocolsYou will engage in proactive monitoring and response to potential threats while also participating in discussions to enhance security strategies and practices across the organization Roles & ResponsibitiesExpected to perform independently and become an SME.Required active participation/contribution in team discussions.Contribute in providing solutions to work related problems.Conduct regular security assessments and audits to identify vulnerabities.Develop and implement security pocies and procedures to safeguard information and assets. Professional & Technical Skills Must To Have Skills Proficiency in Program Control Services.Strong understanding of risk management and mitigation strategies.Experience with security frameworks and compance standards.Abity to analyze security incidents and develop response strategies.Famiarity with security tools and technologies for threat detection and prevention. Additional InformationThe candidate should have minimum years of experience in Program Control Services.This position is based at our Bengaluru office.A years full time education is required.

About the Role: We are looking for an experienced security professional to join our Security Operations Center (SOC) team. This role focuses on designing, refining, and implementing advanced threat detection use cases and response strategies aligned with the MITRE ATT&CK and Cyber Kill Chain frameworks. You will collaborate with Threat Intelligence, Incident Response, and Forensics teams to strengthen defense capabilities and proactively mitigate cyber threats. Key Responsibilities: Develop and implement custom security detection use cases and response strategies. Leverage MITRE ATT&CK and Cyber Kill Chain to identify, analyze, and prevent cyber threats. Participate in red teaming and penetration testing to validate detection rules. Monitor, investigate, and respond to security events using advanced tools (Splunk, EnCase, FTK, Wireshark, Volatility, tcpdump, etc.). Create and maintain metrics to measure detection effectiveness. Stay ahead of emerging threats and industry trends. Requirements: Bachelors degree in IT, Cybersecurity, or related field (or equivalent experience). 58 years in Information Security or IT, preferably in Financial Services. Knowledge of security frameworks (MITRE ATT&CK, Cyber Kill Chain). Experience in incident detection, investigation, and response. Strong understanding of network, endpoint, and cloud security. Hands-on experience with forensic tools and SIEM platforms. Preferred certifications: CISSP, GCIH, GCFA, GNFA, SANS, GSEC.

We are hiring an experienced Cybersecurity Threat Detection Engineer for a contract-to-hire role based in Hyderabad. The ideal candidate will have 6+ years of hands-on experience in threat detection, incident response, and SIEM platforms such as Splunk, QRadar, or Azure Sentinel. The role focuses on developing high-fidelity detection content, integrating diverse log sources, and enhancing cloud and on-premise threat visibility. Strong knowledge of MITRE ATT&CK, adversary TTPs, and scripting for playbook automation is essential. The position is full-time onsite with a cab facility provided.

About us As a Fortune 50 company with more than 400,000 team members worldwide, Target is one of the worlds most recognized brands and one of Americas leading retailers. Target as a tech companyAbsolutely. We are the behind-the-scenes powerhouse that fuels Targets passion and commitment to cutting-edge innovation. We anchor every facet of one of the worlds best-loved retailers with a strong technology framework that relies on the latest tools and technologiesand the brightest peopleto deliver incredible value to guests online and in stores. Behind the brand our guests love, is a culture of continual innovation and right now, we are up to big things. The Cyber Fusion Centre is the heart of Targets security team and a place where innovation happens daily. Interested in a culture that combines invention and creative freedom, ongoing learning, engineering excellence, and stellar outcomesWe are, too thats why we work here. Join our team to take new enterprise security solutions from concept to release, collaborating with both software & security engineers to innovate on helping defend Targets network using cutting-edge technologies.We are seeking a Senior Threat Detection Engineer to join our world class cybersecurity-cyber defence team. The ideal candidate will be responsible for designing, implementing, and optimizing threat detection mechanisms to protect the organization from advanced cyber threats.About The Role/Key Responsibilities: Threat Detection Development : Design and implement detection rules, signatures, and analytics to identify malicious activities in real-time. Develop use cases and correlation rules in SIEM and other detection platforms. Create automated processes to improve detection efficiency and reduce response times. Security Monitoring & Optimization : Continuously monitor and tune rules to reduce false positives by improving rule fidelity and ensuring actionable alerts. Stay updated with emerging threat landscapes to enhance detection capabilities. Incident Support : Collaborate with Incident Response (IR) and Threat Hunting teams to provide context and insights during investigations. Participate in post-incident reviews to refine detection strategies based on lessons learned. Collaboration & Reporting : Work with Cyber Threat Intelligence (CTI) teams to integrate threat intelligence into detection mechanisms. Document and present detection engineering activities, findings, and recommendations to stakeholders. About You/Qualifications: Bachelors degree in Cybersecurity, Computer Science, or related field (or equivalent experience). 4+ years of experience in threat detection, incident response or related roles. Demonstrates a deep subject matter expertise with threat detection, response, and mitigation Capable of identifying detection opportunities sourced from threat data Exhibits an understanding of concepts such as Pyramid of Pain, MITRE ATT&CK, and other organizing frameworks Hands-on experience with security tools such as SIEM (Splunk, ElasticSearch, Zeek, SIGMA, Suricata and YARA technologies) Host based detection experience leveraging Sysmon, CrowdStrike Falcon, etc. Cloud based detection within GCP and AWS Proficiency in scripting and automation (Python, PowerShell, etc.) Deep knowledge of network protocols, operating systems, and attack techniques. Excellent problem-solving and communication skills. Stays current with new technologies via formal training and self-directed education Why Join Us Be part of a forward-thinking world class cybersecurity team. Opportunities for professional growth and continuous learning. Useful Links- Life at Target- https://india.target.com/ Benefits- https://india.target.com/life-at-target/workplace/benefits Culture- https://india.target.com/life-at-target/diversity-and-inclusion

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- SOC Operations:Lead and manage day-to-day operations of the SOC, including Tier 13 security analysts.Oversee security monitoring, threat detection, incident response, and threat intelligence activities.Ensure continuous tuning and enhancement of SIEM and EDR tools.Create and maintain incident response playbooks and workflows.Collaborate with infrastructure and application teams during security events.Security Governance, Risk & Compliance:Develop and enforce cybersecurity policies, standards, and procedures aligned with business objectives and regulatory requirements.Coordinate risk assessments, audits, and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA).Lead security awareness and training initiatives across the organization.Track and report on cybersecurity risks, mitigation plans, and audit findings.Partner with legal, audit, and compliance teams to ensure alignment with industry and legal frameworks.Strategic Leadership:Provide executive-level reporting on threat posture, key risks, and SOC performance.Guide long-term planning and roadmap development for security operations and governance initiatives.Mentor and develop SOC staff and GRC team members.Stay current with industry trends, threat landscape changes, and evolving compliance standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.-Reccomend use case fine tuning-Regularly review use cases and suggest enhancements. -Run internal Table top exercises to help train the team-Maintain IR quality as per industry standards Additional Information:- The candidate should have minimum 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Job Description : • Proactively hunt for advanced threats within the network and systems using various tools and techniques • Use both Attack Based Hunting and Data Based Hunting to identify and analyze potential threats • Stay up to date with the emerging threats and the tactics, techniques, and procedures (TTPs) used by threat actors • Use various data transformation techniques to facilitate effective hunting • Dissect and simulate attacks that would help in conceptualizing and executing the hunts • Contribute to the hunting knowledge management i.e., document details about the hunting expeditions, common behaviors, explained anomalies, friendly intelligence, etc. • Collaborate within/outside the team regarding the identified anomalies and develop and implement tactics for the detection and prevention of incidents • Create and maintain custom threat-hunting queries, scripts, and dashboards • Assist in converting successful hunting techniques into automated detection to the extent feasible • Evaluate the hunting evidence sources and identify improvement areas when needed • Perform host-based and network-based analysis to support investigations and incident response • Document, report, and present critical information about the investigation/procedures performed • Actively participate in the establishment of policies and procedures, training of personnel, and maintenance of analysis and hunting toolset • Provide recommendations for improving security posture based on threat-hunting insights • Contribute to and/or participate in Cyber Maturity Assessment activities like purple team exercises, table-top exercises, etc. • Share knowledge and ideas with other team members Minimum Criteria : • Bachelor's Degree in Information Systems, Computer Science, or related field or equivalent or an equivalent number of years of experience • 5+ years of experience in Threat Hunting • The successful applicant must possess one or more current, applicable professional/technical certifications, such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Security Compliance Specialist (CSCS), Certified Information Privacy Professional (CIPP), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor (CIA), GPEN, GWAPT, SANS GCFA/GCFE/GSEC/GCIA/GCIH/GREM/GNFA, EnCE, CHFI, CEH, ECIH • Knowledge of Cyber Security management practices, network, and application vulnerability assessments, change control, business continuity planning, data privacy, and risk assessment practices • Proficiency with log aggregators/SIEM platforms and search query languages • Proficiency with general analysis tools like awk, sed, PowerShell, grep, sort, uniq, Python, Excel • Experience with network packets/traffic analysis using tools like Wireshark, tcpdump, Zeek, tshark, SiLK, etc. • Proficiency with EnCase or any other forensic tool such as FTK, X-Ways, etc. • Experience hunting threats using SIEM and other detection platforms • Proficiency with Windows and *nix OS platforms • Experience in Incident Investigation and reporting relevant facts • Experience in memory analysis using tools like Volatility, Rekall, etc. • Experience using platforms/distributions like SIFT, Remnux, FLARE, etc. • Offensive security and scripting skills are a plus • Knowledge of TCP/IP communications and how common protocols (SMTP, HTTP, POP3, IMAP, etc.) and applications work at the network • Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly

We are seeking dynamic candidate for the role of Security Engineer, proficient in Triage and respond to security incidents and alert,knowledge in cybersecurity principles,threat detection and incident response.Comfortable with 2:30 PM-11:30 PM(SHIFT) Required Candidate profile Security certifications such as CISSP, CISM, CEH. Previous experience in security automation, scripting and working in a SOC or security operations environment and cloud security best practices.

Job Description: As a Senior Security Analyst/Engineer, you will be responsible for supporting the security operations of our organization by assisting in the monitoring, detection, and response to security incidents. This role offers a blend of security analysis and engineering tasks. This position offers a progression from foundational knowledge to more advanced responsibilities, allowing you to contribute significantly to the organization's cybersecurity efforts. Key Responsibilities: Security monitoring and analysis You assist in monitoring security events and alerts from various sources such as SIEM, IDS/IPS, antivirus systems, and endpoint detection platforms You conduct initial analysis of security events to determine their nature and potential impact on the organization You collaborate with senior analysts to investigate and respond to security incidents, including malware infections, phishing attempts, and unauthorized access attempts. Incident response You contribute to incident response activities by providing technical assistance during security incidents, including containment, eradication, and recovery efforts You document incident response procedures, develop post-incident reports, and conduct lessons learned sessions to improve incident handling capabilities You implement proactive measures to enhance incident detection and response capabilities, such as developing playbooks for common attack scenarios. Vulnerability management You support the vulnerability management process by assisting in vulnerability scanning, assessment, and remediation efforts You help prioritize and track the resolution of identified vulnerabilities in systems and applications You collaborate with system owners and IT teams to ensure timely patching and mitigation of identified vulnerabilities, leveraging automation and orchestration where possible You conduct security assessments and penetration tests to identify weaknesses in systems, applications, and network infrastructure. Security tool You assist in the administration and configuration of security tools and technologies, such as firewalls, intrusion detection/prevention systems, and endpoint security solutions You participate in the evaluation and testing of new security technologies to enhance the organization's security posture You optimize the configuration and tuning of security tools and technologies to improve detection accuracy, reduce false positives, and enhance overall effectiveness You evaluate emerging security technologies and solutions, recommending and implementing enhancements to the security toolset based on industry best practices and organizational requirements. Security awareness and training You support security awareness and training initiatives by assisting in the development of educational materials and delivering security awareness briefings to staff. Qualifications and Skills: Bachelor's degree ( Bachelors of Engineering / Bachelor of Technology) in Information Technology , Computer Science, Information Security, or related field 8-12 years of experience in a cybersecurity role with progressively increasing responsibilities Strong understanding of cybersecurity principles, threat landscape, and attack methodologies Proficiency in security tools and technologies such as SIEM, EDR, IDS/IPS, firewalls, and vulnerability scanners Excellent analytical, problem-solving, and decision-making skills Effective communication and stakeholder management abilities Certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), or equivalent are a plus. Experience Demonstrated experience in conducting security analysis, incident response, and vulnerability management in a complex environment Hands-on experience with security tool optimization, security assessments, and penetration testing Proven track record of incident response efforts and effectively managing security incidents from detection to resolution. Career development This role offers a valuable opportunity for career growth and development in the field of cybersecurity. As you gain experience and proficiency, you will have the opportunity to progress into more specialized roles such as Senior Security Analyst, Incident Responder, or Security Engineer. Continued learning and professional certifications will be encouraged to enhance your skills and knowledge in the cybersecurity domain #Hybrid- 4 Days WFO & 1 Day WFH (5 Days)

What You'll Do The SOC Analyst will play a key role in detecting, investigating, and responding to cyber threats across Avalara's products, services, and enterprise infrastructure. You'll work with top-tier tools and teams to monitor and analyze security incidents, support threat hunting, and drive investigations to resolution. This role is vital to incident response efforts and must remain active even during crisis events. You will report to Sr. Manager, Threat Detection and Response. This is a remote position. What Your Responsibilities Will Be Responsible for working in a 24x7 Security Operations Center (SOC) environment. This position is A-Shift (India Night) and is a member of an on-call rotation. You will respond to, contain, eradicate, and develop intelligence from all forms of security incidents. You will provide analysis and trending of security log data from multiple heterogeneous security devices. You will provide Incident Response (IR) support when analysis confirms applicable incident. You will provide threat and vulnerability analysis and security advisory services. You will analyse and respond to previously undisclosed software and hardware vulnerabilities. Leverage AI to tune/automate redundant tasks. What You'll Need to be Successful Qualifications Bachelor's degree in a related field. 3+ years of experience in security event analysis, incident response, or SIEM engineering. Knowledge of various security methodologies, processes, and technical security solutions (firewall and intrusion detection systems). Knowledge of TCP/IP Protocols, network analysis, and network/security applications. Knowledge of common Internet protocols and applications. Familiarity using SIEM and other log aggregation and correlation tools.

We are hiring an experienced Cybersecurity Threat Detection Engineer for a contract-to-hire role based in Hyderabad. The ideal candidate will have 6+ years of hands-on experience in threat detection, incident response, and SIEM platforms such as Splunk, QRadar, or Azure Sentinel. The role focuses on developing high-fidelity detection content, integrating diverse log sources, and enhancing cloud and on-premise threat visibility. Strong knowledge of MITRE ATT&CK, adversary TTPs, and scripting for playbook automation is essential. The position is full-time onsite with a cab facility provided.

Role & responsibilities The Cyberwatcher is responsible for: Maintain expert knowledge of Advanced Persistent Threat (APT) Tools, Techniques and Procedures(TTPs), forensics and incident response best practices. Use threat intelligence and threat models to build threat scenarios. Prepare and conduct threat-hunting campaigns to check threat scenarios. Research, analyze and correlate a wide range of data sets from any source. Proactive and iterative research into systems and networks to detect advanced threats. Reporting risk analysis and threat findings to the relevant stakeholders. Identify and provide automated alerts for emerging and historically unknown threats. Co-operate with multiple teams within operations, intelligence and engineering to continuouslyimprove security checks and detection performance. Participate PTXs (purple team exercises) by monitoring new detection capabilities. Manage reports, dashboards, metrics for CyberSOC KPIs and presentation to senior management &other stakeholders. Work closely with key stakeholders in technology, application, and cybersecurity to develop targeted use cases addressing specific advanced persistent threat (APT) behaviors.

Microsoft Sentinel (Azure SIEM) expertise Skilled in cybersecurity, incident analysis & KQL Strong in log monitoring & escalation handling Good knowledge of SIEM/SOAR tools Excellent troubleshooting skills Send resume: mohanrajk@desicrew.in Required Candidate profile 7+ yrs in Cybersecurity/SOC Expert in MS Sentinel (Azure SIEM) Strong in KQL, log monitoring, incident handling Skilled in SIEM/SOAR tools & integrations Good in escalation mgmt & communication

Job Description Business Justification / Exec Summary: The Security Transition and Integration Team is seeking a Threat Implementation Engineer to support Cybersecurity Release & Deployment (new deployments of Security Systems in support of high-profile projects) and Lifecycle Management Refresh initiatives (Upgrading Hardware and Software to mitigate End-of-Life equipment or Non-Permitted Technologies). Position Summary/ Job Description: The Threat Implementation Engineer candidate will support all technical and strategic initiatives. Responsibilities will be to ensure technical planning and logistics occur to achieve targeted schedules and annual commitment to refresh and build requirements are met, while incurring zero impact to the network. The Individual must possess the ability to analyze and understand a variety of existing and evolving business requirements, interface with technology engagement teams and provide best in class Threat solutions that align to meet business and technology requirements. Candidate will be a strong engineering minded individual with polished collaboration, written, and oral communication skills. Must have a proven track record interacting with various levels of management, clients, and technical team members in delivering technical Threat and Cybersecurity solutions. This highly dynamic position will require the ability to manage multiple technical project engagements requiring the candidate to be a team player who can also work independently to manage multiple deadlines, priorities and a diverse set of applications and requirements. Responsibilities Adheres to work effort and project close-out practices such as database updates, asset tracking, inventory systems, records retention, and the related systems, tools, and process updates. Works with Design Engineering in a knowledge sharing" capacity in support of adoption of the new technology, systems or process changes. Identify opportunities to improve service delivery and objectively measure the effects of these efforts over time. Works with Security Architecture and Engineering in a knowledge sharing” capacity in support of adoption of the new technology, systems or process changes. Identify opportunities to improve service delivery and objectively measure the effects of these efforts over time. Understanding of the Bank’s Network Infrastructure and associated Risk Management practices are highly recommended to remain successful. Knowledge of DMZ Networking and Cisco Routing/Switching is a plus. Requirements 5+ years of security experience with Threat solutions. In depth engineering experience in Threat solutions, including the design, low level engineering, and delivery of new hardware systems for client applications. Experience building/operating/deploying various Threat platforms including SkyHigh Secure Web Gateway, F5 SSLO, Trellix FireEye. Strong attention to detail and ability to follow an existing refined process, while also seeking continual improvements. Assess and advise of solutions to improve processes. Strong analytical, problem solving, and organizational skills required. Proven ability to effectively collaborate with others, make decisions to initiate action, and adapt to change. Ability to work nights and weekends as required to support change activity Preferred candidate profile B.S. degree in Business Management, Computer Science, or equivalent preferred Knowledge of DMZ Networking and Cisco Routing/Switching is a plus. Security and networking professional certifications highly preferred; ISC2 (CISSP) Bank experience highly recommended. Programming skills a plus: sh, Perl, Python, Golang, C, C++. Administrator level ability with UNIX (Linux or another variant) is highly desirable. Analytical Thinking Application Development Automation Production Support Risk Management Adaptability Business Acumen DevOps Practices Solution Delivery Process Solution Design Role & responsibilities

Project Role : Technology Platform Engineer Project Role Description : Creates production and non-production cloud environments using the proper software tools such as a platform for a project or product. Deploys the automation pipeline and automates environment creation and configuration. Must have skills : Email Security Good to have skills : Microsoft 365 Security & ComplianceMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Technology Platform Engineer, you will be responsible for creating production and non-production cloud environments using the proper software tools. Your role involves deploying the automation pipeline and automating environment creation and configuration. Roles & Responsibilities:-Deploy and manage Proofpoint Email Security solutions to protect against phishing, malware, and other email threats.-Assist in configuring security policies tailored to individual user needs.-Configure recipient verification processes to ensure the authenticity of email communications.-Manage whitelisting and blacklisting of domains, IP addresses, and email addresses to strengthen security.-Develop and modify security rules based on service requests to address specific threats.-Analyze and refine quarantine policies to enhance threat detection and email filtering.-Diagnose and resolve inbound/outbound email delays and routing issues for seamless communication.-Categorize emails for whitelisting and blacklisting to maintain a secure email environment.-Continuously monitor and analyze email traffic to detect and mitigate potential threats.-Collaborate with Registration, DNS, and M365 teams to integrate new or acquired domains into the existing setup.-Configure external email banners and manage exceptions for vendors/partners.-Expertise in creating and modifying Regular Expressions based on security requirements.-Understand URL rewriting scenarios and manage exceptions as needed.-Hands-on experience in diagnosing and resolving URL isolation issues.-Define and implement email security policies to ensure compliance and protect sensitive data.-Conduct training sessions to educate employees on email security best practices and risk mitigation.-Experience in managing security awareness training platforms and initiate related training and take initiative to train users via email or assigning new training on ongoing threats.-Work closely with relevant teams to integrate email security measures with broader security strategies.-Generate reports on security incidents, trends, and the effectiveness of implemented measures.-Stay updated on emerging email security threats and recommend improvements to strengthen the security posture.-Deep understanding of SPF, DKIM, DMARC, and hands-on expertise with EFD to enhance domain security against phishing and malware threats.- Hands on Experience in TAP, TRAP, CTR, PhishAlarm, Email DLP- Experience in Proofpoint IMD for the protection from Phish, Malware, Spam etc. Professional & Technical Skills: - Must To Have Skills: Proficiency in Email Security.- Good To Have Skills: Experience with Microsoft 365 Security & Compliance.- Strong understanding of cloud security principles.- Knowledge of email security protocols and encryption methods.- Experience in configuring and managing email security solutions.- Ability to analyze and respond to email security incidents. Additional Information:- The candidate should have a minimum of 3 years of experience in Email Security.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

As a Technical Support Professional, you will: Provide in-depth remote technical support for IBM Z Security products on z/OS. Serve as the primary IBM contact for customer issues, driving resolution and ensuring satisfaction. Collaborate with development teams to resolve defects and improve product serviceability. Expand your expertise across the zSecure portfolio and related technologies. Analyze complex technical issues and drive root cause analysis to ensure long-term resolution and product improvement. You will work closely with clients, field support, and business partners worldwide, helping resolve complex issues and contributing to continuous improvement of our products. You’ll also have the opportunity to influence product direction through your insights from customer interactions. Required education Bachelor's Degree Required technical and professional expertise 8+ years of experience working on IBM z/OS mainframe, with deep understanding of system internals and operational environments. Ability to lead technical resolution efforts in high-pressure, business-critical situations. Experience working effectively in virtual, cross-functional teams, demonstrating strong collaboration and ownership Excellent communication skills – capable of translating complex. technical issues into clear explanations for both technical and non-technical audiences, and of understanding and refining customer requirements. Calm, organized, and self-directed, especially when working under pressure or with limited oversight. Preferred technical and professional experience 5+ years of experience with RACF. 5+ years of systems programming experience. 5+ years of SMP/E experience. Proficiency with TSO/ISPF and REXX. Prior experience in a technical support or customer-facing role, with a strong focus on troubleshooting and issue resolution. Familiarity with IBM zSecure, IBM Z Security and Compliance Center, or Threat Detection for z/OS is a plus.

Role Overview: The SOC L1 Analyst serves as the first line of defence in an organization's cybersecurity team. This role involves continuous monitoring of security alerts, performing initial investigations, and escalating incidents as needed. Key Responsibilities 1. Monitor and analyse security alerts from SIEM and other security tools 2. Perform triage of incoming alerts to determine severity and urgency 3. Identify potential threats such as malware, phishing, or unauthorized access 4. Escalate confirmed incidents to L2/L3 analysts for deeper investigation 5. Document incidents and maintain detailed logs and reports 6. Assist in threat intelligence gathering and correlation Required Skills & Qualifications 7. Basic understanding of cybersecurity principles and threat landscapes 8. Familiarity with SIEM platforms (e.g., Splunk, QRadar, ArcSight) 9. Knowledge of networking fundamentals (TCP/IP, DNS, firewalls) 10. Strong analytical and problem-solving skills 11. Excellent written and verbal communication 12. Ability to work in a fast-paced, high-pressure environment 13. Ability to analyse logs and correlate events across multiple systems 14. Bachelors degree in computer science, Information Security, or related field (or equivalent experience) 15. Certifications like CEH, or equivalent are a plus. Candidates who are interested may send their resumes to twinkle.b@camsonline.com

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Senior Security Operations Analyst We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you’ll do: Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities Perform proactive threat hunting to identify and mitigate advanced threats Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership Continuously improve SOC processes and playbooks to streamline operations and response efforts Mentor junior SOC analysts and provide guidance on security best practices This role requires participation in a rotational shift Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed What you’ll bring: Strong analytical and problem-solving abilities Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams Proven ability to remain calm and efficient under a high-pressure environment Proficient in using SIEM tools, such as Microsoft Sentinel Experience with data migration strategies across SIEM platforms Experience on Cloud Security Operations and Incident Response platforms such as Wiz In-depth understanding of cyber threats, vulnerabilities, and attack vectors Proficient in creating KQL queries and custom alerts within Microsoft Sentinel Expertise in developing SIEM use cases and detection rules Skilled in incident response and management procedures Experienced in conducting deep-dive investigations and root cause analysis for incidents Adept at collaborating with stakeholders to resolve complex cybersecurity challenges Ability to automate routine SOC processes to enhance operational efficiency Experienced in mentoring and guiding junior analysts in security operations Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: Excellent interpersonal (self-motivational, organizational, personal project management) skills Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System Ability to analyze cyber threats to develop actionable intelligence Skill in using data visualization tools to convey complex security information Academic Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks Experience with SIEM migration Expertise in incident response, threat detection, and security monitoring Solid understanding of Windows, Linux, and cloud security concepts Relevant certifications (e.g., CompTIA Security+, Microsoft CertifiedSecurity Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred Preferred Security Cloud CertificationsAWS Security Specialty Perks & Benefits ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com