243 Threat Detection Jobs - Page 2

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure that security architecture aligns with business objectives and regulatory requirements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat detection methodologies.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, while also addressing any emerging security challenges that may arise during the implementation process. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development of security policies and procedures to enhance the overall security posture.- Evaluate and recommend security technologies and tools to improve cloud security measures.- Communication:Strong verbal and written communication skills, with the ability to present complex security concepts to non-technical stakeholders. Professional & Technical Skills: - Incident Response:Lead and manage security incident response efforts, including investigation, containment, and remediation of security incidents.- Threat Detection:Utilize advanced security tools and techniques to detect and analyze potential threats, ensuring timely identification and mitigation.- Security Operations:Oversee the daily operations of the Security Operations Center (SOC), ensuring efficient monitoring and response to security alerts.- Playbook Development:Collaborate with the SOAR team to develop and refine playbooks for incident enrichment, integration, and testing.- Reporting:Prepare and present weekly, fortnightly, and monthly SOC reports to leadership, highlighting key metrics and incident trends.- Knowledge Transfer:Provide training and knowledge transfer to new team members, ensuring they are equipped to handle day-to-day monitoring and alert analysis.- Stakeholder Collaboration:Work closely with stakeholders to resolve escalated incidents and improve security protocols.- Continuous Improvement:Identify areas for improvement within security operations and implement strategies to enhance overall security posture.- Technical Skills: Proficiency in using security tools such as SIEM, EDR, and SOAR platforms. Experience with Google SecOps is highly desirable.- Certifications:Relevant certifications such as GCIH, or GCIA are preferred. Additional Information:- The candidate should have Minimum of 5 years of experience in security operations, incident response, and threat detection.- This position is based at our Bengaluru office.- Bachelor's/ Masters degree in Computer Science, Information Security, or a related field. Qualification 15 years full time education

As MSS head you will be leading a team of experts for providing Managed Security Services for Telcom Service providers. The Managed security services shall include Security Operation Centre, Vulnerability assessment and penetration testing, Risk assessment, Base Line Hardening, Governance Risk and Compliance. You have: 15+years of experience, in Cyber Security on driving Managed Security Operations / Information Security Programs for Organizations, preferably in Telecom space Expertise in the areas of Security Monitoring & Response, Threat detection, hunting, Intelligence feeds, Advisory, Cyber Forensics investigations, SOAR (Security Orchestration Automation and Response), EDR, MDR and XDR endpoint security technologiesExpertise in Threat Modelling techniques, Threat frameworks, Development of attack use cases and implementation. Knowledge on functioning of SIEM Solution (Splunk / ELK), Parser creation Knowledge on tool-based Automation of processes for GRC, MBSS, SOC Good understanding of Vulnerability Management and Penetration testing activities, Red teaming, Implementation of Minimum Base line Security hardening controls. Understanding of Security governance and compliance within the Telecom industry, licensing conditions, Managing governance, risk, and compliance initiatives. Conduct of IS and Compliance audits, Risk assessments and Risk Mitigation Excellent governance ability to handle large security operations, effective follow ups and closure management with stakeholders for VA, Security Advisory, Incidence Management to ensure effective risk mitigation Ability to communicate effectively at the senior level, must have outstanding communication skills to influence others and meet timelines while building positive relationships both internally and externally Mentoring the team, interacting with them and to support them in their professional growth, and identifying and recognizing talents. Ability to handle key interfaces for this role like Customer CISO, Network Security Head and team, CTO, 3rd Party Subcontractors / Partners. Conduct of effective Program Governance with customer and internally A bachelor's degree in engineering in computer science, Communication Theory, information technology, or a related field. An MBA, MS / M tech is preferable. It would be if you also had: Any two of the recognized industry security certifications listed below: CISSP, CISA, CISM, CRISC, GCIH, GCFA, Any other GIAC Certification, ISO/IEC 27001 Act as trusted advisor to customer on Cyber Security issues and supporting customer so that newly - acquired technologies by customer complies with the Cyber security regulations Sound knowledge of information security management frameworks ISO 27001, NIST, CSA (Cloud Security). Knowledge on 3GPP, ITU-T desirable. Excellent knowledge of Operational processes. Knowledge and understanding of relevant legal and regulatory requirements e.g. Country specific telecom security conditions, CII (Critical Information Infrastructure) regulations etc Knowledge about Govt agencies at National Level dealing with Cyber Security. Excellent leadership abilities proved through managing a large Security Operations role earlier / other comparable position. Results-oriented. Able to work independently and take a logical and orderly approach to analyze problems, coordinating work and planning actions. Ability to drive team engagements in a tough and time-critical environment Knowledge on the Telcom technologies (2G, 4G, 5G, Fixed Line) key functions and associated security features desirable Education Qualifications Delivering MSS KPIs and deliverables as per defined contract. Ensure delivery of Project within defined budget for targeted margins in project Prime interface of customer for all MSS related deliverables, issues, and requirements Interface with customer for routine governance and escalation Support new business initiatives from MSS perspective Formulate and drive revenue and margin maximization initiatives Ensure customer satisfaction

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to ensure effectiveness and compliance.- Collaborate with cross-functional teams to integrate security practices into the cloud architecture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat detection methodologies.- Knowledge of regulatory requirements related to cloud security. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Network Security Operations Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in strategic discussions to enhance security protocols and contribute to the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Conduct regular assessments of security frameworks to identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Security Operations.- Strong understanding of cloud security principles and frameworks.- Experience with security compliance standards such as ISO 27001 and NIST.- Familiarity with security tools and technologies for threat detection and response.- Ability to design and implement security architectures for cloud environments. Additional Information:- The candidate should have minimum 12 years of experience in Network Security Operations.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide guidance on implementing effective security measures across the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular assessments of security architecture to identify areas for improvement.- Facilitate training sessions for team members on security best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Knowledge of compliance standards such as ISO 27001, NIST, and GDPR.- Familiarity with security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 5 years of experience in Security Architecture Design.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities:- Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities)- Collaborate and manage the team to perform- Responsible for decisions on team management, financial, project transitions- Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop and implement security operations strategies, processes, architecture standards and guidelines- Conduct security reviews and manage internal/external audits- Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management.- Strong understanding of threat intelligence analysis- Knowledge of security compliance frameworks- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at Bengaluru office.- 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Threat Detection Development:Develop, implement, and fine-tune SIEM detection rules and alerts to identify potential security threats, anomalies, and policy violations. MITRE ATT&CK Framework Utilization:Leverage the MITRE ATT&CK framework to develop and enhance detection strategies, ensuring comprehensive coverage of adversary tactics and techniques. Advanced Threat Model Design and Implementation:Develop, implement, and fine-tune sophisticated threat models that address existing and new, emerging threats by leveraging complex data correlations and threat intelligence that go beyond basic signature-based detections. Incident Analysis and Response:Collaborate with the incident response team to analyze security alerts, investigate incidents, and provide insights to enhance detection capabilities and response strategies. SIEM Configuration and Management:Design, configure, and manage SIEM systems to ensure comprehensive monitoring and logging of security events across the organization. Use Case Development:Create and implement security use cases that align with the MITRE ATT&CK framework, enhancing the organization's ability to detect and respond to advanced threats. Integration and Optimization:Integrate SIEM solutions with other security tools and data sources, continuously optimizing performance and accuracy to reduce false positives and enhance detection efficacy. SOC KPI Metrics Development:Develop and monitor key performance indicators (KPIs) for the Security Operations Center (SOC) to measure the effectiveness and efficiency of security operations, incident response times, and detection accuracy. SOC Consultations:Collaborate with SOC analysts and other cybersecurity stakeholders to provide expert consultations and recommendations on improving detection strategies, response processes, and overall SOC performance. Threat Intelligence Collaboration:Work closely with threat intelligence teams to incorporate the latest threat information into SIEM detection strategies, ensuring proactive identification of emerging threats. Detection Gap Analysis:Conduct regular gap analyses to identify and address deficiencies in current detection capabilities, using the MITRE ATT&CK framework to prioritize improvements. Documentation and Reporting:Maintain detailed documentation of SIEM configurations, detection rules, and incident analyses to support compliance requirements and knowledge sharing. Continuous Improvement:Stay updated with the latest developments in cybersecurity threats and SIEM technologies, applying new insights to improve detection strategies and systems. Training and Mentorship:Provide training and mentorship to junior team members on the use of SIEM technologies and the application of the MITRE ATT&CK framework for threat detection. Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM) Strong understanding of threat intelligence analysis Experience with security incident response Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 5 years of experience in Security Information and Event Management (SIEM) This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Job Summary As a Cyber Security Specialist you will play a critical role in safeguarding our organizations digital assets. With a focus on Cyber Threat Intelligence Services you will work to identify and mitigate potential threats. Your expertise in Cyber Security and Cloud along with experience in CrowdStrike will be essential in ensuring the security of our systems. This hybrid role offers the flexibility of working both remotely and on-site during day shifts. Responsibilities Lead the development and implementation of advanced cyber threat intelligence strategies to protect organizational assets. Oversee the monitoring and analysis of security threats using CrowdStrike and other advanced tools. Provide expert guidance on cloud security best practices to ensure data integrity and confidentiality. Collaborate with cross-functional teams to design and implement robust security architectures. Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements. Develop and maintain incident response plans to effectively manage and mitigate security breaches. Coordinate with external partners and stakeholders to enhance threat intelligence capabilities. Implement security policies and procedures to comply with industry standards and regulations. Analyze security incidents and provide detailed reports to senior management. Train and mentor junior security team members to build a strong security culture within the organization. Stay updated with the latest cyber security trends and technologies to proactively address emerging threats. Support the integration of security solutions into existing IT infrastructure to enhance overall protection. Drive continuous improvement initiatives to optimize security operations and reduce risk exposure. Qualifications Possess a deep understanding of cyber threat intelligence services and their application in a corporate environment. Demonstrate proficiency in using CrowdStrike for threat detection and response. Exhibit strong knowledge of cloud security principles and practices. Have a proven track record of conducting security assessments and audits. Show experience in developing and implementing incident response plans. Display excellent communication skills for effective collaboration with cross-functional teams. Hold a relevant degree in Cyber Security Information Technology or a related field. Certifications Required Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP)

Develop, implement, maintain security to protect an organization's (& customers) digital assets & data Security Design & Implementation Create & implement security policy, protocol & measure Monitor systems for threats & perform forensic analysis Required Candidate profile Security supports the organization's long-term goals Plan capacity, disaster recovery & business continuity Documentation Troubleshoot Network Training Expertise in cloud infra solution KVM, OpenStack

Job Description Technical Skills Firewall Configuration & Management (Cisco ASA, Palo Alto, Fortinet, Checkpoint) Intrusion Detection & Prevention Systems (IDPS) Access Control Lists (ACLs) VPN Setup & Management SIEM Integration (Splunk, QRadar, etc.) Network Segmentation & Monitoring Log Analysis & Threat Detection Security Auditing & Compliance (ISO 27001, NIST) Vulnerability Assessment & Penetration Testing Cloud Firewall Security (AWS, Azure) Soft Skills Problem-solving & analytical thinking Collaboration with cross-functional teams Incident response & crisis management Documentation & reporting Grey route testing, new brands identification, market intelligence analysis Process creation, streamlining it along with documentation

You should have at least 5 years of experience in Cybersecurity and EDR Solutions to be considered for this role. As the ideal candidate, your responsibilities will include leading the installation, configuration, and policy deployments of SentinelOne in enterprise environments. You will be in charge of administering and maintaining the SentinelOne console and endpoint agents, as well as performing advanced troubleshooting and root cause analysis of endpoint issues. Proactive threat hunting and incident investigation using SentinelOne will also be part of your duties. Moreover, you will collaborate closely with clients and internal teams to optimize and tune solutions, integrate SentinelOne with SIEM/SOAR platforms for enhanced threat visibility, and maintain detailed documentation of configurations, procedures, and best practices. To qualify for this position, you must possess strong hands-on experience with SentinelOne in both administration and implementation. You should have expertise in L3 troubleshooting, incident response, and threat containment, along with an understanding of threat detection, forensic investigation, and EDR reporting. While certifications like SentinelOne Certified Admin/Engineer are preferred, they are not mandatory. If you meet these requirements and are ready to take on the challenge, please submit your application or send your CV to Piyush.s@protechmanize.com / 8879773419.,

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard information and assets. Professional & Technical Skills: - Must To Have Skills: Proficiency in Accenture MxDR Ops Security Threat Analysis.- Strong understanding of threat detection and incident response.- Experience with security information and event management tools.- Knowledge of network security protocols and best practices.- Familiarity with compliance standards and regulations related to cybersecurity. Additional Information:- The candidate should have minimum 2 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Design, implement & manage enterprise InfoSec solutions. Handle IAM lifecycle, SSO/MFA, access certifications, threat detection, SIEM, security automation, compliance (SOX, GDPR). Support audits & incident response. Required Candidate profile 4–7 yrs in InfoSec/IAM. Expertise in IAM platforms, SSO/MFA, SIEM, scripting, compliance. Strong coding in Python/Java/Go. Certifications like CISSP, CISM, or Security+ preferred. Cloud IAM exposure

Job Summary/Objective: We are seeking an experienced Microsoft XDR and Sentinel Expert to join our cybersecurity team. The ideal candidate will be responsible for the design, deployment, tuning, and day-to-day operations of Microsoft Sentinel (SIEM/SOAR) and the Microsoft Defender suite (XDR components). This includes Defender for Endpoint, Identity, Office 365, Cloud Apps, and Azure. The role will play a key part in detecting, investigating, and responding to security threats across our cloud and on-premises environments using the Microsoft security ecosystem. Qualifications: BE/B-tech In IT or MCA or equivalent Requirements & Skills: Proven hands-on experience with Microsoft Sentinel and Microsoft Defender for Endpoint Implementation. Strong proficiency in Kusto Query Language (KQL) . Experience with PowerShell and Logic Apps for automation. Deep understanding of SIEM/SOAR, EDR, XDR concepts, and cybersecurity frameworks. Familiarity with Microsoft 365 Defender, Azure Security Center, and related Microsoft security tools. Strong troubleshooting, analytical, and communication skills. Familiarity with MITRE ATT&CK & NIST framework. Certifications: CISSP/CISM/ISO 27001/20000 or any other IT Security Certification Azure Cloud /Office365 (optional)/ SC-200/ SC-100/ AZ-500 Experience: Minimum 5 Years’ Experience in IT security, SOC design & Operations. Personal attributes: Excellent communication skills, both verbal and written. Training & Presentation Skill Effectively articulate ideas, convey information Establishing rapport, actively listening to customer needs and concerns, and demonstrate empathy Address customer inquiries or issues promptly and professionally Clear and concise communication is essential for understanding requirements & expectations Work Environment : Posting at Faridabad /Greater Noida, General Shift May have to travel Chennai, Overseas Roles and Responsibilities Main Tasks: Endpoint detection and response (EDR) (Detecting security threats, Containing the threat at the endpoint, Investigating the threat, Remediating the threat before it spreads) User and entity behavior analytics (UEBA), Cyber threat hunting, Threat intelligence Cybersecurity, Threats detections. Application Penetration Testing, Public-Private Cloud Security Organize Security Trainings/Awareness Programs SOC Monthly Reports preparation & Presentation to Senior Management Dealing with Customers for IT security issues Provide Consultancy to the Customers Configure and manage Microsoft Defender for Endpoint (MDE) across Windows, macOS, and mobile endpoints. Integrate Defender with Microsoft 365 Defender and Sentinel for end-to-end visibility. Design and enforce endpoint protection policies, EDR settings, and attack surface reduction rules. Implement, and manage Microsoft Sentinel (SIEM/SOAR). Develop and tune analytic rules, workbooks, playbooks (Logic Apps), and hunting queries using KQL Integrate data connectors from various Microsoft and third-party sources (e.g., Azure, M365, security appliances) Lead the development of automation workflows to streamline alert handling and response. Act as the go-to expert for SOC teams, helping with incident triage and threat investigation. Provide expert guidance in security operations, threat detection, and response processes. Conduct knowledge transfer sessions and develop internal documentation. Custom parser creation for unsupported devices. Custom SOAR Playbook creation, Integration with REST APIs. Handle critical or escalated incident & provide guidance to Team. Other Tasks: Identify potential risks or issues before they escalate Embrace change, adapt quickly to shifting IT Security needs or conditions. Proactively seek new opportunities for improvements and Adjust IT Security strategies accordingly Stay updated on industry trends to implement relevant Security solutions Pay attention to details to ensure project requirements and deliverables are met accurately Review project documentation, monitor progress Work closely with diverse teams, stakeholders, and clients.

As an Engineering Manager Security Operations, your primary responsibility will be to define and lead the charter for infrastructure security, endpoint security, and security operations. This includes overseeing incident detection and response processes. You will be tasked with building and managing a high-performing team of security engineers who specialize in defensive operations and platform resilience. Additionally, you will be required to develop and uphold incident response plans, detection strategies, and escalation protocols. Collaboration with platform, SRE, and IT teams is essential as you work towards implementing secure configurations and controls across cloud and endpoint environments. Leading incident triage, forensic investigations, root cause analysis, and postmortem processes will also be part of your role. It will be crucial to enhance visibility into the environment through security tooling, logging, and telemetry while driving metrics-based reporting for operational excellence, incident trends, and risk posture. To qualify for this position, you must hold a Bachelor's degree in Computer Science, Engineering, or a related field (Masters preferred) and possess at least 8 years of experience in software engineering, infrastructure, or security-focused roles. Demonstrated leadership in infrastructure security, incident response, or security operations is a must. A strong understanding of cloud security (preferably AWS), endpoint hardening, and threat detection technologies such as SIEM and EDR is required. You should also showcase the ability to perform effectively in ambiguous environments with tight timelines, along with exceptional communication skills to articulate technical risks to non-technical stakeholders. Strong collaboration and stakeholder management skills are essential for this role. It would be beneficial to have exposure to product security and vulnerability management processes, familiarity with regulatory frameworks like SOC 2, ISO 27001, and PCI DSS, experience in fintech or high-growth startup environments, and knowledge of modern DevSecOps tools and practices.,

The Global Security Operations organization is looking for a Mid to Senior/expert level Cyber Threat Intelligence Analyst to join the Threat Intelligence (TI) team. As a Cyber Threat Intelligence Analyst, you will be a key member of the team that supports the Chief Information Security Officers (CISOs) organization by providing Cyber Threat Intelligence (CTI) to security operation teams. Your role will involve leading cyber risk reduction efforts by identifying emerging Cyber Threats facing Northern Trust and Northern Trust technologies. Your responsibilities will include acting as a Technical Liaison between CTI and Global Threat Management (GTM) to lead cyber exposure/risk assessment activities from emerging threats. You will enable Threat Hunting operations by identifying technical indicators (such as IOCs) and Techniques, Tactics, and Procedures (TTPs) from emerging threat activity. Additionally, you will identify high and critical Vulnerabilities being exploited by Cyber Criminals and Nation State groups to support the Vulnerability Management (VM) teams prioritization efforts. Your role will also involve leading Intelligence-Driven Risk Identification and Risk Reduction Efforts across the organization. To excel in this role, you should maintain knowledge of changing technologies, attack methods, and the emerging threat landscape. You will be responsible for producing and delivering operational written and oral threat intelligence briefings tailored to the business interests of non-technical and technical stakeholders across the organization. Furthermore, you will track intelligence gaps and support Requests for Information (RFIs) efforts across the organization to fill identified intelligence gaps. In terms of qualifications, you should have a BA/BS in Computer Science or equivalent practical experience. Experience in cybersecurity consulting and/or cybersecurity operations, including Vulnerability Management, Incident Response, Threat Hunting, and Cyber Threat Intelligence, is required. Extensive knowledge of the MITRE ATT&CK framework and the ability to apply the framework to support threat detection and reduction efforts are essential. Detailed knowledge of global cyber threats, threat actors, and the tactics, techniques, and procedures used by cyber adversaries, particularly those targeting the financial services sector, is crucial. Additionally, experience in large-scale information technology implementations and operations is preferred. Industry certifications such as the GIAC Cyber Threat Intelligence (GCTI) certification would be beneficial but not mandatory. Demonstrated ability to produce concise, refined, written threat intelligence assessments and briefings, as well as experience tailoring oral threat intelligence briefings to non-technical and technical leaders across the organization, are required. You should be a proactive communicator and team-player with a proven ability to independently identify, analyze, and share relationships and technical, geopolitical, business, and financial implications between persisting and emerging cyber threats and threat vectors.,

You are a proactive and detail-oriented Cyber Security Analyst with a minimum of 1 year of hands-on experience in cybersecurity tools and operations. Your primary responsibility will be to protect enterprise systems and networks, focusing on endpoint protection, proxy management, and threat analysis. Essential experience with McAfee, Netskope, and Zscaler is required. You will be tasked with monitoring, investigating, and responding to security incidents and alerts across the organization's infrastructure. Administering and maintaining McAfee endpoint security tools to ensure up-to-date threat definitions will be crucial. Additionally, managing web proxy solutions including Zscaler and Netskope, analyzing logs, and enforcing policy-based controls will be part of your routine. Identifying and analyzing potential threats using SIEM tools and escalating as necessary will be essential. Collaboration with internal IT teams and external vendors to effectively resolve security issues is expected. Performing vulnerability assessments, supporting compliance initiatives, and maintaining detailed documentation of configurations, policies, and incident reports are also part of your responsibilities. Moreover, supporting audits and implementing remediation plans based on security findings will be required. You should possess a Bachelor's degree in Computer Science, Information Technology, or a related field along with a minimum of 1 year of experience in the cyber security or information security domain. Hands-on experience with McAfee Endpoint Security suite, Zscaler, and Netskope Cloud Security Platform is necessary. A good understanding of firewall rules, threat detection, malware analysis, and data loss prevention (DLP) is crucial. Familiarity with security incident management processes and tools like SIEM (e.g., Splunk, QRadar), strong analytical and problem-solving skills, as well as excellent communication and documentation skills are highly valued. This is a full-time, permanent position located in Navi Mumbai, Maharashtra, and requires in-person work. The benefits include internet reimbursement and a performance bonus. Fluency in English is required. Application Question(s): Do you have experience in domains like McAfee, Netskope, and Zscaler in Proxy ,

We are looking for an Engineer adept in C/C++/Java, with a foundational knowledge of Android and security frameworks, who can make contributions to the work products that will be used in the latest devices in the mobile and automotive ecosystem. You should have good problem-solving skills, be able to provide innovative and creative solutions to challenges, think out-of-the-box, and be agile. This is an opportunity to learn and grow quickly in a rapidly expanding team with the world leader in the domain, impacting a billion devices. As part of a dynamic team, you will work on developing robust software for the latest devices in the mobile ecosystem. Your responsibilities will include designing, developing, and maintaining software applications while collaborating with various teams to deliver quality products. You will design, implement, and maintain security solutions while ensuring compliance with industry regulations and best practices. The ideal candidate should have knowledge of C/C++ and Java, debugging, profiling, and development environments, penetration testing, threat detection, security assessment, working knowledge of Android and its environments, working knowledge of Linux and Linux Kernel, awareness of multimedia codecs like H.264, MPEG-2, VP9, and AAC, software processes, configuration management, test planning and execution, strong problem-solving skills, attention to detail, and experience with version control systems (e.g., Git). In addition to technical skills, soft skills such as being go-getting, independent, and open to exploring creative avenues are essential for success in this role. Experience in Engineer Software Development, Application Development, Product Development, and knowledge of Software Security is an added advantage. The candidate should have 2-5 years of experience and hold a BE/BTech/MTech Degree in computer science/electronics and communications with a minimum of 7.5 CGPA. If you have an unending passion for technology, the drive to learn and excel, and great team spirit, we welcome you to drop in your resume at talent@ittiam.com. Location: Bengaluru, Karnataka.,

As the Director, TSG Information Security, Cyber Threat Management at Bain's Cyber Security Department, your primary mission is to safeguard the organization's digital assets and integrity by defining and implementing effective security strategies. You will play a crucial role in aligning security measures with the organizational strategy, leading the development and implementation of security controls that meet regulatory requirements and best practices. Your responsibilities include organizing and managing a team, focusing on both defensive and offensive security strategies to support the company's overall business objectives. You will oversee the monitoring and detection of cybersecurity events, leading efforts to identify and analyze sophisticated security threats such as malware, APTs, and targeted attacks. Collaborating with cross-functional teams, you will enable the use of advanced security tools and technologies to enhance the organization's security posture. Additionally, you will be responsible for incident response management, including the evolution of security runbooks, automation technologies, and forensic investigations to enhance security measures. Your role will involve establishing a threat intelligence capability, leveraging various sources to drive awareness and improve the organization's defensive posture. You will collaborate with intelligence and incident response teams to analyze security incidents and develop methodologies to enhance threat intelligence capabilities. Furthermore, you will work on vulnerability management, proactive security testing, and enhancing security posture through penetration testing and risk assessment. Your expertise will be crucial in driving efficiencies in Cyber Threat Management responses, reducing overall risk, and improving the organization's security standards. Additionally, you will play a key role in professional development and innovation, staying informed about emerging trends and technologies in cybersecurity and driving collaboration across the organization to address security concerns. To excel in this role, you should possess a Bachelor's degree in a related field, along with 10-15 years of relevant experience in Information Security technologies. Strong knowledge of security monitoring, incident detection, response tools, and security controls frameworks is essential. You should have experience working in a global company, deploying systems or applications, and solving complex cybersecurity problems. Excellent communication skills, analytical mindset, and the ability to work independently and collaboratively are also key requirements for this position. Overall, as the Director, TSG Information Security, Cyber Threat Management, you will lead the organization in enhancing its security posture, driving innovation, and ensuring the protection of digital assets in line with industry standards and best practices.,

Enterprise Security Engineer (P3) Location: Bangalore, India Who We Are: Aviatrix is the cloud network security company trusted by more than 500 of the worlds leading enterprises. As cloud infrastructures become more complex and costly, the Aviatrix Cloud Network Security platform gives companies back the power, control, security, and simplicity they need to modernize their cloud strategies. Aviatrix is the only secure networking solution built specifically for the cloud, that ensures companies are ready for AI and whats next. Combined with the Aviatrix Certified Engineer (ACE) Program, the industrys leading secure multicloud networking certification, Aviatrix unifies cloud, networking, and security teams and unlocks greater potential across any cloud. About the Role: This mid-to-senior-level role is critical for enhancing the security posture of our enterprise systems and ensuring a robust defense against evolving threats. As a key team member, you will drive security initiatives, collaborate with our Detection and Response team, and address complex challenges in a fast-paced, innovative environment. This position requires a self-starter with a strong foundation in enterprise and cloud security, coupled with a track record of learning and adapting to emerging security trends. Responsibilities: Cloud & Infrastructure Security: Architect, deploy, and maintain security measures across Aviatrixs multi-cloud environments (AWS, Azure, GCP), including infrastructure hardening, configuration reviews, and continuous monitoring. Application & AI Security Review: Conduct security assessments of business-critical applications and AI/ML deploymentsperform threat modeling, secure code reviews, dependency scanning, and penetration tests to identify and remediate vulnerabilities. Platform & Tool Management: Design, configure, and manage core security platforms (SSO, IAM, MDM, SIEM, EDR/NDR, email security) to enforce policies consistently across both applications and infrastructure. Network Defense & Threat Detection: Evaluate, integrate, and optimize network security technologies (firewalls, IDS/IPS, VPNs) to strengthen protections against ransomware, DDoS, insider threats, and data leakage. Incident Response & SOC Partnership: Collaborate with the SOC to triage, investigate, and remediate incidents affecting applications or infrastructure, driving rapid response and post-incident learning. Security Automation & Enablement: Develop automation workflows using Python and AWS Lambda to support security operations, incident response, and compliance tasks. Phishing Defense & User Education: Design and execute phishing simulation campaigns, analyze results, and lead user education initiatives to improve security awareness across the organization. Requirements: Demonstrated experience conducting in-depth cloud infrastructure security reviewsassessing configurations, network architectures, and control implementations to identify and remediate risks. Hands-on experience architecting and securing cloud applications deployed in AWS, with familiarity in other CSPs such as Azure and OCI, and knowledge of each platforms native security services and best practices. Strong background in application and AI security: threat modeling, secure code reviews, dependency scanning, and penetration testing of business-critical applications. Solid understanding of network defense and threat detection technologies (firewalls, IDS/IPS, VPNs) and proven track record mitigating ransomware, DDoS, insider threats, and data loss. Experience with infrastructure-as-code (Terraform, CloudFormation) and CI/CD pipelines to drive automated, secure deployments. Proficiency in Python and experience building security automation using AWS Lambda. Experience designing and managing phishing simulations and leading user security awareness programs. Experience partnering with SOC teams on incident response, investigation workflows, and post-incident lessons learned. Excellent communicator and mentor, capable of sharing best practices, coaching junior engineers, and driving cross-functional security awareness. Relevant certifications are highly desirable, such as CISSP, CISM, CCSP, AWS Certified Security Specialty, Azure Security Engineer Associate, or equivalent. Show more Show less

Who We Are Applied Materials is a global leader in materials engineering solutions used to produce virtually every new chip and advanced display in the world. We design, build and service cutting-edge equipment that helps our customers manufacture display and semiconductor chips - the brains of devices we use every day. As the foundation of the global electronics industry, Applied enables the exciting technologies that literally connect our world - like AI and IoT. If you want to push the boundaries of materials science and engineering to create next generation technology, join us to deliver material innovation that changes the world. What We Offer Location: Bangalore,IND You'll benefit from a supportive work culture that encourages you to learn, develop, and grow your career as you take on challenges and drive innovative solutions for our customers. We empower our team to push the boundaries of what is possible-while learning every day in a supportive leading global company. Visit our Careers website to learn more. At Applied Materials, we care about the health and wellbeing of our employees. We're committed to providing programs and support that encourage personal and professional growth and care for you at work, at home, or wherever you may go. Learn more about our . Position Summary: We are seeking a seasoned and strategic Senior Security Leader to head our regional Information Security and Risk Management (ISRM) team in our Bangalore office. This individual will be responsible for overseeing regional security operations, managing and mentoring a high-performing team, and ensuring alignment with global cybersecurity objectives. The ideal candidate will bring deep technical expertise, strong leadership capabilities, and a passion for developing talent in a dynamic, fast-paced environment. Key Responsibilities: Lead day-to-day security operations in the India region, ensuring effective execution of security programs, incident response, threat detection, and vulnerability management. Manage and grow a team of security professionals across various domains (SOC, GRC, IAM, etc.). Provide coaching, mentorship, training, and career development for junior and mid-level staff. Act as the senior ISRM delegate in the region, translating strategic objectives into actionable plans. Drive execution of global cybersecurity initiatives locally. Collaborate with global security leaders, IT, engineering, and business stakeholders to ensure alignment and support. Ensure adherence to internal policies, regulatory requirements, and industry standards (e.g., ISO 27001, NIST, GDPR). Support audits and risk assessments. Lead or support major incident investigations and post-mortems. Coordinate with global teams to ensure timely and effective resolution. Identify opportunities to enhance security posture, streamline operations, and adopt innovative technologies or practices. Drive ongoing enhancements to security processes, tools, and strategies to adapt to the dynamic, fast-paced environment and evolving threat landscape. Ensure security requirements are integrated into business continuity and disaster recovery plans. Continuously validate organizational compliance within country laws, regulations, and internal policies Lead security training and awareness programs locally Collaborate with Indian government agencies to understand and adhere to local security and regulatory requirements. Represent Applied Materials in industry and security forums. Act as a representative of Applied Materials in recruiting both experienced professionals and new college graduates. Qualifications: 10+ years of experience in cybersecurity, with at least 5 years in a leadership role. Proven experience managing security operations and leading technical teams. Strong understanding of enterprise security architecture, threat landscape, and risk management. Excellent communication and stakeholder management skills. Experience working in a global, matrixed organization. Empathetic leader with a passion for mentoring and team development. Strategic thinker with a hands-on approach to problem-solving. Comfortable navigating ambiguity and driving clarity in complex environments. Familiarity with cloud security, DevSecOps, and modern security tooling. Relevant certifications (e.g., CISSP, CISM, CISA, SANS GIAC) preferred. Additional Information Time Type: Full time Employee Type: Assignee / Regular Travel: Yes, 25% of the Time Relocation Eligible: Yes Applied Materials is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, national origin, citizenship, ancestry, religion, creed, sex, sexual orientation, gender identity, age, disability, veteran or military status, or any other basis prohibited by law.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less