54 Threat Detection Jobs - Page 3

Role & responsibilities Implement cybersecurity best practices across networks, applications, and cloud environments. Lead and maintain ISO/IEC 27001 standards, ensuring compliance with NIST, CIS Controls, and industry regulations. Conducting risk assessments, gap analyses, and defining security controls, policies, and procedures. Plan and conduct internal ISO 27001 audits, identify non-conformities, and recommend corrective actions. Assist in external audits and manage risk mitigation efforts to enhance security posture. Updated knowledge on cybersecurity threats and frameworks (NIST, CIS, GDPR). Perform vulnerability assessments, conduct penetration tests, and establish log analysis and threat detection capability. Maintain technical documentation (policies, risk registers, and audit reports) and develop security training materials. Integrate security into the development lifecycle. Conduct code reviews, threat modeling, and secure software assessments. Work closely with Western clients, ensuring clear communication on security requirements. Provide security advisory and consultation to clients and stakeholders. Translate complex cybersecurity concepts into business-friendly language Conduct employee training sessions on information security policies, procedures, and best practices. Promote a culture of security awareness and ensure employees understand their roles in maintaining compliance. Foster a collaborative and security-conscious culture within the team. Recruit, train, and retain top cybersecurity talent. Drive initiatives for continuous improvement and innovation in security practices. Manage the internal and external client relationships Preferred candidate profile Threat detection, Incident response, and Risk management Knowledge of SIEM tools like Wazuh/ Splunk/ SentinalOne/ AlienVault OSSIM (Now known as AT&T Cyber Security) Implementation of ISO 27001 Knowledge of NIST, CIS, GDPR, SOC 2, PCI-DSS frameworks. AWS, Azure, GCP, IDS/IPS, vulnerability scanners, GRC tools Problem-solving, Analytical, and decision-making. Documentation capabilities Team management, client handling, and cross-functional collaboration. Perks and benefits

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Governance Good to have skills : Security Architecture Design Minimum 15 year(s) of experience is required Educational Qualification : BTECH Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of the cloud security controls and transitioning to cloud security-managed operations. Roles & Responsibilities: Lead the development and implementation of cloud security frameworks and architectures, ensuring alignment with business requirements and performance goals. Collaborate with cross-functional teams to define and implement cloud security controls, including access management, data protection, and threat detection and response. Document the implementation of cloud security controls and transition to cloud security-managed operations. Stay updated with the latest advancements in cloud security and integrate innovative approaches for sustained competitive advantage. Professional & Technical Skills: Must To Have Skills:Strong experience in Security Governance. Good To Have Skills:Security Architecture Design. Solid understanding of cloud security frameworks and architectures. Experience in defining and implementing cloud security controls, including access management, data protection, and threat detection and response. Experience in documenting the implementation of cloud security controls and transitioning to cloud security-managed operations. Strong knowledge of cloud security technologies and tools, including cloud access security brokers (CASBs), cloud security posture management (CSPM), and cloud workload protection platforms (CWPPs). Additional Information: The candidate should have a minimum of 15 years of experience in Security Governance. The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with a proven track record of delivering impactful security solutions. This position is based at our Bengaluru office. Qualifications BTECH

About The Role : Position: SOC L1 Analyst (Cyber Threat Detection, Investigation and Response) Location: Bangalore (Sarjapur), Noida (GNDC), or Hyderabad (Manikonda Village) Shift: 24*7 Rotational Job Summary: The SOC L1 Analyst is a highly skilled cybersecurity professional responsible for identifying, investigating, and responding to complex security incidents and threats within the organization's IT environment. This role involves in analysis of security alerts, incident triage andworks closely with other members of the Security Operations Center (SOC) team, collaborating to enhance the organization's overall security posture. Responsibilities: Analyze and respond to complex security incidents, including advanced persistent threats, malware infections, suspicious or malicious activity and data breaches. Investigate and implement incident response plans and procedures to contain, mitigate, and eradicate security threats promptly. Working experience/ hands-on experience required on (security technologies we have) SIEM/ Next Gen SIEM, SOAR/Automation, XDR, EDR, Cloud Security (AWS, GCP, MS etc.), CSPM, CASB/MDCA/MCAS, NDR, ITDR, IDS/IPS, SPAM/Phishing Investigation, MS Exchange ATP, Service-Now, etc. Collaborate with cross-functional teams, including network engineers, system administrators, and application developers, to implement security best practices and remediate identified vulnerabilities. Conduct advanced threat-hunting activities to proactively identify security threats and vulnerabilities within the organization's network and systems. Awareness of NIST, MITRE & Attack framework, and its implementation in the operations. Document security incidents, including their timelines, findings, and remediation actions taken, in accordance with established procedures and regulatory requirements. Develop and maintain detailed documentation of incident response procedures, playbooks, and lessons learned. Stay up to date on the latest cybersecurity trends, threats, and vulnerabilities through continuous learning and professional development activities. Conduct quality reviews and internal audits for the governance of operations. Provide mentorship and guidance to junior analysts, assisting in their skill development and knowledge enhancement. Contribute to continuously improving SOC processes, technologies, and methodologies. Must be able to create dashboards, and reports based on the customer requirements on both- ServiceNow and SIEM platforms. #LI-AD3

Deeply experienced in Threat Intelligence & Threat Hunting, with a focus on Cloud/SaaS threats. Strong understanding of phishing, cloud-native threats, and adversary TTPs targeting identity and email security. Data-driven mindset, with experience analyzing large datasets using SQL, PySpark, and other query-based analysis tools. Skilled at bridging threat intelligence with engineering teams, ensuring insights translate into effective security controls. Comfortable working in agile, cross-functional teams, driving threat research into practical security improvements. Proven ability to present complex technical concepts to both technical and non-technical audiences. Results-driven, highly collaborative, self-motivated, and adaptable in fast-paced environments. What you will do Threat Hunting & Threat Intelligence Perform threat hunting and investigative research in Cloud/SaaS environments, focusing on email security, phishing, and account takeovers. Identify MFA bypass techniques, phishing infrastructure, and cloud-native attack methods targeting enterprise SaaS environments. Fuse internal telemetry, OSINT, and third-party intelligence sources to uncover and disrupt evolving threat actor campaigns. Develop threat models and attack hypotheses to identify new cloud-focused attack vectors. Conduct incident triage and investigative support for escalated incidents, providing internal teams with expertise on threat actors tools, techniques, and procedures (TTPs). Detection Engineering Collaborate with R&D and Engineering teams to translate threat intelligence into scalable detections and mitigations. Design and refine cloud threat detection logic, hunting queries, and behavioral analytics to identify attacker activity. Analyze phishing toolkits, adversary infrastructure, and cloud-native attack methodologies to enhance proactive defenses. Work with product security teams to improve email security and identity protection mechanisms in Cloud/SaaS platforms. Security Research Track and analyze threat actor groups, phishing campaigns, and cloud-based attack methodologies. Provide technical intelligence briefings to R&D and Engineering teams to inform security product improvements. Partner with internal stakeholders to evaluate emerging threats and recommend security enhancements for SaaS environments. Must Haves Deep Expertise: 5+ years in cyber threat intelligence, threat hunting, or security research. 3+ years of experience in threat hunting and threat research within cloud ecosystems. Expertise in cloud security, SaaS-based attacks, and email security threats (ATO, BEC, phishing, MFA bypass, etc.). Strong data analysis skills with experience using SQL, PySpark, or other query languages to investigate large-scale threats. Deep understanding of MITRE ATT&CK, phishing tactics, and adversary infrastructure analysis. Hands-on experience with email security platforms, cloud threat analytics, and security automation Collaborative Mindset: Ability to work cross-functionally with other departments such as R&D, Engineering, and Operations to achieve comprehensive cybersecurity coverage. Nice to Have Security certifications (GCTI, GCFA, CISSP, or similar). Experience in security engineering, cloud-native security, or advanced detection development. Background in threat modeling, adversary emulation, or attacker TTP analysis. Experience working in high-scale SaaS environments, analyzing large security datasets.