115 Threat Detection Jobs - Page 3

Job Summary As a Cyber Security Specialist you will play a critical role in safeguarding our organizations digital assets. With a focus on Cyber Threat Intelligence Services you will work to identify and mitigate potential threats. Your expertise in Cyber Security and Cloud along with experience in CrowdStrike will be essential in ensuring the security of our systems. This hybrid role offers the flexibility of working both remotely and on-site during day shifts. Responsibilities Lead the development and implementation of advanced cyber threat intelligence strategies to protect organizational assets. Oversee the monitoring and analysis of security threats using CrowdStrike and other advanced tools. Provide expert guidance on cloud security best practices to ensure data integrity and confidentiality. Collaborate with cross-functional teams to design and implement robust security architectures. Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements. Develop and maintain incident response plans to effectively manage and mitigate security breaches. Coordinate with external partners and stakeholders to enhance threat intelligence capabilities. Implement security policies and procedures to comply with industry standards and regulations. Analyze security incidents and provide detailed reports to senior management. Train and mentor junior security team members to build a strong security culture within the organization. Stay updated with the latest cyber security trends and technologies to proactively address emerging threats. Support the integration of security solutions into existing IT infrastructure to enhance overall protection. Drive continuous improvement initiatives to optimize security operations and reduce risk exposure. Qualifications Possess a deep understanding of cyber threat intelligence services and their application in a corporate environment. Demonstrate proficiency in using CrowdStrike for threat detection and response. Exhibit strong knowledge of cloud security principles and practices. Have a proven track record of conducting security assessments and audits. Show experience in developing and implementing incident response plans. Display excellent communication skills for effective collaboration with cross-functional teams. Hold a relevant degree in Cyber Security Information Technology or a related field. Certifications Required Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP)

Job Summary As an Infra. Architect you will be responsible for designing and implementing robust infrastructure solutions using Microsoft technologies. You will collaborate with cross-functional teams to ensure seamless integration and security of systems. Your expertise in Microsoft Purview Microsoft Defender Suite and Azure AD Identity Protection will be crucial in enhancing the companys infrastructure capabilities. Responsibilities Design and implement infrastructure solutions leveraging Microsoft technologies to meet business needs. Collaborate with cross-functional teams to ensure seamless integration of systems and applications. Provide expertise in Microsoft Purview to enhance data governance and compliance across the organization. Utilize Microsoft Defender Suite to strengthen the security posture of the companys infrastructure. Implement Azure AD Identity Protection to safeguard user identities and access management. Configure Always on VPN to ensure secure remote access for employees. Deploy App Locker to control application execution and enhance endpoint security. Utilize Microsoft Defender ATP to detect investigate and respond to advanced threats. Manage Microsoft Entra ID to streamline identity and access management processes. Enhance Microsoft 365 Security to protect organizational data and communications. Oversee the hybrid work model implementation ensuring seamless connectivity and security. Provide technical guidance and support to IT teams to resolve complex infrastructure issues. Contribute to the continuous improvement of infrastructure processes and practices. Qualifications Possess a deep understanding of Microsoft Purview and its application in data governance. Demonstrate expertise in Microsoft Defender Suite for comprehensive security management. Have experience with Azure AD Identity Protection to enhance identity security. Be proficient in configuring Always on VPN for secure remote access. Show capability in deploying App Locker for application control. Be skilled in using Microsoft Defender ATP for threat detection and response. Have knowledge of Microsoft Entra ID for effective identity management. Certifications Required Microsoft Certified: Azure Solutions Architect Expert Microsoft Certified: Security Compliance and Identity Fundamentals

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the architecture aligns with organizational objectives, while also addressing any emerging security challenges in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate and recommend new security technologies and tools to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and best practices.- Experience with threat detection and incident response methodologies.- Familiarity with security frameworks such as NIST, ISO 27001, and CIS.- Ability to analyze security incidents and develop effective remediation strategies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Platform engineering lead you will design, implement, and manage Microsoft Sentinel security solutions including analytics rules and automation workflows. Collaborate across teams to align threat detection and response with compliance, while ensuring integration with Microsoft and third-party security tools. Roles & Responsibilities:-Design and implement Microsoft Sentinel solutions including workspace configuration, data ingestion, and role-based access control.-Develop and tune analytics rules, workbooks, and hunting queries using KQL (Kusto Query Language).-Integrate various log sources (Azure, Microsoft 365, on-premise systems, third-party security tools) using built-in and custom connectors.-Create custom workbooks and dashboards for security visibility, KPIs, and executive reporting.-Build and maintain automation workflows using Logic Apps for incident enrichment, notification, and response.-Collaborate with SOC teams, cloud architects, and compliance teams to align monitoring with threat models and regulatory requirements.-Participate in incident response by investigating and analyzing alerts and security events within Sentinel.-Ensure integration with Microsoft Defender Suite (MDE, MDI, MDC, O365) and third-party SIEM/SOAR tools as needed.-Provide documentation, knowledge transfer, and ongoing Sentinel tuning and support. Professional & Technical Skills: - Must Have Skills: Proficiency in Microsoft Azure Security, including Microsoft sentinel, Microsoft Defender XDR and KQL and have a good understanding of Microsoft Defender solution platform for MDE, MDI, XDR, MDA and MDO. Must have capability to develop sentinel bases solutions with KQL queries.- Good to have Skills: Google SecOps MxDR solution.- Strong understanding of cloud security principles and best practices.- Experience with security tools and technologies on Microsoft Azure. Multi-Cloud experience will be additional.- Knowledge of security frameworks like MITRE.- Ability to analyze and develop use cases L3 perspective as well as developing effective response strategies. Additional Information:- The candidate should have minimum 5 years of experience in Microsoft Azure Security suite.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure that security architecture aligns with business objectives and regulatory requirements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat detection methodologies.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Cyber Threat Intelligence Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure alignment of security architecture with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cyber Threat Intelligence.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with threat modeling and risk assessment methodologies.- Knowledge of security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 3 years of experience in Cyber Threat Intelligence.- This position is based at our Coimbatore office.- A 15 years full time education is required. Qualification 15 years full time education

Position : SIEM Engineer (Splunk Administrator--Cyber Security Domain) Working Time : 06:00 PM to 03:00 AM IST(US EST Time zone) Working Mode: Work From Home/Remote Office Address : Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081 Experience Level: 5 to 10 Years Responsibilities: Architect, deploy, and maintain Splunk for SIEM use cases including log ingestion, data normalization, and incident correlation. Manage and optimize Microsoft Defender for Endpoint, Identity, Cloud, Office 365, and other Defender tools to maximize protection and visibility. Develop custom queries, detection rules, workbooks, and automation playbooks to improve threat detection and response efficiency. Lead the design and implementation of security monitoring, including data connectors, analytics rules, and incident automation. Collaborate with threat analysts and incident response teams to triage, investigate, and respond to security alerts and incidents. Provide technical guidance in security best practices, incident response procedures, and threat hunting using Microsoft security tools. Continuously assess the security landscape and recommend improvements to policies, tools, and configurations. In addition to strong technical acumen, the ideal candidate will bring excellent communication and client-facing skills to collaborate directly with customers, understand their security needs, and deliver tailored solutions that align with their risk posture and compliance requirements. Outcomes: Integration & Optimization: Integrate and optimize Splunk to improve visibility and automate threat detection workflows Threat Detection: Utilize Splunk AI-powered analytics to dashboard reports and automate critical reporting functions Automation & Playbook Development: Develop automated detection and response playbooks based on Microsoft data feeds, streamlining incident management and reducing time to resolution. Collaboration & Knowledge Sharing: Work closely with other security and IT teams to share threat intelligence, optimize SIEM use, and contribute to security strategy development. Reporting & Documentation: Develop and maintain dashboards, reports, and documentation related to Microsoft Sentinel deployment, performance, and incident metrics. Continuous Improvement: Continuously evaluate Microsoft Sentinel capabilities and other relevant security tools to recommend improvements and refine detection capabilities. Required Qualifications: 4+ years of SIEM experience in Splunk Hands-on experience with other SIEM platforms (Splunk) and integrating them with endpoint security tools. Strong understanding of cybersecurity principles, threat detection, and SIEM management. Proficiency in scripting and automation (Python, PowerShell, etc.). Experience with cloud security (AWS, Azure, GCP) and cloud-native SIEM solutions is a plus. Bachelors degree in Computer Science, Information Security, or a related field (or equivalent experience) Preferred Qualifications: 5+ years of experience in cybersecurity in a SOC or security engineering capacity. Proven hands-on expertise with Microsoft Sentinel and Microsoft Defender suite. Deep knowledge of Splunk Query Language (SPL) and building custom analytics rules and workbooks in Splunk. Strong experience in customer-facing roles. Experience with incident response, threat detection, and threat hunting techniques. Strong understanding of cloud security, especially in Azure environments. Familiarity with MITRE ATT&CK, NIST, and other security frameworks. Experience integrating Splunk with third-party solutions (e.g., threat intel feeds, ticketing systems). Key Skills: Technical Skills: Microsoft Security platform, SIEM tools, security automation, machine learning for cybersecurity, network security. Analytical Skills: Strong ability to analyze large datasets and correlate logs/events. Communication Skills: Excellent verbal and written communication skills for collaborating with cross-functional teams and providing clear reporting. Problem-Solving: Strong troubleshooting skills with the ability to resolve complex security issues quickly and effectively.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- SOC Operations:Lead and manage day-to-day operations of the SOC, including Tier 13 security analysts.Oversee security monitoring, threat detection, incident response, and threat intelligence activities.Ensure continuous tuning and enhancement of SIEM and EDR tools.Create and maintain incident response playbooks and workflows.Collaborate with infrastructure and application teams during security events.Security Governance, Risk & Compliance:Develop and enforce cybersecurity policies, standards, and procedures aligned with business objectives and regulatory requirements.Coordinate risk assessments, audits, and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA).Lead security awareness and training initiatives across the organization.Track and report on cybersecurity risks, mitigation plans, and audit findings.Partner with legal, audit, and compliance teams to ensure alignment with industry and legal frameworks.Strategic Leadership:Provide executive-level reporting on threat posture, key risks, and SOC performance.Guide long-term planning and roadmap development for security operations and governance initiatives.Mentor and develop SOC staff and GRC team members.Stay current with industry trends, threat landscape changes, and evolving compliance standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.-Reccomend use case fine tuning-Regularly review use cases and suggest enhancements. -Run internal Table top exercises to help train the team-Maintain IR quality as per industry standards Additional Information:- The candidate should have minimum 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

company name=Apptad Technologies Pvt Ltd., industry=Employment Firms/Recruitment Services Firms, experience=8 to 12 , jd= This role focuses on various functions including SOC onboarding incident response vulnerability remediation and security technology enhancements You will be responsible for managing and improving our security infrastructure monitoring threat events coordinating incident response tracking vulnerability remediation efforts and ensuring that security technologies are continuously assessed improved and implemented Primary Secondary Responsibilities SOC Security Operations Center Extended Support SOC Onboarding Extended Support Support the onboarding of new systems tools and environments into the SOC to ensure they are properly monitored for security incidents and events Assist with integrating security tools and providing training for SOC analysts SOC Incident Response Extended Support Provide extended support for incident response activities including the detection investigation and mitigation of security incidents Collaborate with internal teams and external partners to resolve security issues efficiently and effectively Vulnerability Remediation Tracking and Reporting Extended Support Track and report on vulnerability remediation efforts across the organization Ensure vulnerabilities are identified assessed and remediated in a timely manner Provide regular status reports to leadership on vulnerability management and risk reduction Security Technology Enhancements Assessment and Improvements Conduct assessments of existing security technologies tools and processes Identify areas for improvement and work with teams to implement enhancements to strengthen the organizations overall security posture AI and Automation in Cybersecurity Explore and implement AI and automation solutions to improve threat detection response efficiency and security operations Drive initiatives to automate repetitive tasks improve accuracy and reduce timetoresponse for security incidents New Security Technology Implementation Assist with the evaluation testing and implementation of new security technologies to enhance the organizations security capabilities Ensure that new technologies are aligned with the organizations security goals and can be effectively integrated into the existing environment , Title=Security Analyst, ref=6566372

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Network Security Implementation Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous monitoring and improvement of security protocols to safeguard the organization's information and infrastructure effectively. Roles & Responsibilities:- Expected to be an SME in design and implementation of Network security using multiple products.- Develop and execute robust security protocols to prevent security breaches.- Facilitate cross-departmental collaboration to ensure cohesive security policies across the organization- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Conduct regular assessments of security measures to identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Security Operations and proven experience on Palo Alto and Cisco firewalls, Palo Alto Prisma Access, Cisco ISE- Good to have Skills: Network Load balancers preferably F5-BigIP, WAF- Strong understanding of cloud security principles and frameworks.- Experience with security incident response and management.- Knowledge of compliance standards and regulations related to cloud security.- Familiarity with security tools and technologies for threat detection and prevention. Additional Information:- The candidate should have minimum 10 years of continuous experience in Network Security Operations.- This position is based at our Bengaluru office.- 15 years full time education is required.- Willing to work in US Shift timings and WFH policy adherence. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a Lead EDR Engineer with expertise in Microsoft Defender for Endpoint (MDE) to lead its implementation, administration, and incident response. As the MDE expert, you will manage enterprise-wide deployment, optimize configurations, guide incident response efforts, and drive endpoint security strategy in collaboration with cross-functional teams. You will lead EDR strategy design, mentor security teams, and drive defense against advanced threats using MITRE ATT&CK-aligned frameworks. Roles & Responsibilities:-Lead deployment and configuration of Microsoft Defender for Endpoint across all supported platforms.-Customize and manage endpoint security policies, attack surface reduction rules, and threat protection settings.-Monitor security alerts and endpoint telemetry to detect and analyze threats.-Conduct investigations using Microsoft 365 Defender and advanced hunting (KQL) capabilities.-Respond to incidents by initiating remediation actions (e.g., isolate endpoints, remove malware, collect forensic data/Artifacts).-Collaborate with the SOC to provide timely incident resolution and root cause analysis.-Tune detection rules and policies to reduce false positives and enhance protection.-Maintain up-to-date documentation, playbooks, and response procedures.-Provide recommendations to improve the organizations endpoint security posture.-Mentor junior analysts and engineers on best practices for MDE and incident response workflows.-Provide executive-level reporting on threat trends, incident metrics, and risk posture.-Perform gap analysis on endpoint security to identify and address areas of improvement.-Build and maintain SOAR playbooks to auto-contain threats (e.g., isolate devices, revoke tokens).-Stay current on emerging threats and align defense strategies with frameworks like MITRE ATT&CK. Professional & Technical Skills: -68+ years of experience in MDE/EDR implementations and security operations.-Strong background in SOAR automation (Microsoft Logic Apps).-Deep technical knowledge of endpoint protection, threat detection, and incident response workflows.-Proficiency in Microsoft security stack:M365 Defender, Intune, Azure AD, and Sentinel. -Strong command of KQL for custom detections and threat hunting.-Experience with scripting (PowerShell), automation, and EDR tooling integrations is a plus.-Experience with Halcyon and CrowdStrike EDR is a plus and considered an added advantage.- Prefered Certifications SC-200:Microsoft Security Operations Analyst,SC-100:Microsoft Cybersecurity Architect,AZ-500:Microsoft Azure Security Technologies,MITRE ATT&CK Defender (MAD) certs,CISSP, CEH, or equivalent industry certifications Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As the SOC L3 Analyst you will lead the technical handling of critical security incidents. Youll be responsible for deep-dive analysis, root cause investigation, forensics, and containment using tools such as CrowdStrike, Sumo Logic SIEM, and SOAR. You will be responsible for onboarding and managing log sources, building SIEM use cases (custom + in built), and developing automation in SOAR to support incident response and threat detection workflows Roles & Responsibilities:-End-to-End Incident Response Ownership:Ability to handle incident lifecycle (detect, contain, remediate)-Subject matter expert for handling the escalated critical or actual true positive incidents.-CrowdStrike Deep Dive:Using Real Time Response (RTR), Threat Graph, custom IOA rules-Strong command over Sumo Logic SIEM content engineering:Creating detection rules, dashboards, and field extractions-Threat Hunting:Behavior-based detection using TTPs-SOAR Automation:Designing playbooks, integrations with REST APIs, ServiceNow, CrowdStrike-Threat Intel Integration:Automation of IOC lookups and enrichment flows-Forensic Skills: Live host forensics, log correlation, malware behavioral analysis-Deep experience in advanced threat detection and incident response-Scripting Proficiency:Python, PowerShell, Bash for automation or ETL-Error Handling & Debugging:Identify and resolve failures in SOAR or data pipelines-Proficiency in CrowdStrike forensic and real-time response capabilities-Experience Sumo Logic SOAR for playbook optimization-Use case development in Sumo Logic SIEM Professional & Technical Skills: -Lead high-severity incident response, coordinating with stakeholders and IT teams-Perform endpoint forensic triage using CrowdStrike Real Time Response (RTR)-Conduct detailed log analysis and anomaly detection in Sumo Logic-Customize or create new detection rules and enrichments in SIEM-Develop/Tune SOAR playbooks for advanced scenarios, branching logic, and enrichment-Perform root cause analysis and support RCA documentation-Mentor L1 and L2 analysts through case walk-throughs and knowledge sharing-Generate post-incident reports and present findings to leadership-Lead investigations and coordinate response for major incidents-Perform root cause analysis and post-incident reviews-Develop advanced detection content in Sumo Logic-Optimize SOAR playbooks for complex use cases-Onboard and maintain data sources in Sumo Logic SIEM and ensure parsing accuracy-Build custom dashboards, alerts, and queries aligned with SOC use cases-Create and maintain field extractions, log normalization schemas, and alert suppression rules-Integrate external APIs into SOAR (e.g., VirusTotal, WHOIS, CrowdStrike)-Monitor log health and alert performance metrics; troubleshoot data quality issues-Collaborate with L3 IR and Threat Intel teams to translate threat use cases into detections-Participate in continuous improvement initiatives and tech upgrades-Conduct playbook testing, version control, and change documentation-CrowdStrike:Custom detections, forensic triage, threat graphs-SIEM:Rule creation, anomaly detection, ATT&CK mapping-SOAR:Playbook customization, API integrations, dynamic playbook logic-Threat Intelligence:TTP mapping, behavioral correlation-SIEM:Parser creation, field extraction, correlation rule design-Scripting:Python, regex, shell scripting for ETL workflows-Data Handling:JSON, syslog, Windows Event Logs-Tools:Sumologic SIEM, Sumo logic SOAR & Crowdstrike EDR-Exp in in SOC/IR including 4+ in L3 role (IR + SIEM Content Engineering & SOAR) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, while also addressing any emerging security challenges that may arise during the implementation process. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development of security policies and procedures to enhance the overall security posture.- Evaluate and recommend security technologies and tools to improve cloud security measures.- Communication:Strong verbal and written communication skills, with the ability to present complex security concepts to non-technical stakeholders. Professional & Technical Skills: - Incident Response:Lead and manage security incident response efforts, including investigation, containment, and remediation of security incidents.- Threat Detection:Utilize advanced security tools and techniques to detect and analyze potential threats, ensuring timely identification and mitigation.- Security Operations:Oversee the daily operations of the Security Operations Center (SOC), ensuring efficient monitoring and response to security alerts.- Playbook Development:Collaborate with the SOAR team to develop and refine playbooks for incident enrichment, integration, and testing.- Reporting:Prepare and present weekly, fortnightly, and monthly SOC reports to leadership, highlighting key metrics and incident trends.- Knowledge Transfer:Provide training and knowledge transfer to new team members, ensuring they are equipped to handle day-to-day monitoring and alert analysis.- Stakeholder Collaboration:Work closely with stakeholders to resolve escalated incidents and improve security protocols.- Continuous Improvement:Identify areas for improvement within security operations and implement strategies to enhance overall security posture.- Technical Skills: Proficiency in using security tools such as SIEM, EDR, and SOAR platforms. Experience with Google SecOps is highly desirable.- Certifications:Relevant certifications such as GCIH, or GCIA are preferred. Additional Information:- The candidate should have Minimum of 5 years of experience in security operations, incident response, and threat detection.- This position is based at our Bengaluru office.- Bachelor's/ Masters degree in Computer Science, Information Security, or a related field. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented CrowdStrike Endpoint Security Administrator to manage, maintain, and optimize our deployment of CrowdStrike Falcon. This role involves operational administration of the platform, proactive threat detection, and ensuring endpoint security across the enterprise. Roles & Responsibilities:-Administer and manage the CrowdStrike Falcon platform including configuration, tuning, and policy management.-Monitor alerts and dashboards for suspicious activity and work with incident response teams as needed.-Deploy and upgrade CrowdStrike agents across Windows, macOS, and Linux systems.-Create and maintain documentation for policies, procedures, and system configurations.-Integrate CrowdStrike with SIEMs, ticketing systems, and other security tools.-Perform regular audits and health checks to ensure endpoint coverage and compliance.-Respond to endpoint-related security incidents and assist with forensic investigations.-Collaborate with IT teams to ensure secure configuration and patch management across endpoints.-Hands-on experience with CrowdStrike Falcon (policy management, sensor deployment, event analysis).-Familiarity with EDR/XDR concepts and tools. Professional & Technical Skills: - Must To Have Skills: Proficiency in Endpoint Extended Detection and Response.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat hunting methodologies.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Responsible for monitoring and responding to security incidents within the SOC. Duties include analyzing security events, identifying vulnerabilities, and managing incidents using SIEM tools. The analyst must be adept at threat detection, incident response, and ensuring network security by implementing proactive measures to prevent data breaches.

Implement and manage cybersecurity measures to protect enterprise systems from external and internal threats. You will monitor, identify, and respond to security incidents. Expertise in network security, threat detection, and incident response is required.

Focuses on implementing and managing Palo Alto network security appliances to safeguard enterprise systems. Duties include configuring firewalls, monitoring network traffic, and performing regular security audits. The role demands expertise in network security, firewalls, VPNs, and threat detection to prevent unauthorized access and data breaches.

Provide Level 2 support in Security Operations Centers (SOC), focusing on SIEM tools and threat detection. You will investigate and resolve security incidents, escalate critical issues, and ensure system integrity. Expertise in SIEM, threat detection, and incident response is essential.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled and experienced Senior Threat Hunter with deep expertise in Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The ideal candidate will excel in advanced KQL query writing, hypothesis-driven hunting, detection engineering, and data visualization using Sentinel Notebooks and Workbooks. This role plays a critical part in proactively identifying threats, tuning detection logic, and enhancing our overall threat hunting capabilities.Key Responsibilities:- Write and optimize advanced KQL queries to detect malicious activities in Sentinel and MDE logs.- Conduct proactive threat hunting by forming hypotheses and correlating data across M365 Defender, Sentinel, and other sources.- Use Sentinel Notebooks (Azure ML/Log Analytics) and Workbooks to visualize hunt data and share findings with stakeholders.- Leverage MDE Advanced Hunting for in-depth endpoint telemetry analysis.- Integrate threat hunting with the MITRE ATT&CK framework, mapping TTPs and identifying gaps in coverage.- Collaborate with L3 analysts and detection engineers to fine-tune existing analytics rules and hunting queries.- Create and manage Sentinel Playbooks (Logic Apps) to automate threat response and investigation workflows.- Support continuous improvement of the threat detection lifecycle by contributing to new detection use cases and threat models.- Assist in Purple Team exercises and post-incident retrospectives by contributing hunt-driven insights. Professional & Technical Skills: - 5+ years of experience in cyber threat hunting, SOC operations, or detection engineering.- Strong proficiency in Kusto Query Language (KQL) with hands-on experience in Microsoft Sentinel and MDE.- In-depth knowledge of endpoint, network, and cloud telemetry (especially Microsoft ecosystem).- Experience using Sentinel Workbooks, Notebooks, and custom analytics rule creation.- Practical experience in hypothesis-driven threat hunting and developing custom detection rules.- Familiarity with MITRE ATT&CK framework and its use in mapping attacker TTPs.- Hands-on experience with Sentinel automation workflows using Logic Apps.- Microsoft SC-200:Microsoft Security Operations Analyst- Microsoft SC-100:Microsoft Cybersecurity Architect- GIAC GCFA/GCIA/GCED (or equivalent)- AZ-500:Microsoft Azure Security Technologies- OSCP (for offensive knowledge is a plus) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About us As a Fortune 50 company with more than 400,000 team members worldwide, Target is one of the worlds most recognized brands and one of Americas leading retailers. Target as a tech companyAbsolutely. We are the behind-the-scenes powerhouse that fuels Targets passion and commitment to cutting-edge innovation. We anchor every facet of one of the worlds best-loved retailers with a strong technology framework that relies on the latest tools and technologiesand the brightest peopleto deliver incredible value to guests online and in stores. Behind the brand our guests love, is a culture of continual innovation and right now, we are up to big things. The Cyber Fusion Centre is the heart of Targets security team and a place where innovation happens daily. Interested in a culture that combines invention and creative freedom, ongoing learning, engineering excellence, and stellar outcomesWe are, too thats why we work here. Join our team to take new enterprise security solutions from concept to release, collaborating with both software & security engineers to innovate on helping defend Targets network using cutting-edge technologies.We are seeking a Senior Threat Detection Engineer to join our world class cybersecurity-cyber defence team. The ideal candidate will be responsible for designing, implementing, and optimizing threat detection mechanisms to protect the organization from advanced cyber threats.About The Role/Key Responsibilities: Threat Detection Development : Design and implement detection rules, signatures, and analytics to identify malicious activities in real-time. Develop use cases and correlation rules in SIEM and other detection platforms. Create automated processes to improve detection efficiency and reduce response times. Security Monitoring & Optimization : Continuously monitor and tune rules to reduce false positives by improving rule fidelity and ensuring actionable alerts. Stay updated with emerging threat landscapes to enhance detection capabilities. Incident Support : Collaborate with Incident Response (IR) and Threat Hunting teams to provide context and insights during investigations. Participate in post-incident reviews to refine detection strategies based on lessons learned. Collaboration & Reporting : Work with Cyber Threat Intelligence (CTI) teams to integrate threat intelligence into detection mechanisms. Document and present detection engineering activities, findings, and recommendations to stakeholders. About You/Qualifications: Bachelors degree in Cybersecurity, Computer Science, or related field (or equivalent experience). 4+ years of experience in threat detection, incident response or related roles. Demonstrates a deep subject matter expertise with threat detection, response, and mitigation Capable of identifying detection opportunities sourced from threat data Exhibits an understanding of concepts such as Pyramid of Pain, MITRE ATT&CK, and other organizing frameworks Hands-on experience with security tools such as SIEM (Splunk, ElasticSearch, Zeek, SIGMA, Suricata and YARA technologies) Host based detection experience leveraging Sysmon, CrowdStrike Falcon, etc. Cloud based detection within GCP and AWS Proficiency in scripting and automation (Python, PowerShell, etc.) Deep knowledge of network protocols, operating systems, and attack techniques. Excellent problem-solving and communication skills. Stays current with new technologies via formal training and self-directed education Why Join Us Be part of a forward-thinking world class cybersecurity team. Opportunities for professional growth and continuous learning. Useful Links- Life at Target- https://india.target.com/ Benefits- https://india.target.com/life-at-target/workplace/benefits Culture- https://india.target.com/life-at-target/diversity-and-inclusion

Say hello to possibilities. Its not everyday that you consider starting a new career. We’re RingCentral, and we’re happy that someone as talented as you is considering this role. First, a little about us, we’re the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. We’re a $2 billion company that’s growing at 30+% annually. Job Type: Full-Time Department: Security This is a great opportunity to work at a rapidly growing, market leading Unified Communications as-a-service company. RingCentral provides Voice-over-IP (VoIP), hosted PBX, voicemail, SMS, e-fax, and HD video meeting solutions for business. About this role: As a SOC Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentral’s global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel. Successful Candidates will: Have proven skills in application security, security monitoring, incident response and intrusion analysis Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills Demonstrated track record of quality processes in candidate’s work history Be strongly self-motivated with an aptitude for both individual and team-oriented work Have experience following and refining standard operating procedures and playbooks Responsibilities: Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment Engage teams within and outside of RingCentral to mitigate and resolve cases Maintain relevant documentation and audit artifacts Identify and track suspicious system activity Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems This role participates in on-call rotations Qualifications / Requirements: 3+ years in a security engineering, SRE, or SOC roles in a cloud services environment Experience with SIEM Experience investigating security incidents Basic knowledge AWS or GCP Experience with IDS, case management, and related tools and practices Experience with Linux, RedHat preferred Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc. Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP) Preferred Skills/Experience: Any combination of the following certifications: GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) GNFA (GIAC Certified Network Forensic Analyst) GCFE (GIAC Forensic Examiner) GASF (GIAC Advanced Smartphone Forensics) GICA GCTI (GIAC Certified Cyber Threat Intelligence) GPEN (GIAC Certified Pentester) GWAPT (GIAC Certified Web Application Pentester) GPYC (GIAC Certified Python Coder) OSCP (Offensive Security Certified Pentester) Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events Strong knowledge of Microsoft Windows Experience automating security tasks, including scripting, programming and/or SecDevOps Experience working with global teams

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities:- Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities)- Collaborate and manage the team to perform- Responsible for decisions on team management, financial, project transitions- Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop and implement security operations strategies, processes, architecture standards and guidelines- Conduct security reviews and manage internal/external audits- Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management.- Strong understanding of threat intelligence analysis- Knowledge of security compliance frameworks- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at Bengaluru office.- 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities:- Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities)- Collaborate and manage the team to perform- Responsible for decisions on team management, financial, project transitions- Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop and implement security operations strategies, processes, architecture standards and guidelines- Conduct security reviews and manage internal/external audits- Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management.- Strong understanding of threat intelligence analysis- Knowledge of security compliance frameworks- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at Gurugram office.- 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities:- Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities)- Collaborate and manage the team to perform- Responsible for decisions on team management, financial, project transitions- Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop and implement security operations strategies, processes, architecture standards and guidelines- Conduct security reviews and manage internal/external audits- Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management.- Strong understanding of threat intelligence analysis- Knowledge of security compliance frameworks- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

We are RadarRadar, experts in the commodity production, trade and processing industry. As a technology company we continuously aim to support our clients with strong data & analytics and business intelligence tools. It is our mission to enable companies to unlock the full potential of their data to improve risk and margin management and boost performance. Awards won: Top 10 Trading & Risk Management Service Providers 2023 | Energy Business Review Technology Innovation Award 2023 | Commodities People Analytics Technology Leader of the Year 2023 | Commodities People Top Business Information Systems Company 2022 | Data Magazine We are looking for a skilled and proactive Security Associate to join our IT team. This role is very important in ensuring the security of our cloud infrastructure. The ideal candidate will have hands- on experience in Azure security services, Windows Server security, SQL Server security, and infrastructure administration. What you will do Manage and optimize Azure Security services, including Microsoft Sentinel, Azure Monitor, Defender for Cloud, Endpoint/Server, Identity etc. Configure and monitor Log Analytics Workspaces and workbooks for effective threat detection and incident response. Create and manage virtual network configurations, private endpoint connections and other networking/firewall resources. Implement security best practices for Azure resources, ensuring compliance on regulatory standards and respond to incidents. Manage security configurations using Azure Policy Manage and secure mobile devices and applications using Microsoft Intune. Manage identity, access and Conditional Access policies within Azure AD. Apply security hardening techniques to Windows Server environments. Monitor and manage security baselines, patch management, and vulnerability assessments. Implement and maintain Group Policies, security auditing, and logging. Enforce SQL Server security best practices, including log management. Conduct regular audits, compliance checks on Servers Manage roles, permissions, and security configurations to protect data integrity. Create and manage various Azure resource (VMs, SQL Servers, Storage accounts, App services, Gateways, key vaults etc.) Create, manage and optimize Azure automation runbooks Perform administrative tasks for SQL Server, Windows Server, Microsoft 365 services including Intune, Entra ID, Teams, Exchange, Purview for data governance etc. Ensure high availability and performance of servers and services. Troubleshoot and resolve infrastructure-related issues promptly. Support backup and restore, disaster recovery, and business continuity planning. What you will bring Bachelors degree in computer science, Information Technology, or related field. 3+ years of experience in Azure security and infrastructure management. Strong knowledge of Microsoft security tools (Sentinel, Defender for Cloud, Defender for Endpoint/server). Proficiency in Windows Server and SQL Server security practices. Experience with Microsoft 365 and Entra ID administration. Microsoft Certified: Azure Security Engineer Associate Microsoft Certified: Azure Administrator Associate Strong analytical and problem-solving abilities. Excellent communication and teamwork skills. Ability to manage multiple tasks and projects effectively. Strong attention to detail and a proactive security mindset. What you will get: Remote work model A competitive salary and working with an amazing international team. An inspiring environment where you learn every day. Personal development plans to help you reach your personal goals.