408 Threat Detection Jobs - Page 6

As the SOC Manager, you will play a crucial role in leading and managing the Security Operations Center. Your responsibilities will include: - Leading and mentoring SOC staff across L1, L2, and L3 tiers - Overseeing hiring, onboarding, training, certification, and performance evaluations - Coordinating 24x7 shift coverage and ensuring readiness for high-severity incidents - Managing day-to-day SOC operations, including alert triage, incident escalation, and response coordination - Ensuring adherence to SLAs, KPIs, and compliance requirements - Overseeing the implementation and tuning of detection rules, playbooks, and automation workflows - Acting as the escalation point for critical inciden...

As a Cyberwatcher, your role involves maintaining expert knowledge of Advanced Persistent Threat (APT) Tools, Techniques, and Procedures (TTPs), forensics, and incident response best practices. You will use threat intelligence and threat models to build threat scenarios and conduct threat-hunting campaigns to check these scenarios. Your responsibilities also include researching, analyzing, and correlating data sets from various sources, as well as proactively detecting advanced threats through iterative research into systems and networks. Key Responsibilities: - Maintain expert knowledge of APT Tools, Techniques, and Procedures (TTPs) - Use threat intelligence and models to build threat scen...

As an Endpoint Security Analyst, you will play a crucial role in safeguarding our organization's endpoint devices from advanced threats. Your responsibilities will include deploying, configuring, maintaining, and monitoring McAfee/Trellix endpoint security solutions to ensure comprehensive protection of our data and systems. Key Responsibilities: - Design and implement endpoint security policies aligned with organizational standards. - Deploy and configure McAfee/Trellix Endpoint Security (MEE/ENS) agents on all endpoints. - Integrate MEE/ENS with other security tools for centralized management and threat detection. - Proactively monitor dashboards and alerts for suspicious activity. - Inves...

In this role, you will lead and manage advanced threat detection and response efforts using Carbon Black EDR across our clients" endpoints. Your responsibilities will include investigating and analyzing sophisticated security alerts and events to determine the root cause, scope, and impact of security incidents. You will provide technical expertise and guidance to junior analysts (L1, L2s), assisting with incident investigations, analysis, and resolution. Developing and implementing advanced detection and response strategies using Carbon Black EDR to enhance our overall security posture will be a key part of your role. Additionally, you will lead incident response efforts, including coordina...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve coll...

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled and experienced Senior Threat Hunter with deep expertise in Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The ideal candidate will excel in ad...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Platform engineering lead you will design, implement, and manage Microsoft Sentinel security solutions including analytics rules and automation workflows. Collaborate across teams to align threat detection a...

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve coll...

You are seeking a skilled Cybersecurity Implementation Engineer with expertise in customer parser development, Yara rules creation, playbook implementation, and data ingestion techniques. This role offers you the opportunity to contribute to cutting-edge cybersecurity solutions and collaborate with a talented team. Your responsibilities will include: - Developing custom parsers to extract and normalize data from diverse sources like logs, network traffic, and endpoint data. - Designing, developing, and maintaining Yara rules for threat detection and malware analysis to ensure high accuracy and effectiveness. - Creating and implementing playbook automation to streamline incident response proc...

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Role Description: The successful candidate will have the opportunity to gain practical experience in engagements that involve the design, implementation, and management of data security solutions using Microsoft Purview. This role is crucial in protecting the proprietary and sensitive information of our organization and our diverse clientele. The candidate will collaborate closely...

Role: S enior SOC Analyst, Alerts & Automation Standard Title: Senior Analyst, Cyber Defence (SOC) Location: Bangalore, India About Us Founded in 2014, Circles is a global technology company reimagining the telco industry with its innovative SaaS platform, empowering telco operators worldwide to effortlessly launch innovative digital brands or refresh existing ones, accelerating their transformation into techcos. Today, Circles partners with leading telco operators across multiple countries and continents, including KDDI Corporation, Etisalat Group (e&), AT&T, and Telkomsel, creating blueprints for future telco and digital experiences enjoyed by millions of consumers globally. Besides its Sa...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Network Security Operations Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to doc...

Your Role Configure and customize FortiSOAR to automate and orchestrate security workflows across enterprise environments. Develop and maintain automation playbooks using Python and scripting languages aligned with security use cases. Integrate various security tools and platforms using APIs, Ansible, and custom scripts to enhance SOC capabilities. Monitor, analyze, and troubleshoot automated security processes to proactively address threats and improve response times. Collaborate with IT and security teams to align FortiSOAR configurations with organizational goals and compliance needs. Your Profile 9 to 12 years of experience in security automation and orchestration using FortiSOAR. Experi...

Key Responsibilities: Conduct security assessments, vulnerability scans, and penetration testing Analyze logs, network traffic, and endpoint telemetry for threat detection Assist in incident response, forensic analysis, and post-incident reporting Advise clients on compliance with standards such as ISO 27001, NIST, Develop and implement security policies, procedures, and controls Support risk assessments and business impact analyses Prepare technical documentation, audit reports, and executive summaries

Role & responsibilities Proactively hunt for threats using SIEM, EDR, and other telemetry data (e.g., Splunk, Microsoft Sentinel, CrowdStrike, etc.). Perform advanced threat analysis and identify Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) based on frameworks like MITRE ATT&CK. Develop and fine-tune detection use cases, custom rules, and analytics to identify malicious behaviors. Collaborate with SOC, Threat Intelligence, IR, and Red Team teams to enhance detection capabilities. Analyze threat actor campaigns and exploit techniques to determine potential impact and mitigations. Perform root cause analysis of security incidents and recommend preventive measu...

Role Overview We are looking for a SOC Architect / Lead to design, implement, and lead our next-generation Security Operations Center . This role requires expertise in SOC architecture, Elastic Stack, SIEM/SOAR, threat detection, and security leadership . You will oversee the SOC team, define strategy, integrate threat intelligence, and ensure proactive defense and compliance Key Responsibilities Design and implement SOC architecture (Elastic SIEM, SOAR, threat intel integrations, alert pipelines). Lead SOC Engineers in building and tuning custom dashboards & correlation rules . Define detection logic, anomaly detection, and proactive threat hunting methodologies . Establish incident respons...

Role Overview: As an Incident Response Senior Analyst (IRSA), you will play a crucial role in effectively responding to and mitigating security incidents within the organization. Your primary responsibility will be to lead investigations into cyber threats, identify root causes of incidents, and develop appropriate response strategies. You will work closely with cross-functional teams to contain incidents, minimize impact, and prevent future occurrences. In this role, you will utilize your expertise in security tools and technologies to analyze security events, assess their potential impact, and coordinate response efforts. You will also be responsible for documenting incident details, inclu...

As a Cyber Security Sales Executive at our company, your role will involve leveraging your proven track record in sales, especially within the cyber security or technology sector. Your experience in B2B sales and managing enterprise-level accounts will be highly beneficial for this position. You should have a solid understanding of cyber security concepts, encompassing threat detection, risk management, compliance, and various security technologies like firewalls, SIEM, SOAR, Data Security, PIM, PAM, and IDAM. Your technical expertise should be complemented by excellent communication, presentation, and negotiation skills. The ability to articulate complex technical information clearly and pe...

As an Azure SIEM Platform Lead at CyberProof, A UST Company, you will be responsible for managing and leading a cloud-based SIEM platform using Azure Data Explorer (ADX), Microsoft Sentinel, and Azure DevOps. Your role will involve developing and optimizing Kusto Query Language (KQL) queries for threat detection, reporting, and health monitoring, as well as onboarding and fine-tuning log sources and connectors for enhanced visibility and cost efficiency. Leading a small technical team, you will mentor engineers, drive automation and CI/CD practices, and ensure platform performance, scalability, and security. Key Responsibilities - Manage and lead the Azure SIEM platform utilizing ADX, Sentin...

As a member of the Product Security Engineering (PSE) team within the Cloud CISO organization at Google, you will have the opportunity to contribute to ensuring the security of every product shipped by Cloud and enhancing the security assurance levels of the underlying infrastructure. Your role will involve collaborating with product teams to develop more secure products by implementing security measures by design and default, providing tools, patterns, and frameworks, and enhancing the expertise of embedded security leads. - Research innovative detection techniques to prevent and mitigate abusive activities such as outbound security attacks, botnet, DDoS, and other malicious behaviors that ...

Role Overview: As a seasoned Technology Leader specializing in cybersecurity solutions, you will be responsible for developing and executing a comprehensive technology roadmap that aligns with business objectives and industry standards. Your role will involve designing and managing enterprise-grade cybersecurity platforms such as Splunk and QRadar to ensure seamless integration across diverse OT and IT environments. Innovation will be a key aspect of your responsibilities as you lead the design and development of advanced cybersecurity tools including SIEM, XDR, next-gen firewalls, and secure networking solutions. Your focus will be on driving innovation to address the unique challenges of O...

Job Summary/Objective: We are seeking an experienced Microsoft XDR and Sentinel Expert to join our cybersecurity team. The ideal candidate will be responsible for the design, deployment, tuning, and day-to-day operations of Microsoft Sentinel (SIEM/SOAR) and the Microsoft Defender suite (XDR components). This includes Defender for Endpoint, Identity, Office 365, Cloud Apps, and Azure. The role will play a key part in detecting, investigating, and responding to security threats across our cloud and on-premises environments using the Microsoft security ecosystem. Qualifications: BE/B-tech In IT or MCA or equivalent Requirements & Skills: Proven hands-on experience with Microsoft Sentinel and M...

Role Overview: As a Cyber Defence Incident Responder within the Information Security Group, your primary responsibility is to investigate, analyze, and respond to cyber incidents within the network environment or enclave. You will be coordinating and providing expert technical support to enterprise-wide cyber defence technicians to resolve incidents efficiently. Your role will involve correlating incident data to identify vulnerabilities and make recommendations for expeditious remediation. You will analyze log files from various sources to detect potential threats to network security and perform cyber defence incident triage to determine scope, urgency, and impact. Additionally, you will be...

We are looking for a Senior Site Reliability Engineer, to join our Service Reliability and Operation group. We provide innovative team collaboration and an opportunity to build, operate and support scalable and reliable services that underpin Thomson Reuters products. About the Role: In this opportunity as a Senior Site Reliability Engineer , you will be responsible to: Be a Professional SRE: Implement site reliability engineering and DevOps best practices. Feed non-functional requirements into the product backlog, such as, but not limited to, high availability, scalability, self-healing, observability, continuous delivery, security Build and maintain monitoring for all aspects of infrastruc...

Cloud Security Posture Management: Implement and maintain security configurations across cloud platforms (AWS, Azure, GCP) using tools like Wiz, Valence, and native cloud services. Threat Detection & Response: Develop and manage detection mechanisms for toxic cloud risks, public exposure, and runtime threats. Collaborate with SOC and incident response teams to triage and remediate issues. Secure SDLC Integration: Embed security into CI/CD pipelines using SAST, DAST, dependency scans, and secrets detection. Support early threat modeling and vulnerability assessments during design and release phases. Compliance & Auditing: Conduct regular audits to ensure alignment with CIS benchmarks, NIST, O...