115 Threat Detection Jobs - Page 5

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- SOC Operations:Lead and manage day-to-day operations of the SOC, including Tier 13 security analysts.Oversee security monitoring, threat detection, incident response, and threat intelligence activities.Ensure continuous tuning and enhancement of SIEM and EDR tools.Create and maintain incident response playbooks and workflows.Collaborate with infrastructure and application teams during security events.Security Governance, Risk & Compliance:Develop and enforce cybersecurity policies, standards, and procedures aligned with business objectives and regulatory requirements.Coordinate risk assessments, audits, and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA).Lead security awareness and training initiatives across the organization.Track and report on cybersecurity risks, mitigation plans, and audit findings.Partner with legal, audit, and compliance teams to ensure alignment with industry and legal frameworks.Strategic Leadership:Provide executive-level reporting on threat posture, key risks, and SOC performance.Guide long-term planning and roadmap development for security operations and governance initiatives.Mentor and develop SOC staff and GRC team members.Stay current with industry trends, threat landscape changes, and evolving compliance standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.-Reccomend use case fine tuning-Regularly review use cases and suggest enhancements. -Run internal Table top exercises to help train the team-Maintain IR quality as per industry standards Additional Information:- The candidate should have minimum 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Scope: We are looking for a dynamic and strategic Vice President of Cyber Defense to lead our global cyber defense and incident response capabilities. This executive leader will own the detection, response, and mitigation of cyber threats, ensuring our organization is resilient in the face of a rapidly evolving threat landscape. The ideal candidate brings deep expertise in threat detection, SOC operations, incident response, and threat intelligence. This leader will partner across the business to build and maintain a world-class cyber defense program that proactively protects the company's assets, data, and reputation. Key Responsibilities: Cyber Defense Strategy & Operations: Develop and execute the company's cyber defense strategy, aligning with enterprise risk, compliance, and business objectives. Work with key stakeholders and business lines to ensure detection and response meet NIST CSF minimum baselines for global security operations and response. Lead 24/7/365 operations based on business need partner with Global Command and Site Reliability Teams to ensure baseline for all customer facing incidents, and internal company wide incidents are coordinated in a centralized operation center follow the sun model. Lead the global Security Operations Center (SOC), including 24/7 monitoring, detection, analysis, and response to cyber threats. Build out capabilities for detection and response for Tier 1, Tier 2, and Tier 3 security incidents and events. Implement and mature threat hunting, security analytics, and detection engineering programs. Ensure and validate Customer Incident Response and capabilities for onboarding mergers & acquisitions, new customers, and new environments as we grow and scale. Security Assessment and Continuous Threat Exposure Management:Identifying and fixing weaknesses in systems and networks including establish MTTD, MTTR, and MTTA for exposures, vulnerabilities, and potential threats. Incident Response:Investigating and responding to security breaches, including analyzing incidents and escalating them when necessary. Threat Detection and Prevention:Monitoring network traffic, system logs, and other data sources to identify potential threats and malicious activity. Security System Administration and Maintenance:Installing, configuring, and maintaining security tools like firewalls, antivirus software, and intrusion detection systems. Security Policy and Procedure Development:Creating and enforcing security policies and procedures to protect sensitive information. Security Training and Awareness:Educating employees about cybersecurity risks and best practices. Staying Up-to-Date:Keeping abreast of the latest security threats, vulnerabilities, and technologies. Threat Intelligence & Response: Build and manage a comprehensive threat intelligence function to anticipate and defend against advanced persistent threats (APTs) and zero-day vulnerabilities. Lead cyber incident response efforts, including containment, eradication, and post-incident reviews. Serve as a key escalation point during major security events and coordinate cross-functional response. Security Engineering & Automation: Oversee the development and deployment of tools and technologies that support threat detection, log aggregation, SIEM, SOAR, EDR, and XDR platforms. Drive automation and orchestration to increase efficiency and reduce time to detection/response. Hold QBRs with key security operations vendors to ensure compliance and SLAs are met with all contracts. Team Leadership & Development: Build, lead, and inspire a high-performing cyber defense team, including SOC analysts, incident responders, threat hunters, and detection engineers. Foster a culture of accountability, continuous learning, and proactive defense. Establish Career Development Plans and Growth for analysts, engineers, managers, and directors as the business grows and scales. Collaboration & Executive Engagement: Partner with IT, Infrastructure, Risk, Compliance, and Legal teams to align cyber defense practices with business needs. Provide executive-level reporting on threat landscape, risk posture, and incident metrics. Act as a thought leader and spokesperson on cyber defense strategy internally and externally. Qualifications: Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field. 15+ years of experience in cybersecurity, with at least 5 to 8 years in a senior leadership role overseeing SOC, incident response, or threat intelligence. Deep knowledge of security operations, threat detection techniques, MITRE ATT&CK, and NIST/ISO frameworks. Proven track record managing large-scale incident response, threat intelligence operations, and blue team functions. Experience with cloud security (AWS, Azure, GCP) and hybrid infrastructure defense. Strong executive presence and ability to communicate effectively with C-level stakeholders. Relevant certifications such as CISSP, GIAC, GCIA, GCIH, or equivalent are highly desirable. Our Values If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours Find out here: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

India is among the top ten priority markets for General Mills, and hosts our Global Shared Services Centre. This is the Global Shared Services arm of General Mills Inc., which supports its operations worldwide. With over 1,300 employees in Mumbai, the center has capabilities in the areas of Supply Chain, Finance, HR, Digital and Technology, Sales Capabilities, Consumer Insights, ITQ (R&D & Quality), and Enterprise Business Services. Learning and capacity-building is a key ingredient of our success. Position Title D&T Analyst II - Cyber Security, Insider Threat & Awareness Function/Group Digital & Technology Location Powai, Mumbai Shift Timing 11 am - 8 pm Role Reports to D&T Manager - Cyber Security, Insider Threat & Awareness Remote/Hybrid/in-Office Hybrid ABOUT GENERAL MILLS We make foodthe world loves: 100 brands. In 100 countries. Across six continents. With iconic brands like Cheerios, Pillsbury, Betty Crocker, Nature Valley, and Hagen-Dazs, we've been serving up food the world loves for 155 years (and counting). Each of our brands has a unique story to tell. How we make our food is as important as the food we make. Our values are baked into our legacy and continue to accelerate us into the future as an innovative force for good. General Mills was founded in 1866 when Cadwallader Washburn boldly bought the largest flour mill west of the Mississippi. That pioneering spirit lives on today through our leadership team who upholds a vision of relentless innovation while being a force for good. For more details check out General Mills India Center (GIC) is our global capability center in Mumbai that works as an extension of ou r global organization delivering business value, service excellence and growth, while standing for good for our planet and people. With our team of 1800+ professionals, we deliver superior value across the areas of Supply chain (SC) , Digital & Technology (D&T) Innovation, Technology & Quality (ITQ), Consumer and Market Intelligence (CMI), Sales Strategy & Intelligence (SSI) , Global Shared Services (GSS) , Finance Shared Services (FSS) and Human Resources Shared Services (HRSS). For more details check out We advocate for advancing equity and inclusion to create more equitable workplaces and a better tomorrow. JOB OVERVIEW Function Overview The Digital and Technology team at General Mills stands as the largest and foremost unit, dedicated to exploring the latest trends and innovations in technology while leading the adoption of cutting-edge technologies across the organization. Collaborating closely with global business teams, the focus is on understanding business models and identifying opportunities to leverage technology for increased efficiency and disruption. The team's expertise spans a wide range of areas, including AI/ML, Data Science, IoT, NLP, Cloud, Infrastructure, RPA and Automation, Digital Transformation, Cyber Security, Blockchain, SAP S4 HANA and Enterprise Architecture. The MillsWorks initiative embodies an agile@scale delivery model, where business and technology teams operate cohesively in pods with a unified mission to deliver value for the company. Employees working on significant technology projects are recognized as Digital Transformation change agents. The team places a strong emphasis on service partnerships and employee engagement with a commitment to advancing equity and supporting communities. In fostering an inclusive culture, the team values individuals passionate about learning and growing with technology, exemplified by the Work with Heart philosophy, emphasizing results over facetime. Those intrigued by the prospect of contributing to the digital transformation journey of a Fortune 500 company are encouraged to explore more details about the function through the following Purpose of the role The Security Awareness and Insider Threat Analyst is responsible for developing, implementing, and managing security awareness programs to educate employees on security best practices and protect, detect and respond to risks posed by insider threats. This role combines expertise in threat detection and prevention with a strong focus on cultivating a security-conscious culture within the organization. The analyst will monitor and analyze insider threat activities, respond to incidents, and collaborate with various departments to enhance the organization's overall security posture. KEY ACCOUNTABILITIES . Monitor and analyze user activities for signs of potential insider threats. . Develop and maintain threat detection tools, techniques, and procedures. . Utilize threat intelligence platforms to gather, analyze, and disseminate relevant information. . Perform advanced analysis of insider threat and DLP alerts across various egress channels in on-premise and cloud environments, prioritizing threats using available tools. . Investigate and document event/alert patterns, collaborating with Cyber Defence, Legal, Privacy, and HR teams during incidents as necessary. . Create detailed reports on security incidents, investigations, and mitigation efforts. . Contribute to refining detection tool policies, rules, and operational documents by highlighting areas for improvement. . Lead the simulated phishing program, including metrics and executive summaries. . Coordinate with internal and external partners to develop and update quality training content. . Develop and distribute enterprise-wide communications on information security risks and guidance. . Create marketing materials and content for global Security Awareness even ts, including in-person site events as needed. . Ensure the security awareness program effectively communicates security policies, fostering a global security culture. MINIMUM QUALIFICATIONS Education - Full time graduation from an accredited university (Mandatory- Note: This is the minimum education criteria which cannot be altered) Minimum 4 years of experience in SOC, Incident Response, Insider Threat or Security Awareness. PREFERRED QUALIFICATIONS Excellent written, verbal communication and presentation skills. Ability to create engaging and effective training materials. Strong organizational and project management skills. Ability to work effectively in a team environment and collaborate with various stakeholders. Certifications: The following certificates are preferred but not mandatory, CompTIA Security+ CompTIA Cybersecurity Analyst (CySA+) EC-Council Computer Hacking Forensics Investigator (CHFI) EC-Council Certified Incident Handler (ECIH) SANS GIAC Security Essentials (GSEC) Microsoft Certified: Azure Fundamentals (AZ900) Microsoft Certified: Information Protection and Compliance Administrator Associate (SC400)

Working Monday to Friday. We are looking for a skilled Cybersecurity Manager to oversee and enhance the security posture of our Hyderabad office, internal websites, and in-house applications across iOS, Android, and desktop platforms. This role will be responsible for managing and implementing robust cybersecurity practices, conducting security assessments, and ensuring the highest level of data protection for our digital assets. Requirements: Bachelor's Degree preferred. 5+ years of experience in cybersecurity, with a focus on application and infrastructure security. Expertise in mobile and desktop application security, as well as website protection practices. Hands-on experience with security tools for threat detection, vulnerability management, and incident response. Excellent problem-solving skills and the ability to work in high-pressure environments. Good knowledge of Network Engineer Experience with firewalls, VPN technologies, monitoring systems, and Wi-Fi. QoS experience. AWS Certified Advanced Networking certification a plus, but not required. Experience with dynamic routing protocols such as BGP and best practices for availability and performance. AWS experience in setting up VPC, Transit Gateways, etc. Experience with Networks Firewalls. Cisco Certification (CCNA or CCNP) a plus, but not required. Understanding of VoIP support systems on a network Scripting, such as PHP a strong asset. Limited travel may be required, including internationally. Ability to provide support during off-hours and during incident situations

Oracle Cloud Infrastructure (OCI) is one of the fastest-growing cloud platforms, and we are assembling a world-class team to build the next generation of security products. We're seeking a Principal Software Engineer to drive the design and development of mission-critical systems that protect OCI customers at hyperscale. As a Principal Engineer in the Security Products Group, you will play a key leadership role in: Architecting and delivering complex, distributed systems with a focus on security, resiliency, and scalability. Driving strategic technical decisions and shaping the long-term vision for OCI's security offerings. Mentoring engineers, influencing cross-team engineering practices, and raising the technical bar across the organization. Leading design reviews, setting coding standards, and fostering a culture of operational excellence. What You'll Do: Lead design and development of major features and large-scale systems from concept to production. Set the direction for platform architecture and system design in areas such as identity, data protection, threat detection, and vulnerability management. Operate and improve high-scale services, driving initiatives to increase reliability, observability, and automation. Collaborate across teams and orgs to align architecture, resolve dependencies, and ensure delivery of high-impact security capabilities. What We're Looking For: Deep experience in building and operating distributed systems at scale. Proven ability to design and deliver complex features with cross-cutting impact. Hands-on experience with services operating across regions and subject to strict compliance and regulatory requirements. Strong coding skills and the ability to dive deep into technical details across the stack-from low-level systems internals to API design. A bias for simplicity, a passion for scale, and a pragmatic approach to problem-solving. Why Security at OCI The OCI Security Products Group is on a mission to build the most secure cloud platform. We deliver a portfolio of cloud-native services that enable our customers to: Isolate workloads, encrypt data, and control access securely. Detect vulnerabilities and threats across applications, containers, and infrastructure. Remediate risks proactively, leveraging intelligence from CVEs, CIS benchmarks, and threat modeling. We are investing heavily in advanced security systems that detect, analyze, and block malicious activity in real time - empowering our customers to build and scale confidently on Oracle Cloud. Explore our work: Lead the design and development of large-scale, mission-critical security services within OCI, ensuring they are reliable, scalable, and secure by default. Define technical strategy and architecture for key areas such as identity, access control, data protection, threat detection, and vulnerability management. Drive end-to-end delivery of complex features - from ideation and design through development, testing, deployment, and operational support. Mentor and guide engineers across multiple teams, fostering technical growth, improving code quality, and raising the bar for design and execution. Champion engineering excellence by setting high standards for design, code, observability, automation, and operational readiness. Collaborate across functional teams (security, platform, compliance, product management) to align on strategy, resolve architectural challenges, and accelerate delivery. Continuously improve system reliability and performance through proactive observability, incident response, chaos engineering, and root cause analysis. Evaluate and adopt new technologies and patterns to improve security posture, performance, and developer productivity. Contribute to the broader OCI engineering community through leadership in design reviews, architecture discussions, and cross-org initiatives. Career Level - IC4

Job Title: Threat Intelligence Analyst Corporate Title: AVP Location: Pune, India Role Description As a Threat Intelligence AVP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What we’ll offer you As part of our flexible scheme, here are just some of the benefits that you’ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience Requirements 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How we’ll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htmRole & responsibilities Preferred candidate profile

Greetings from IT.. I am now hiring a Threat Detection Engineer for my Clients. Location: Bangalore, Gurugram. Experience: 6-13 Years N[P: Immediate-30 days Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE). Kindly share your resume at chanchal@oitindia.com

locationsIndia, Bangalore time typeFull time posted onPosted 30+ Days Ago job requisition idJR0034151 Job Title: Security Researcher - EDR About Trellix: Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are looking for a skilled EDR Security Researcher. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities by identifying detection coverage gaps and developing signatures to address these gaps effectively. About the role Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols. Author detection rules for behavior-based detection engines. Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience. Write generic threat detections based on static and dynamic detection engines. Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework. Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset. Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives). Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection. Develop alerting, reporting, and automated detection solutions. Build tools and automation to improve productivity. About you 3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines. 2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools. 2+ years of experience querying and analyzing (for malware/TTPs) large datasets. Experience in programming or scripting languages (e.g., Python, PowerShell). Experience in utilizing various malware analysis tools and frameworks (e.g., IDA Pro). Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS. Excellent verbal and written communication skills in English. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at Gurugram office. 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities: SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization. Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows. Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools. Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization. Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations. Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: Proficiency in scripting and programming Python to develop custom playbooks and integrations. Strong understanding of security operations, incident response, and threat intelligence workflows. Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools. Ability to troubleshoot complex integration and automation issues effectively. Additional Information: Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent. Experience with cloud-native SOAR deployments and hybrid environments. Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001. A 15 year full-time education is required 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at our Pune office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at Bengaluru office. 15 years of full-time education is required. Qualification 15 years full time education

Role & responsibilities 9+ years of experience in cybersecurity, specializing in Managed Security Services (MSS) and advanced operational environments. Familiarity with a wide range of cybersecurity solutions, including Threat Detection and Response technologies (e.g., SIEM, SOAR, EDR, XDR), Identity Management systems (e.g., IGA, PAM, SSO), and Data Protection tools. Strong understanding of the technology landscape and the cybersecurity challenges faced by organizations. Proven ability to build and maintain relationships with decision-makers, including C-suite stakeholders, to drive business growth. Skilled in managing the sales pipeline from lead generation to deal closure, ensuring accurate forecasting and alignment with client objectives. Excellent communication and presentation abilities to articulate complex security solutions effectively. Capable of independently driving sales opportunities through the full cycle, including product demonstrations and collaboration with internal teams (e.g., solution architects, delivery managers). Experienced in working with GCCs in India is highly preferred. Proficient in CRM tools, Microsoft Office, and industry best practices. Continuously monitors industry trends, competitor strategies, and market developments to identify and seize new opportunities. Willingness to travel to meet business needs.

Dear Professional, We are excited to present a unique opportunity at Cognizant, a leading IT firm renowned for fostering growth and innovation. We are seeking talented professionals with 5 to 10 years of experience in Splunk Administration,Splunk Development,Splunk Enterprise Security,Splunk Dashboard Creation,AlertLogic SIEM ,Threat Detection,Incident Response,Log Management,Security Analytics,Compliance Reporting,Real-time Monitoring,Alert Logic MDR,LogRhythm SIEM,LogRhythm Administration,LogRhythm Threat Detection, LogRhythm Incident Response to join our dynamic team. Your expertise in these areas is highly sought after, and we believe your contributions will be instrumental in driving our projects to new heights. We offer a collaborative environment where your skills will be valued and nurtured. To proceed to the next step of the recruitment process, please provide us with the following details with Updated resume to sathish.kumarmr@cognizant.com Please share below details (Mandatory) : Full Name(As per Pan card): Contact number:Email Current Location: Interested Locations: Total Years of experience: Relevant years of experience: Current company: Notice period: NP negotiable: if yes how many days they can negotiate? : If you are Serving any Notice period Means please mention Last date of Working: Current CTC- Expected CTC- Availability for interview on Weekdays ? Highest Qualification? Additionally, we would like to schedule a virtual interview with you on 2nd August 2024. Kindly confirm your availability for the same. We look forward to the possibility of you bringing your valuable experience to Cognizant. Please respond at your earliest convenience. Thanks & Regards, Sathish Kumar M R HR-Cognizant Sathish.KumarMR@cognizant.com

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and mitigating potential risks. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Implement security measures to protect systems and data Conduct security assessments and audits Develop and implement security policies and procedures Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Strong understanding of identity and access management Experience with security tools and technologies Knowledge of security frameworks and standards Hands-on experience in incident response and threat detection Additional Information: The candidate should have a minimum of 7.5 years of experience in SailPoint IdentityIQ This position is based at our Bengaluru office A 15 years full-time education is required Qualification 15 years full time education