243 Threat Detection Jobs - Page 3

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats. Responsibilities: L1 - Minimum 2 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting. L2 - Minimum 4 years of relevant experience in SOC/Incident Management/Incident Response /Threat Detection Engineering/Vulnerability Management/ SOC platform management/ Automation/ Asset Integration/ Threat Intel Management/Threat Hunting. Round the clock threat monitoring & detection Analysis of any suspicious, malicious, and abnormal behavior. Alert triage, Initial assessment, incident validation, its severity & urgency Prioritization of security alerts and creating Incidents as per SOPs. Reporting & escalation to stakeholders Post-incident Analysis Consistent incident triage & recommendations using playbooks. Develop & maintain incident management and incident response policies and procedures. Preservation of security alerts and security incidents artefacts for forensic purpose. Adherence to Service Level Agreements (SLA) and KPIs. Reduction in Mean Time to Detection and Response (MTTD & MTTR). Mandatory skill sets: Mandatory (Any-one): - Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc. Preferred skill sets: SOC - Splunk Years of experience required: 2-5 Years Education qualification: B.Tech/MCA/MBA with IT background/ Bachelors degree in Information Technology, Cybersecurity, Computer Science Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture + 8 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Firewall Architecture, Network Security Implementation Good to have skills : Network Strategy & OptimizationMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Firewall Architecture, Network Security Implementation.- Good To Have Skills: Experience with Network Strategy & Optimization.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 7.5 years of experience in Firewall Architecture.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

What were looking for To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspaces strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection & Response (EDR) services to customers. The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection & Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers. You will also be required to liaise closely with the customers key stakeholders, which may include incident response and disaster recovery teams as well as information security. Skills & Experience Should have 8+ years experience in Security Engineering. Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection & Response. Experience of working with cloud native Endpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud. Experience of working in two (or more) of the following additional security domains: SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc. AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail . Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc. Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell. Knowledge of Malware reverse engineering, threat detection and threat hunting. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - Microsoft Certified: Azure Security Engineer Associate (AZ500) Microsoft Certified: Security Operations Analyst Associate (SC-200) Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) GIAC Certified Incident Handler (GCIH) GIAC Security Operations Certified (GSOC) CrowdStrike admin Certified A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail. A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture. Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure. An individual who shows a willingness to go above and beyond in delighting the customer. A good communicator who can explain security concepts to both technical and non-technical audiences. Key Accountabilities Ensure the Customers operational and production environment remains healthy and secure at all the times. Assist with customer onboarding -customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s). Advance platform administration. Critical platform incident handling & closure. As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection & Response. Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams. Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s) Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc. Co-ordinate with vendor for issue resolution. Required to work flexible timings.

As an L1 SOC Analyst with 3 to 5 years of experience, you will be responsible for expertise in Triage, Threat Detection and Response, Threat Hunting, and SOC Assessment. Your role will involve utilizing your in-depth knowledge of Sentinel and Crowdstrike, along with security event collection, monitoring, analysis, issue investigation, and incident response leveraging automated SOAR tools. Your primary duties will include real-time monitoring, data enrichment, event correlation, OS/application event analysis, and IOC based threat hunting. Additionally, you will be tasked with email analysis, investigation, and phishing detection. You will play a key role in incident workflow management, issue escalation, and assisting stakeholders with issue containment, remediation, and risk mitigation. In this role, you will provide valuable input into enhancing threat detection rules and optimizing response playbooks. You will actively participate in operational meetings and war-room sessions, offering insights into issue eradication and security posture improvement. Key Skills required for this role include proficiency in Microsoft Defender E5 Security Suite, Microsoft Sentinel, and security suite. Your expertise in these areas will be crucial in ensuring the effective operation and security of the organization's systems and data.,

As a Detection Tuning & Optimization Analyst at Critical Start Technologies Private Ltd., you play a crucial role in identifying and responding to security alerts. Your responsibilities include configuring playbooks and event orchestration technologies, reducing, resolving, and orchestrating events across multiple endpoints and SIEM security products. Your expertise in incident detection and response contributes significantly to the overall security posture of the organization. On a daily basis, you will review security alerts, differentiate between true and false positives, and collaborate with various teams to ensure prompt and effective response. Your role involves continuous monitoring of security events, thorough analysis of alerts, and proactive escalation of incidents to the appropriate teams for investigation and resolution. Your key responsibilities include: - Continuously monitoring events generated by security products to identify potential incidents - Analyzing and investigating security alerts, escalating as needed for further action - Conducting reviews of alerts to identify false positives and optimize detection accuracy - Collaborating with cross-functional teams to implement improvements in detection processes - Maintaining standardized orchestration processes for alert management - Adhering to documentation processes, updating information as necessary, and creating new documentation for undocumented processes - Enhancing team efficiency through continuous improvement of documentation and knowledge sharing Required qualifications for this role include: - 3+ years of experience in a security analyst role - Strong written and verbal communication skills - Proficiency in SIEM tools, EDR, and EPP solutions - Knowledge of network and system security, threat detection, and incident response - Problem-solving, critical thinking, and analytical abilities - Ability to work effectively in a fast-paced environment Desired qualifications such as certifications in security (e.g., CompTIA Security+, CEH) are advantageous for this position. At Critical Start, you will experience a collaborative and inclusive work culture where your contributions are valued. We offer competitive compensation, flexible PTO policies, and various work arrangements. Apply now to join our team and be a part of shaping the future of cybersecurity. Please visit our career site at https://www.criticalstart.com/careers/ to apply for the position.,

Are you passionate about SecOps, automation, and cloud security Do you want to lead cutting-edge security initiatives and drive large-scale security automation As a SecOps Engineering Lead, you will play a pivotal role in defining and executing security automation strategies, driving cloud security initiatives, and leading security operations at scale. You will work at the intersection of Security, DevOps, and Cloud, embedding best-in-class security practices into infrastructure and applications. This role requires a visionary leader who can take ownership, drive innovation, and influence security strategies across teams. You will be responsible for designing and implementing security automation solutions, enhancing cloud security, and optimizing SecOps workflows. We are looking for a self-driven professional who can take end-to-end ownership of security initiatives with minimal guidance. Define and execute the security automation strategy, embedding best-in-class practices across DevSecOps, CI/CD pipelines, and cloud environments. Architect, develop, and implement security solutions using Python to automate threat detection, response, and mitigation at scale. Enhance and automate security workflows by integrating SIEM, SOAR, and EDR solutions to improve real-time threat detection and response efficiency. Implement and optimize security controls in cloud environments (AWS, Azure, GCP), enforcing security-as-code principles and compliance automation. Own the design and maintenance of DevSecOps pipelines, ensuring security is embedded into CI/CD processes and infrastructure automation. Lead cross-functional collaboration, working with Security, DevOps, and Engineering teams to drive security-first principles across customer organizations. Mentor engineers and foster a security-driven culture, driving security awareness and best practices across teams. Continuously evaluate emerging security technologies to enhance security automation, optimize detection capabilities, and future-proof security operations. Required Skills & Qualifications 6+ years of hands-on experience in SecOps, Security Engineering, or Security Automation. Expertise in Python programming for security automation and scripting (JavaScript is optional). Deep knowledge of Cybersecurity & Security Operations (SecOps), including threat detection, incident response, and security orchestration. Proven ability to automate and integrate SIEM, SOAR, and EDR tools to improve detection & response. Hands-on experience with DevSecOps pipelines (CI/CD) and Terraform to enforce security automation at scale. Experience securing cloud environments with security-as-code and compliance automation for at least one major cloud provider (AWS, Azure, or GCP). Preferred Skills (Nice-to-Have) Multi-cloud experience across AWS, Azure, and GCP. Strong understanding of infrastructure security, network security, and security-as-code methodologies. Experience with container security (Kubernetes, Docker, etc.) and cloud-native security controls. Familiarity with threat modeling, cloud security compliance frameworks, and risk assessment methodologies. Why Join Us Be a Security Visionary Lead and define the future of security automation, transforming SecOps strategies in cloud and DevOps environments. Work with Cutting-Edge Security Tech Engage in AI-driven security analytics, threat intelligence automation, and next-gen SecOps solutions. Collaborate with Industry Experts Work closely with top security, cloud, and DevOps engineers to drive innovation in security automation. Accelerate Your Career Step into a high-impact leadership role, shape security roadmaps, and gain visibility across leadership teams. Competitive Compensation & Benefits Get a market-leading salary, comprehensive benefits, and access to professional development opportunities. Apply Now! If you're ready to take on this exciting challenge, apply today!,

Job Description We are looking for Email Security Analyst to strengthen our defenses against evolving email threats and ensure rapid effective incident response Key Responsibilities Monitor and analyze email traffic to identify potential threats and ensure optimal filtering accuracy Investigate and respond to email related security incidents coordinating with internal teams to ensure swift resolution Handle escalations from support teams and customers providing expert guidance and actionable insights Develop and refine detection mechanisms using existing tools to address gaps in threat coverage Collaborate with cross functional teams to ensure consistent communication and alignment during incident investigations Maintain detailed documentation of incidents investigations and resolutions to support continuous improvement and knowledge sharing Qualifications 5 years of experience in email or web based security incident investigation and response At least 2-3 years of experience working with large datasets and performing data analysis Proficiency in crafting detection rules using Regular Expressions familiarity with YARA is a plus Deep understanding of email protocols headers and analysis tools especially within O365 environments Experience in handling customer escalations and delivering clear investigative reports Should have an experience of handling a team of 6-8 Strong grasp of the email threat landscape and emerging attack vectors Familiarity with Kusto Query Language KQL for threat hunting and data analysis Ability to interpret data and present findings in a clear insightful manner Strong communication skills both written and verbal with fluency in English Willingness to participate in a global on-call rotations 247 Shifts

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, we transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client-first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning, bold ideas, courage and passion to drive life-changing impact to ZS. Senior Security Operations Analyst We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you'll do: . Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging . Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities . Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time . Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities . Perform proactive threat hunting to identify and mitigate advanced threats . Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation . Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats . Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership . Continuously improve SOC processes and playbooks to streamline operations and response efforts . Mentor junior SOC analysts and provide guidance on security best practices . This role requires participation in a rotational shift . Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed What you'll bring: . Strong analytical and problem-solving abilities . Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams . Proven ability to remain calm and efficient under a high-pressure environment . Proficient in using SIEM tools, such as Microsoft Sentinel . Experience with data migration strategies across SIEM platforms . Experience on Cloud Security Operations and Incident Response platforms such as Wiz . In-depth understanding of cyber threats, vulnerabilities, and attack vectors . Proficient in creating KQL queries and custom alerts within Microsoft Sentinel . Expertise in developing SIEM use cases and detection rules . Skilled in incident response and management procedures . Experienced in conducting deep-dive investigations and root cause analysis for incidents . Adept at collaborating with stakeholders to resolve complex cybersecurity challenges . Ability to automate routine SOC processes to enhance operational efficiency . Experienced in mentoring and guiding junior analysts in security operations . Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: . Excellent interpersonal (self-motivational, organizational, personal project management) skills . Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System . Ability to analyze cyber threats to develop actionable intelligence . Skill in using data visualization tools to convey complex security information Academic Qualifications: . Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) . 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management . Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks . Experience with SIEM migration . Expertise in incident response, threat detection, and security monitoring . Solid understanding of Windows, Linux, and cloud security concepts . Relevant certifications (e.g., CompTIA Security+, Microsoft Certified: Security Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred . Preferred Security Cloud Certifications: AWS Security Specialty Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we honor the visible and invisible elements of our identities, personal experiences, and belief systems-the ones that comprise us as individuals, shape who we are, and make us unique. We believe your personal interests, identities, and desire to learn are integral to your success here. We are committed to building a team that reflects a broad variety of backgrounds, perspectives, and experiences. about our inclusion and belonging efforts and the networks ZS supports to assist our ZSers in cultivating community spaces and obtaining the resources they need to thrive. If you're eager to grow, contribute, and bring your unique self to our work, we encourage you to apply. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To complete your application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At:

Join our dynamic team as a Cyber Security Analyst where you will play a crucial role in safeguarding our digital assets. With a focus on Security Operations Center (SOC), you will monitor and respond to security incidents, ensuring the integrity and confidentiality of our systems. This hybrid role offers the opportunity to work both remotely and on-site with occasional travel required. Your responsibilities will include monitoring security alerts and incidents using SOC tools, analyzing security incidents to determine root causes, collaborating with IT teams to develop and implement security measures, conducting regular security assessments, providing expert guidance on security best practices, developing incident response plans, utilizing Microsoft Sentinel for threat detection, preparing detailed reports on security incidents, staying updated on cybersecurity threats and trends, participating in policy development, conducting training sessions, and coordinating with external partners and vendors for comprehensive security coverage. To qualify for this role, you should possess a strong understanding of SOC and Security Information and Event Management (SIEM) technologies, demonstrate expertise in cybersecurity principles and practices, have hands-on experience with C-SOC and Microsoft Sentinel, exhibit knowledge of compliance standards such as SOC1 Type1&2 SAAE18 and SSAE16, show proficiency in conducting security assessments and audits, display excellent analytical and problem-solving skills, and communicate effectively with technical and non-technical stakeholders. The certifications required for this position are Certified Information Systems Security Professional (CISSP) and Certified SOC Analyst (CSA).,

As a Threat Detection & Response specialist, your role involves implementing and enhancing threat detection capabilities utilizing various Microsoft security tools such as Microsoft Defender for Endpoint (MDE), Microsoft Defender for O365, Microsoft Defender for XDR, Microsoft Defender for Identity, and Azure Security Center. Your primary responsibility will be to conduct security monitoring by continuously analyzing and investigating security alerts and incidents using Microsoft security solutions. Additionally, you will lead and participate in incident response efforts, including triage, containment, eradication, and recovery, leveraging Microsoft's threat protection tools. It will be part of your duties to integrate threat intelligence into the existing infrastructure to boost threat detection, prevention, and response strategies. Regular vulnerability assessments will also be conducted to identify and mitigate vulnerabilities in collaboration with relevant teams. You will be involved in developing and implementing automated workflows for threat detection and response utilizing tools like Azure Logic Apps and Microsoft Power Automate. Ensuring compliance with security policies and regulatory requirements through audits will also be crucial for this role. In addition, you will perform security assessments of cloud resources to identify and address potential threats and vulnerabilities. Collaboration with IT, DevOps, and other teams is essential to integrate security best practices and threat protection measures into cloud projects. You will also be responsible for providing guidance and training to internal teams on threat protection best practices and tools. It is important to stay updated on the latest threat protection trends, techniques, and technologies to continuously enhance the organization's security posture. This is a full-time, permanent position with benefits including health insurance and provident fund. The work schedule includes day shifts from Monday to Friday with rotational shifts. The work location is in person, fostering a collaborative and hands-on approach to security management.,

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Competitor Analysis Good to have skills : Security Architecture Design, Jenkins, BambooMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :To drive competitive intelligence initiatives focused exclusively on cybersecurity services. This role supports strategic stakeholders by delivering deep-dive insights on peer organizations in the cybersecurity services space. The analyst will research, track, and interpret competitor strategies, offerings, market moves, and client positioning to inform go-to-market actions and service differentiation. Roles & Responsibilities:Conduct in-depth competitive research on global and regional cybersecurity service providers, including consulting-led firms, MSSPs, and niche players.Develop and maintain competitor profiles that include service offerings (e.g., MxDR, Identity & Access Management, Cloud Security, OT Security), delivery models, alliances, certifications, and client segments.Monitor market movements such as deal wins/losses, acquisitions, leadership changes, analyst rankings, investments, and capability launches.Support the creation of battle cards, SWOT analyses, benchmarking reports, and win-loss summaries tailored to specific cybersecurity service lines.Track and interpret positioning of competitors across analyst reports (e.g., Gartner, IDC, Forrester, ISG, HFS, Everest Group) and translate these insights for sales, marketing, and delivery teams.Collaborate with internal stakeholders (e.g., Client account teams, Cyber industry leads, MU leads) to refine competitive narratives and validate field intel.Contribute to periodic competitive landscape reports and newsletters focused on trends in the cybersecurity services market.Maintain an internal repository of intelligence assets, including slides, transcripts, and data extracts for easy consumption and reuse. Professional & Technical Skills: -Basic understanding of cybersecurity domains such as threat detection, managed services, incident response, IAM, and zero trust.Proficiency in secondary research techniques and comfort with navigating open-source and premium databases (e.g., Gartner, IDC, LinkedIn, company filings).Strong analytical mindset with the ability to structure insights from fragmented data points.Excellent PowerPoint and business writing skills able to write succinct, executive-ready outputs.Comfort working in a fast-paced environment, balancing ad hoc requests with structured deliverables.A collaborative mindset with a willingness to learn from technical and business stakeholders. Additional Information:- The candidate should have minimum 3 years of experience in Competitor Analysis.- This position is based at our Bengaluru office.- A 15 years full time education is required.Exposure to market intelligence or strategy support functions within a services organization is a plus.Understanding of cybersecurity services value chain:advisory, implementation, and managed services.Familiarity with analyst frameworks like Gartner Magic Quadrants, Forrester Waves, and ISG Provider Lens in cybersecurity. Qualification 15 years full time education

Role: Threat Hunter Primary Skills 8+ years experience of working in IT Security and relevant areas like Security Operations Centre, Incident Response, Threat Intelligence, Digital Forensics, Threat Hunting, Malware Analysis etc. Should have experience to handle Incident Response for diverse financial organization environment. Proven experience in handling security events in mission critical environments, hands-on troubleshooting, analysis, and technical expertise to guide team members in resolution of incidents as agreed by SLA. In depth understanding of incident response frameworks such as NIST and SANS. Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection) Responsibilities: Manage all aspects of Security Incident Response and Threat Hunting including validation, monitoring, containment, log analysis, system forensic analysis, and reporting. Work closely with SOC Manager and business stakeholders to meet project deliverables. Carrying out post-incident reviews, assessing the effectiveness of controls, detection and response capability and supporting the required improvements with the responsible owners. Should be expertise in Creation of SOP and Playbook. Routinely brief and update senior leadership and other stakeholders on the active incidents and manage expectation. Collaboration with the wider teams (like IT/Business operations teams where applicable) in the production and maintenance of efficient and effective incident response playbooks on timely basis. Collaboration with External Incident Response Retainer services for end-to-end tracking and remediation of security incidents. Recommend system enhancements or compensating controls to remediate security deficiencies. Ensure preservation of all evidence as per applicable laws and regulations and maintain records of chain of custody during incidents

As a Security Operations Engineer (SecOps) with 8-11 years of experience, you will be responsible for configuring multiple security systems (SAST, DAST, SIEM, EDR, etc.) for production endpoint and vulnerability scanning. Your role will involve system hardening for applications hosted on AWS, responding to security alerts, devising remediation strategies with internal teams, and ensuring compliance with information security best practices and standards. Your responsibilities will include architecting and implementing IAM best practices to facilitate fast-paced engineering activities while upholding security, compliance, and auditing requirements. Collaboration with engineering teams will be essential to ensure secure infrastructure architecture. You will need to respond to security system alerts (firewalls, IPS/IDS, SIEM, EDR, WAF), threat and vulnerability management, and work closely with teams to understand and address security vulnerabilities. Designing and implementing threat detection and prevention mechanisms across a multi-account, multi-region AWS environment will be a key aspect of your role. Your expertise in information security architecture and systems engineering will be crucial in providing guidance to other IT and business teams. You will also be responsible for creating and maintaining a centralized platform to aggregate security and vulnerability scans from various sources. Automation of security controls, data access patterns, and processes will be an integral part of your responsibilities to enhance metrics and operational support for engineering teams. Your role as a Security Operations Engineer will play a vital role in ensuring the overall security posture of the organization and mitigating potential risks effectively.,

About Seceon: Seceon is a leading provider of AI-driven cybersecurity solutions. The innovative platform empowers organizations to detect, respond to, and prevent advanced threats in real-time. With a focus on automation, scalability, and simplicity, Seceon ensures businesses of all sizes stay protected. Job Summary: As a Customer Success Engineer at Seceon, you will serve as the primary technical point of contact for customers. Your mission is to ensure seamless onboarding, deployment, and ongoing success with the cybersecurity solutions. Working closely with customers, internal support teams, and engineering, you will resolve issues, drive adoption, and ensure overall satisfaction. Key Responsibilities: - Act as a trusted advisor to Seceon customers, guiding them through onboarding and implementation of the platform. - Troubleshoot and resolve technical issues in collaboration with internal support and product teams. - Deliver product training and support customer enablement sessions. - Monitor customer health, usage trends, and proactively suggest improvements. - Gather feedback to contribute to product improvements and customer retention strategies. - Document processes, FAQs, and solutions to build a strong knowledge base. - Support sales and pre-sales efforts with product demos and technical clarifications when needed. Requirements: - Bachelors degree in Computer Science, Engineering, IT, or related field. - 3+ years of experience in a technical support, customer success, or implementation engineering role. - Strong understanding of cybersecurity concepts (SIEM, SOC operations, threat detection preferred). - Basic knowledge of networking, firewalls, and cloud infrastructure (AWS/Azure is a plus). - Excellent communication and interpersonal skills. - Customer-first attitude with the ability to manage multiple priorities.,

As a Senior SOC Architect, you will play a crucial role in leading the design and evolution of our Security Operations Center (SOC) infrastructure and strategy. Your extensive expertise in security architecture, incident response frameworks, threat intelligence integration, and enterprise-grade SOC solutions will be essential for the success of this high-impact position. Your responsibilities will include designing and continually enhancing SOC architecture, processes, and automation frameworks. You will be responsible for evaluating and implementing various security technologies such as SIEM, SOAR, EDR, IDS/IPS, among others. Additionally, you will lead the integration of threat intelligence feeds, analytics, and response capabilities while ensuring alignment with business and compliance requirements such as ISO 27001 and NIST. In this role, you will provide strategic direction and architectural governance for SOC operations, mentoring SOC teams to ensure technology alignment with best practices. Collaboration with stakeholders, IT, and security leaders to define threat models and use cases will be a key aspect of your responsibilities. To be successful in this role, you should possess at least 10 years of experience in cybersecurity, with a minimum of 3 years in SOC architecture or design-focused leadership roles. Your proven experience in deploying and scaling SOC tools and platforms like Splunk, QRadar, Sentinel, Palo Alto XSOAR, and CrowdStrike will be valuable. A deep understanding of threat detection, incident response, security automation, network security, endpoint security, cloud security, and log management is essential. Familiarity with security frameworks and standards such as MITRE ATT&CK, NIST, and ISO is also required. Your exceptional leadership, communication, and documentation skills will be crucial for effectively fulfilling this role. This is a full-time on-site position located in Andheri East, Mumbai. The client interview process will consist of 5 rounds, with the first round being on-site and subsequent rounds conducted virtually. Join us as a Senior SOC Architect and be at the forefront of building a resilient and modern SOC capable of staying ahead of today's advanced threats.,

Your potential, unleashed. India's impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your work profile. We are seeking a skilled SOC Operations professional to manage, maintain, and enhance our SOC platform, ensuring effective monitoring, detection, and response to security incidents. The ideal candidate will have strong experience in SOC administration, threat detection, and SOC operations to provide continuous security improvements and support to the SOC team. Key Responsibilities: Conduct in-depth investigation of security incidents including data collection, root cause analysis, and recovery efforts, ensuring compliance with defined SLAs. Validate and fine-tune correlation rules, use-cases, and custom detections in SIEM tools to reduce false positives and improve detection fidelity. Propose new SIEM use cases with playbook creation based on threat intelligence, evolving TTPs, or internal security gaps. Conduct alert quality reviews, enhancing or retiring outdated detection logic and recommending improved strategies. Provide mentorship and analytical support to L1 analysts, helping them enhance detection and response capabilities. Continuously monitor SIEM and other security tools for alerts indicating potential threats, policy violations, or anomalies in the network. Lead incident response activities, focusing on containment and eradication of threats while ensuring forensic integrity for post-event analysis. Correlate data from various sources to identify security incidents and create actionable intelligence. Collaborate with cross-functional teams and subject matter experts to resolve complex technical issues swiftly. Review logs, metrics, and system behavior to identify patterns and early indicators of compromise. Document incidents, root cause, and resolution steps in a structured manner, and contribute to the refinement of incident response playbooks. Share security knowledge and threat insights across the team to promote continuous learning and improvement. Keep leadership informed of high-priority incidents and propose tactical/strategic countermeasures. Ensure adherence to internal policies, regulatory requirements, and industry best practices throughout all SOC processes. Education: Bachelors degree in Computer Science, Cybersecurity, or related field, or equivalent experience Required Skill Set: 410 years of professional experience in Information Security, SOC operations or incident response. Strong knowledge of cybersecurity frameworks and methodologies including MITRE ATT&CK, Cyber Kill Chain and NIST IR. God Knowledge in Cloud Security concepts and toolsexperience with EDR, DLP, and Firewall technologies is a must. Deep understanding of core network and security principles (Operating systems, TCP/IP, ports, detection/IDS/IPS, etc.). Working knowledge of malware analysis and sandbox environments. Ability to interpret complex alerts and logs from diverse sources and translate them into practical response actions. Excellent communication, documentation, and collaboration skills to interact with stakeholders at all levels. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and noat negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution.

You are an experienced and dynamic Director of Risk Advisory specializing in Cybersecurity, with a strong emphasis on Vulnerability Assessment & Penetration Testing (VAPT). Your role involves leading the cybersecurity consulting practice, demonstrating deep technical expertise, proven leadership skills, and the capability to handle impactful client engagements within the cybersecurity domain. Your responsibilities will include: Strategic Leadership & Practice Development: - Leading the cybersecurity risk advisory vertical, focusing on VAPT, threat management, and overall cyber resilience. - Developing and implementing strategies for cybersecurity consulting services that align with business objectives. - Establishing frameworks, methodologies, and innovative approaches for cybersecurity risk management. - Managing P&L, business development, and client portfolio growth for the cyber risk practice. Client Engagement & Delivery Management: - Leading end-to-end VAPT engagements, including scoping, planning, execution, and reporting. - Providing guidance to clients on threat detection, vulnerability remediation, and enhancing security posture. - Cultivating and nurturing strong relationships with CXO-level stakeholders and technical teams. - Ensuring delivery excellence on all client engagements with measurable business outcomes. Technical Expertise: - Offering subject matter expertise on VAPT, red teaming, threat modeling, and incident response. - Supervising testing methodologies for various platforms such as web applications, mobile apps, cloud environments, APIs, IoT, and network infrastructure. - Ensuring timely identification of security vulnerabilities and suggesting actionable mitigation strategies. - Keeping abreast of the evolving cybersecurity threat landscape and regulatory requirements. Team Leadership: - Leading, mentoring, and fostering the growth of a high-performing cybersecurity consulting team. - Conducting knowledge-sharing sessions, technical workshops, and training programs. - Driving talent acquisition and capability building within the cybersecurity practice. Required Skills & Qualifications: - Education & Certifications: Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Preferred certifications include OSCP, OSWE, CREST, CEH, CISSP, CISM, ISO 27001 LA, CRTP, or equivalent. - Technical Expertise: 12+ years of experience in cyber risk advisory, VAPT, and security consulting. Proven expertise in managing enterprise-scale VAPT projects across BFSI, Telecom, and other domains. Hands-on knowledge of tools like Burp Suite, Nessus, Qualys, Metasploit, Nmap, Kali Linux, Wireshark, etc. Deep understanding of cloud security, container security, and emerging technologies. - Leadership & Business Skills: Experience in overseeing large cybersecurity programs and multiple client portfolios. Strong business acumen with a focus on revenue growth. Exceptional stakeholder management, negotiation, and presentation skills.,

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Cyber Threat Intelligence Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure alignment of security architecture with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cyber Threat Intelligence.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with threat modeling and risk assessment methodologies.- Knowledge of security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 3 years of experience in Cyber Threat Intelligence.- This position is based at our Coimbatore office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate emerging security technologies and recommend improvements to existing security frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and best practices.- Experience with threat detection and incident response methodologies.- Familiarity with security compliance frameworks and regulations.- Ability to analyze security incidents and develop effective mitigation strategies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Say hello to possibilities. Its not everyday that you consider starting a new career. Were RingCentral, and were happy that someone as talented as you is considering this role. First, a little about us, we’re the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. We’re a $2 billion company that’s growing at 30+% annually. Job Type: Full-Time Department: Security This is a great opportunity to work at a rapidly growing, market leading Unified Communications as-a-service company. RingCentral provides Voice-over-IP (VoIP), hosted PBX, voicemail, SMS, e-fax, and HD video meeting solutions for business. About this role: As a SOC Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentral’s global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel. Successful Candidates will: Have proven skills in application security, security monitoring, incident response and intrusion analysis Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills Demonstrated track record of quality processes in candidate’s work history Be strongly self-motivated with an aptitude for both individual and team-oriented work Have experience following and refining standard operating procedures and playbooks Responsibilities: Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment Engage teams within and outside of RingCentral to mitigate and resolve cases Maintain relevant documentation and audit artifacts Identify and track suspicious system activity Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems This role participates in on-call rotations Qualifications / Requirements: 3+ years in a security engineering, SRE, or SOC roles in a cloud services environment Experience with SIEM Experience investigating security incidents Basic knowledge AWS or GCP Experience with IDS, case management, and related tools and practices Experience with Linux, RedHat preferred Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc. Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP) Preferred Skills/Experience: Any combination of the following certifications: GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) GNFA (GIAC Certified Network Forensic Analyst) GCFE (GIAC Forensic Examiner) GASF (GIAC Advanced Smartphone Forensics) GICA GCTI (GIAC Certified Cyber Threat Intelligence) GPEN (GIAC Certified Pentester) GWAPT (GIAC Certified Web Application Pentester) GPYC (GIAC Certified Python Coder) OSCP (Offensive Security Certified Pentester) Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events Strong knowledge of Microsoft Windows Experience automating security tasks, including scripting, programming and/or SecDevOps Experience working with global teams