243 Threat Detection Jobs - Page 9

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and handling end to end SOC operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME on SOC Operations, security monitoring and incident management activities.- Collaborate and manage the team to perform on operations, security stakeholders (Onshore & Client) engagement.- Responsible for team decisions on security incidents and Operational processes and enhancements.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular assessments of cloud security measures and recommend improvements.- Facilitate training sessions for team members on cloud security best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and frameworks.- Experience with incident response and threat detection methodologies.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.- Ability to analyze security incidents and provide actionable insights. Additional Information:- The candidate should have minimum 7.5 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Introduction At IBM, work is more than a job - its a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things youve never thought possible. Are you ready to lead in this new era of technology and solve some of the worlds most challenging problems If so, lets talk. Your role and responsibilities We are seeking a highly skilled SIEM Security Engineer to join our cybersecurity team. This role involves the administration, engineering, and optimization of Security Information and Event Management (SIEM) solutions, specifically focusing on QRadar SIEM, as well as developing and implementing security use cases based on frameworks like MITRE ATT&CK and NIST. Key Responsibilities: SIEM Administration & Engineering: Maintain, configure, and optimize SIEM platforms, ensuring high availability and efficiency. Use Case Development: Design, implement, and test correlation rules and threat detection methodologies based on industry best practices. Log Source Management: Integrate and troubleshoot various log sources including firewalls, endpoints, IAM, cloud, network devices, and more. Threat Hunting & Incident Response Support: Work closely with SOC analysts, threat hunters, and incident response teams to identify security incidents and optimize detections. False Positive Reduction & SIEM Optimization: Refine correlation logic to improve detection efficacy while minimizing false positives. Security Framework & Compliance: Implement security controls in alignment with MITRE ATT&CK, NIST, and ITIL frameworks. Documentation & Collaboration: Maintain use case catalogs, runbooks, and collaborate with internal teams for continuous improvements. Advanced Analysis: Lead investigations of complex cybersecurity threats, escalate critical findings, and contribute to SOC strategic planning. Required education Bachelors Degree Preferred education Bachelors Degree Required technical and professional expertise 8+ years of experience in IT Cyber Security Industry 6+ years experience in SIEM Administration and Use Case Engineering Strong understanding of Networking, OSI, TCP/IP concepts Expertise in Cybersecurity controls, threat detection, and attack methodologies Knowledge of MITRE ATT&CK, NIST frameworks, and security best practices Hands-on experience with multiple SIEM solutions, preferably QRadar SIEM Experience with UBA solutions and SIEM tuning Familiarity with log source integration, parsing, correlation, and troubleshooting Coordination and communication skills to work with security, engineering, and service delivery teams Preferred technical and professional experience SIEM Use Case Engineering and Content Development Relevant cybersecurity certifications such as CEH, CompTIA Security+, CCNA Strong ability to analyze security trends, optimize existing rules, and recommend improvement

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- SOC Operations:Lead and manage day-to-day operations of the SOC, including Tier 13 security analysts.Oversee security monitoring, threat detection, incident response, and threat intelligence activities.Ensure continuous tuning and enhancement of SIEM and EDR tools.Create and maintain incident response playbooks and workflows.Collaborate with infrastructure and application teams during security events.Security Governance, Risk & Compliance:Develop and enforce cybersecurity policies, standards, and procedures aligned with business objectives and regulatory requirements.Coordinate risk assessments, audits, and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA).Lead security awareness and training initiatives across the organization.Track and report on cybersecurity risks, mitigation plans, and audit findings.Partner with legal, audit, and compliance teams to ensure alignment with industry and legal frameworks.Strategic Leadership:Provide executive-level reporting on threat posture, key risks, and SOC performance.Guide long-term planning and roadmap development for security operations and governance initiatives.Mentor and develop SOC staff and GRC team members.Stay current with industry trends, threat landscape changes, and evolving compliance standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.-Reccomend use case fine tuning-Regularly review use cases and suggest enhancements. -Run internal Table top exercises to help train the team-Maintain IR quality as per industry standards Additional Information:- The candidate should have minimum 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Scope: We are looking for a dynamic and strategic Vice President of Cyber Defense to lead our global cyber defense and incident response capabilities. This executive leader will own the detection, response, and mitigation of cyber threats, ensuring our organization is resilient in the face of a rapidly evolving threat landscape. The ideal candidate brings deep expertise in threat detection, SOC operations, incident response, and threat intelligence. This leader will partner across the business to build and maintain a world-class cyber defense program that proactively protects the company's assets, data, and reputation. Key Responsibilities: Cyber Defense Strategy & Operations: Develop and execute the company's cyber defense strategy, aligning with enterprise risk, compliance, and business objectives. Work with key stakeholders and business lines to ensure detection and response meet NIST CSF minimum baselines for global security operations and response. Lead 24/7/365 operations based on business need partner with Global Command and Site Reliability Teams to ensure baseline for all customer facing incidents, and internal company wide incidents are coordinated in a centralized operation center follow the sun model. Lead the global Security Operations Center (SOC), including 24/7 monitoring, detection, analysis, and response to cyber threats. Build out capabilities for detection and response for Tier 1, Tier 2, and Tier 3 security incidents and events. Implement and mature threat hunting, security analytics, and detection engineering programs. Ensure and validate Customer Incident Response and capabilities for onboarding mergers & acquisitions, new customers, and new environments as we grow and scale. Security Assessment and Continuous Threat Exposure Management:Identifying and fixing weaknesses in systems and networks including establish MTTD, MTTR, and MTTA for exposures, vulnerabilities, and potential threats. Incident Response:Investigating and responding to security breaches, including analyzing incidents and escalating them when necessary. Threat Detection and Prevention:Monitoring network traffic, system logs, and other data sources to identify potential threats and malicious activity. Security System Administration and Maintenance:Installing, configuring, and maintaining security tools like firewalls, antivirus software, and intrusion detection systems. Security Policy and Procedure Development:Creating and enforcing security policies and procedures to protect sensitive information. Security Training and Awareness:Educating employees about cybersecurity risks and best practices. Staying Up-to-Date:Keeping abreast of the latest security threats, vulnerabilities, and technologies. Threat Intelligence & Response: Build and manage a comprehensive threat intelligence function to anticipate and defend against advanced persistent threats (APTs) and zero-day vulnerabilities. Lead cyber incident response efforts, including containment, eradication, and post-incident reviews. Serve as a key escalation point during major security events and coordinate cross-functional response. Security Engineering & Automation: Oversee the development and deployment of tools and technologies that support threat detection, log aggregation, SIEM, SOAR, EDR, and XDR platforms. Drive automation and orchestration to increase efficiency and reduce time to detection/response. Hold QBRs with key security operations vendors to ensure compliance and SLAs are met with all contracts. Team Leadership & Development: Build, lead, and inspire a high-performing cyber defense team, including SOC analysts, incident responders, threat hunters, and detection engineers. Foster a culture of accountability, continuous learning, and proactive defense. Establish Career Development Plans and Growth for analysts, engineers, managers, and directors as the business grows and scales. Collaboration & Executive Engagement: Partner with IT, Infrastructure, Risk, Compliance, and Legal teams to align cyber defense practices with business needs. Provide executive-level reporting on threat landscape, risk posture, and incident metrics. Act as a thought leader and spokesperson on cyber defense strategy internally and externally. Qualifications: Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field. 15+ years of experience in cybersecurity, with at least 5 to 8 years in a senior leadership role overseeing SOC, incident response, or threat intelligence. Deep knowledge of security operations, threat detection techniques, MITRE ATT&CK, and NIST/ISO frameworks. Proven track record managing large-scale incident response, threat intelligence operations, and blue team functions. Experience with cloud security (AWS, Azure, GCP) and hybrid infrastructure defense. Strong executive presence and ability to communicate effectively with C-level stakeholders. Relevant certifications such as CISSP, GIAC, GCIA, GCIH, or equivalent are highly desirable. Our Values If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours Find out here: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

India is among the top ten priority markets for General Mills, and hosts our Global Shared Services Centre. This is the Global Shared Services arm of General Mills Inc., which supports its operations worldwide. With over 1,300 employees in Mumbai, the center has capabilities in the areas of Supply Chain, Finance, HR, Digital and Technology, Sales Capabilities, Consumer Insights, ITQ (R&D & Quality), and Enterprise Business Services. Learning and capacity-building is a key ingredient of our success. Position Title D&T Analyst II - Cyber Security, Insider Threat & Awareness Function/Group Digital & Technology Location Powai, Mumbai Shift Timing 11 am - 8 pm Role Reports to D&T Manager - Cyber Security, Insider Threat & Awareness Remote/Hybrid/in-Office Hybrid ABOUT GENERAL MILLS We make foodthe world loves: 100 brands. In 100 countries. Across six continents. With iconic brands like Cheerios, Pillsbury, Betty Crocker, Nature Valley, and Hagen-Dazs, we've been serving up food the world loves for 155 years (and counting). Each of our brands has a unique story to tell. How we make our food is as important as the food we make. Our values are baked into our legacy and continue to accelerate us into the future as an innovative force for good. General Mills was founded in 1866 when Cadwallader Washburn boldly bought the largest flour mill west of the Mississippi. That pioneering spirit lives on today through our leadership team who upholds a vision of relentless innovation while being a force for good. For more details check out General Mills India Center (GIC) is our global capability center in Mumbai that works as an extension of ou r global organization delivering business value, service excellence and growth, while standing for good for our planet and people. With our team of 1800+ professionals, we deliver superior value across the areas of Supply chain (SC) , Digital & Technology (D&T) Innovation, Technology & Quality (ITQ), Consumer and Market Intelligence (CMI), Sales Strategy & Intelligence (SSI) , Global Shared Services (GSS) , Finance Shared Services (FSS) and Human Resources Shared Services (HRSS). For more details check out We advocate for advancing equity and inclusion to create more equitable workplaces and a better tomorrow. JOB OVERVIEW Function Overview The Digital and Technology team at General Mills stands as the largest and foremost unit, dedicated to exploring the latest trends and innovations in technology while leading the adoption of cutting-edge technologies across the organization. Collaborating closely with global business teams, the focus is on understanding business models and identifying opportunities to leverage technology for increased efficiency and disruption. The team's expertise spans a wide range of areas, including AI/ML, Data Science, IoT, NLP, Cloud, Infrastructure, RPA and Automation, Digital Transformation, Cyber Security, Blockchain, SAP S4 HANA and Enterprise Architecture. The MillsWorks initiative embodies an agile@scale delivery model, where business and technology teams operate cohesively in pods with a unified mission to deliver value for the company. Employees working on significant technology projects are recognized as Digital Transformation change agents. The team places a strong emphasis on service partnerships and employee engagement with a commitment to advancing equity and supporting communities. In fostering an inclusive culture, the team values individuals passionate about learning and growing with technology, exemplified by the Work with Heart philosophy, emphasizing results over facetime. Those intrigued by the prospect of contributing to the digital transformation journey of a Fortune 500 company are encouraged to explore more details about the function through the following Purpose of the role The Security Awareness and Insider Threat Analyst is responsible for developing, implementing, and managing security awareness programs to educate employees on security best practices and protect, detect and respond to risks posed by insider threats. This role combines expertise in threat detection and prevention with a strong focus on cultivating a security-conscious culture within the organization. The analyst will monitor and analyze insider threat activities, respond to incidents, and collaborate with various departments to enhance the organization's overall security posture. KEY ACCOUNTABILITIES . Monitor and analyze user activities for signs of potential insider threats. . Develop and maintain threat detection tools, techniques, and procedures. . Utilize threat intelligence platforms to gather, analyze, and disseminate relevant information. . Perform advanced analysis of insider threat and DLP alerts across various egress channels in on-premise and cloud environments, prioritizing threats using available tools. . Investigate and document event/alert patterns, collaborating with Cyber Defence, Legal, Privacy, and HR teams during incidents as necessary. . Create detailed reports on security incidents, investigations, and mitigation efforts. . Contribute to refining detection tool policies, rules, and operational documents by highlighting areas for improvement. . Lead the simulated phishing program, including metrics and executive summaries. . Coordinate with internal and external partners to develop and update quality training content. . Develop and distribute enterprise-wide communications on information security risks and guidance. . Create marketing materials and content for global Security Awareness even ts, including in-person site events as needed. . Ensure the security awareness program effectively communicates security policies, fostering a global security culture. MINIMUM QUALIFICATIONS Education - Full time graduation from an accredited university (Mandatory- Note: This is the minimum education criteria which cannot be altered) Minimum 4 years of experience in SOC, Incident Response, Insider Threat or Security Awareness. PREFERRED QUALIFICATIONS Excellent written, verbal communication and presentation skills. Ability to create engaging and effective training materials. Strong organizational and project management skills. Ability to work effectively in a team environment and collaborate with various stakeholders. Certifications: The following certificates are preferred but not mandatory, CompTIA Security+ CompTIA Cybersecurity Analyst (CySA+) EC-Council Computer Hacking Forensics Investigator (CHFI) EC-Council Certified Incident Handler (ECIH) SANS GIAC Security Essentials (GSEC) Microsoft Certified: Azure Fundamentals (AZ900) Microsoft Certified: Information Protection and Compliance Administrator Associate (SC400)

Working Monday to Friday. We are looking for a skilled Cybersecurity Manager to oversee and enhance the security posture of our Hyderabad office, internal websites, and in-house applications across iOS, Android, and desktop platforms. This role will be responsible for managing and implementing robust cybersecurity practices, conducting security assessments, and ensuring the highest level of data protection for our digital assets. Requirements: Bachelor's Degree preferred. 5+ years of experience in cybersecurity, with a focus on application and infrastructure security. Expertise in mobile and desktop application security, as well as website protection practices. Hands-on experience with security tools for threat detection, vulnerability management, and incident response. Excellent problem-solving skills and the ability to work in high-pressure environments. Good knowledge of Network Engineer Experience with firewalls, VPN technologies, monitoring systems, and Wi-Fi. QoS experience. AWS Certified Advanced Networking certification a plus, but not required. Experience with dynamic routing protocols such as BGP and best practices for availability and performance. AWS experience in setting up VPC, Transit Gateways, etc. Experience with Networks Firewalls. Cisco Certification (CCNA or CCNP) a plus, but not required. Understanding of VoIP support systems on a network Scripting, such as PHP a strong asset. Limited travel may be required, including internationally. Ability to provide support during off-hours and during incident situations

Oracle Cloud Infrastructure (OCI) is one of the fastest-growing cloud platforms, and we are assembling a world-class team to build the next generation of security products. We're seeking a Principal Software Engineer to drive the design and development of mission-critical systems that protect OCI customers at hyperscale. As a Principal Engineer in the Security Products Group, you will play a key leadership role in: Architecting and delivering complex, distributed systems with a focus on security, resiliency, and scalability. Driving strategic technical decisions and shaping the long-term vision for OCI's security offerings. Mentoring engineers, influencing cross-team engineering practices, and raising the technical bar across the organization. Leading design reviews, setting coding standards, and fostering a culture of operational excellence. What You'll Do: Lead design and development of major features and large-scale systems from concept to production. Set the direction for platform architecture and system design in areas such as identity, data protection, threat detection, and vulnerability management. Operate and improve high-scale services, driving initiatives to increase reliability, observability, and automation. Collaborate across teams and orgs to align architecture, resolve dependencies, and ensure delivery of high-impact security capabilities. What We're Looking For: Deep experience in building and operating distributed systems at scale. Proven ability to design and deliver complex features with cross-cutting impact. Hands-on experience with services operating across regions and subject to strict compliance and regulatory requirements. Strong coding skills and the ability to dive deep into technical details across the stack-from low-level systems internals to API design. A bias for simplicity, a passion for scale, and a pragmatic approach to problem-solving. Why Security at OCI The OCI Security Products Group is on a mission to build the most secure cloud platform. We deliver a portfolio of cloud-native services that enable our customers to: Isolate workloads, encrypt data, and control access securely. Detect vulnerabilities and threats across applications, containers, and infrastructure. Remediate risks proactively, leveraging intelligence from CVEs, CIS benchmarks, and threat modeling. We are investing heavily in advanced security systems that detect, analyze, and block malicious activity in real time - empowering our customers to build and scale confidently on Oracle Cloud. Explore our work: Lead the design and development of large-scale, mission-critical security services within OCI, ensuring they are reliable, scalable, and secure by default. Define technical strategy and architecture for key areas such as identity, access control, data protection, threat detection, and vulnerability management. Drive end-to-end delivery of complex features - from ideation and design through development, testing, deployment, and operational support. Mentor and guide engineers across multiple teams, fostering technical growth, improving code quality, and raising the bar for design and execution. Champion engineering excellence by setting high standards for design, code, observability, automation, and operational readiness. Collaborate across functional teams (security, platform, compliance, product management) to align on strategy, resolve architectural challenges, and accelerate delivery. Continuously improve system reliability and performance through proactive observability, incident response, chaos engineering, and root cause analysis. Evaluate and adopt new technologies and patterns to improve security posture, performance, and developer productivity. Contribute to the broader OCI engineering community through leadership in design reviews, architecture discussions, and cross-org initiatives. Career Level - IC4

Job Title: Threat Intelligence Analyst Corporate Title: AVP Location: Pune, India Role Description As a Threat Intelligence AVP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What we’ll offer you As part of our flexible scheme, here are just some of the benefits that you’ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience Requirements 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How we’ll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htmRole & responsibilities Preferred candidate profile

Greetings from IT.. I am now hiring a Threat Detection Engineer for my Clients. Location: Bangalore, Gurugram. Experience: 6-13 Years N[P: Immediate-30 days Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE). Kindly share your resume at chanchal@oitindia.com

locationsIndia, Bangalore time typeFull time posted onPosted 30+ Days Ago job requisition idJR0034151 Job Title: Security Researcher - EDR About Trellix: Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are looking for a skilled EDR Security Researcher. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities by identifying detection coverage gaps and developing signatures to address these gaps effectively. About the role Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols. Author detection rules for behavior-based detection engines. Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience. Write generic threat detections based on static and dynamic detection engines. Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework. Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset. Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives). Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection. Develop alerting, reporting, and automated detection solutions. Build tools and automation to improve productivity. About you 3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines. 2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools. 2+ years of experience querying and analyzing (for malware/TTPs) large datasets. Experience in programming or scripting languages (e.g., Python, PowerShell). Experience in utilizing various malware analysis tools and frameworks (e.g., IDA Pro). Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS. Excellent verbal and written communication skills in English. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at Gurugram office. 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities: SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization. Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows. Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools. Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization. Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations. Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: Proficiency in scripting and programming Python to develop custom playbooks and integrations. Strong understanding of security operations, incident response, and threat intelligence workflows. Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools. Ability to troubleshoot complex integration and automation issues effectively. Additional Information: Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent. Experience with cloud-native SOAR deployments and hybrid environments. Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001. A 15 year full-time education is required 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at our Pune office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities: Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities) Collaborate and manage the team to perform Responsible for decisions on team management, financial, project transitions Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle Provide solutions to problems for their immediate team and across multiple teams Lead security assessments and provide recommendations Develop and implement security operations strategies, processes, architecture standards and guidelines Conduct security reviews and manage internal/external audits Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management. Strong understanding of threat intelligence analysis Knowledge of security compliance frameworks Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM). This position is based at Bengaluru office. 15 years of full-time education is required. Qualification 15 years full time education

Role & responsibilities 9+ years of experience in cybersecurity, specializing in Managed Security Services (MSS) and advanced operational environments. Familiarity with a wide range of cybersecurity solutions, including Threat Detection and Response technologies (e.g., SIEM, SOAR, EDR, XDR), Identity Management systems (e.g., IGA, PAM, SSO), and Data Protection tools. Strong understanding of the technology landscape and the cybersecurity challenges faced by organizations. Proven ability to build and maintain relationships with decision-makers, including C-suite stakeholders, to drive business growth. Skilled in managing the sales pipeline from lead generation to deal closure, ensuring accurate forecasting and alignment with client objectives. Excellent communication and presentation abilities to articulate complex security solutions effectively. Capable of independently driving sales opportunities through the full cycle, including product demonstrations and collaboration with internal teams (e.g., solution architects, delivery managers). Experienced in working with GCCs in India is highly preferred. Proficient in CRM tools, Microsoft Office, and industry best practices. Continuously monitors industry trends, competitor strategies, and market developments to identify and seize new opportunities. Willingness to travel to meet business needs.

Dear Professional, We are excited to present a unique opportunity at Cognizant, a leading IT firm renowned for fostering growth and innovation. We are seeking talented professionals with 5 to 10 years of experience in Splunk Administration,Splunk Development,Splunk Enterprise Security,Splunk Dashboard Creation,AlertLogic SIEM ,Threat Detection,Incident Response,Log Management,Security Analytics,Compliance Reporting,Real-time Monitoring,Alert Logic MDR,LogRhythm SIEM,LogRhythm Administration,LogRhythm Threat Detection, LogRhythm Incident Response to join our dynamic team. Your expertise in these areas is highly sought after, and we believe your contributions will be instrumental in driving our projects to new heights. We offer a collaborative environment where your skills will be valued and nurtured. To proceed to the next step of the recruitment process, please provide us with the following details with Updated resume to sathish.kumarmr@cognizant.com Please share below details (Mandatory) : Full Name(As per Pan card): Contact number:Email Current Location: Interested Locations: Total Years of experience: Relevant years of experience: Current company: Notice period: NP negotiable: if yes how many days they can negotiate? : If you are Serving any Notice period Means please mention Last date of Working: Current CTC- Expected CTC- Availability for interview on Weekdays ? Highest Qualification? Additionally, we would like to schedule a virtual interview with you on 2nd August 2024. Kindly confirm your availability for the same. We look forward to the possibility of you bringing your valuable experience to Cognizant. Please respond at your earliest convenience. Thanks & Regards, Sathish Kumar M R HR-Cognizant Sathish.KumarMR@cognizant.com

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and mitigating potential risks. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Implement security measures to protect systems and data Conduct security assessments and audits Develop and implement security policies and procedures Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Strong understanding of identity and access management Experience with security tools and technologies Knowledge of security frameworks and standards Hands-on experience in incident response and threat detection Additional Information: The candidate should have a minimum of 7.5 years of experience in SailPoint IdentityIQ This position is based at our Bengaluru office A 15 years full-time education is required Qualification 15 years full time education

Job Description: Threat Engg platform analyst - L2 Location: Mumbai (Santa Cruz) Client Site No. of Positions: 1 Work Mode: Work from Office Payroll: NTT Client: LIC Budget: 13 LPA (Including 5% variable) Notice Period: Immediate to 45 days only Relocation: Allowed, but no relocation allowance/accommodation will be provided Requirement Brief : Total experience of 5+ years out of which minimum 5 years of experience in Threat Engg. Only look for candidates who are expert on Threat Engg platform. CTIA/CEH/CSA Certification is must. Key Responsibilities: Collaborate with LIC to address challenging issues in cyber, analytics, machine learning, optimization, and computer networking to research solutions. Propose new research projects to tackle complex cyber, analytics, machine learning, optimization, and networking problems. Possess expertise in comprehending advanced persistent threats, emerging threats, and malware within a corporate environment. Understand attacks, attack vectors, and kill chain methodology. Demonstrate proficiency in working with big data and executing complex queries across multiple platforms. Exhibit a strong grasp of malware analysis, threat taxonomy, and threat indicators. Competently engage with various security technologies. Please let me know if you need any further details.

6+ yrs of hands-on experience in SecOps, Security Engineering, or Security Automation Expertise in Python programming for security automation &scripting SIEM, SOAR, and EDR tools to improve detection & response. Priyanka 9816787033

Project Role :Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NA Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the architecture aligns with organizational objectives, while also addressing any emerging security challenges in a proactive manner. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and maintain comprehensive documentation of cloud security architecture and controls.- Conduct regular assessments of cloud security measures to ensure compliance with industry standards and best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Endpoint Extended Detection and Response.- Strong understanding of cloud security principles and frameworks.- Experience with security incident response and threat detection methodologies.- Familiarity with regulatory requirements and compliance standards related to cloud security.- Ability to analyze and mitigate security risks associated with cloud environments. Additional Information:- The candidate should have minimum 2 years of experience in Endpoint Extended Detection and Response.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role :Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As the IR L3 analyst in 24x7 SOC, you will be the escalation point for all complex and high severity security incidents and lead the technical handling of critical security incidents. Youll be responsible for deep-dive analysis, root cause investigation, forensics, and containment using tools such as Sentinal One, Splunk SIEM. This role requires deep expertise in detection, investigation, containment, and remediation, as well as collaboration with multiple teams across security, IT, and compliance. Roles & Responsibilities:-End-to-End Incident Response Ownership:Ability to handle incident lifecycle (detect, contain, remediate)-Subject matter expert for handling the escalated high, critical or actual true positive incidents.-Identify opportunities for automation and work with SIEM Platform Support team for implementing it.-EDR Deep Dive:Using Real Time Response (RTR), Threat Graph, custom IOA rules-Proficiency in writing SPL queries, dashboards, correlation rules, and tuning use cases-Threat Hunting:Behavior-based detection using TTPs-Deep understanding of malware, lateral movement, privilege escalation, and exfiltration patterns-Threat Intel Integration:Automation of IOC lookups and enrichment flows-Forensic Skills: Live host forensics, log correlation, malware behavioral analysis-Deep experience in advanced threat detection and incident response-Scripting Proficiency:Python, PowerShell, Bash for automation or ETL-Proficiency in Sentinal One forensic and incident response capabilities-Playbook Development:Able to define, update, and optimize IR playbooks and workflows -Red team/purple team exposure-Forensic analysis (memory, file systems, logs)-Cloud incident handling (AWS, Azure)-Dashboarding:Advanced visualizations and business-focused metrics in Splunk-Certifications:Splunk Certified Admin/ES Admin, SC-200, or SOAR, Sentinal One EDR vendor training Professional & Technical Skills: -Lead high-severity incident response, coordinating with stakeholders and IT teams-Perform endpoint forensic triage using Sentinal One-Conduct detailed log analysis and anomaly detection in Splunk-Perform log correlation in Splunk to trace attack patterns, scope, and impact.-Conduct deep-dive analysis into suspicious behaviors using SPL and custom dashboards-Use endpoint data, network logs, and threat intel to drive full-lifecycle incident handling-Isolate affected systems, coordinate containment with IT, and oversee recovery steps-Recommend and define automated workflows for triage, enrichment, and response-Perform root cause analysis and support RCA documentation.-Create or optimize Splunk detection logic to improve fidelity and coverage-Mentor L1 and L2 analysts through case walk-throughs and knowledge sharing-Generate post-incident reports and present findings to leadership-Lead investigations and coordinate response for major incidents-Perform root cause analysis and post-incident reviews-Participating in continuous improvement initiatives-Conduct playbook testing, version control, and change documentation-Contribute to executive-level reports, RCA documents, and compliance metrics-Sentinal One:Custom detections, forensic triage, threat graphs-Splunk SIEM (core + ES module):Rule optimization, anomaly detection, ATT&CK mapping-Threat Intelligence:TTP mapping, behavioral correlation-Scripting:Python, regex, shell scripting for ETL workflows-Incident Response and Forensics SME Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About Us Aeries Technology is a Nasdaq listed global professional services and consulting partner, headquartered in Mumbai, India, with centers in the USA, Mexico, Singapore, and Dubai. We provide mid-size technology companies with the right mix of deep vertical specialty, functional expertise, and the right systems & solutions to scale, optimize and transform their business operations with unique customized engagement models. Aeries is Great Place to Work certified by GPTW India, reflecting our commitment to fostering a positive and inclusive workplace culture for our employees. Read about us at https://aeriestechnology.com About Business Unit A platform that offers an end - to - end software and service platform for tickecting industry. Business offerings such as Yield Management, Data /Analytics , Event Management , Travel and Destination Management Roles and Responsibility As a Cybersecurity Analyst for Victory Live, you will play a critical role in safeguarding the organization’s cloud and on-premises infrastructure. You will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats and vulnerabilities using advanced security tools and platforms such as Proofpoint, CrowdStrike, AWS, Azure Cloud, Uptycs, Obsidian, and other security technologies. This role requires expertise in vulnerability management, threat detection, security incident response, and cloud security. You will work closely with IT teams, threat hunters, and other stakeholders to ensure the organization's security posture remains resilient against evolving cyber threats. THE PLAN 1. Threat Detection & Response o Monitor security tools (e.g., CrowdStrike, Uptycs) for potential threats, malware, and other malicious activities. o Investigate security incidents and respond to detected threats using endpoint detection and response (EDR) tools such as CrowdStrike. o Collaborate with incident response teams to mitigate threats and vulnerabilities promptly o Participation in on-call rotation

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Program Control Services Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to assess security needs, implementing protective measures, and ensuring compliance with security protocols. You will engage in proactive monitoring and response to potential threats, while also participating in discussions to enhance security strategies and practices across the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard information and assets. Professional & Technical Skills: -- Must To Have Skills: Proficiency in Program Control Services.- Strong understanding of risk management and mitigation strategies.- Experience with security frameworks and compliance standards.- Ability to analyze security incidents and develop response strategies.- Familiarity with security tools and technologies for threat detection and prevention. Additional Information:- The candidate should have minimum 3 years of experience in Program Control Services.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Program Control Services Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to assess security needs, implementing protective measures, and ensuring compliance with security protocols. You will engage in proactive monitoring and response to potential threats, while also participating in discussions to enhance security strategies and practices across the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard information and assets. Professional & Technical Skills: -- Must To Have Skills: Proficiency in Program Control Services.- Strong understanding of risk management and mitigation strategies.- Experience with security frameworks and compliance standards.- Ability to analyze security incidents and develop response strategies.- Familiarity with security tools and technologies for threat detection and prevention. Additional Information:- The candidate should have minimum 3 years of experience in Program Control Services.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a seasoned cybersecurity expert with deep hands-on expertise in Microsoft Sentinel to build, optimize, and automate enterprise-wide detection and response strategies. The role involves advanced threat hunting, analytics rule tuning, SOAR development using Logic Apps, and integration of rich threat intelligence. You will drive architecture for scalable detection pipelines, lead SIEM content management, mentor SOC teams, and actively defend against advanced threats using the MITRE ATT&CK framework. Roles & Responsibilities:-Architect and maintain scalable Microsoft Sentinel environments, including workspaces, data ingestion pipelines (e.g., Syslog, Azure AD, MDE, custom logs), and data connectors.-Design and implement Sentinel Analytics Rules, perform fine-tuning for detection fidelity, and maintain effective rule lifecycle management.-Build Sentinel Workbooks for advanced visualization, dashboarding, and incident reporting.-Lead normalization and parsing of custom log sources, and support log source onboarding across hybrid and cloud-native environments.-Oversee SIEM content management, ensuring high-quality detections, queries, watchlists, and response mechanisms are consistently updated.-Write and optimize complex KQL (Kusto Query Language) queries for threat hunting, anomaly detection, and analytics rule logic.-Develop and manage SOAR workflows using Microsoft Sentinel Playbooks (Logic Apps) for automated incident response and enrichment.-Conduct deep forensic and threat investigations using Microsoft Defender for Endpoint (MDE) including Advanced Hunting and Live Response.-Integrate third-party tools and threat intel feeds using custom connectors, REST APIs, and Azure-native services.-Analyze attacker TTPs and align detection strategy with MITRE ATT&CK.-Mentor and upskill SOC analysts and security engineers in best practices for Sentinel, MDE, KQL, and automation techniques.-Collaborate closely with detection engineers, cloud security architects, and incident responders.-Participate in red and blue team exercises to continually enhance detection maturity and coverage Professional & Technical Skills: -Experience in Security Operations, Incident Response, Threat Detection, or SIEM Engineering.-Proven hands-on expertise in Microsoft Sentinel, including:-Analytics Rule Creation & Fine-tuning-Workbook Creation-Normalization and Parsing-Log Source Onboarding-Data Connectors Management-SIEM Content Development and Maintenance-Advanced proficiency in KQL (Kusto Query Language) for detection engineering and hunting.-Strong experience in Logic Apps-based automation (Sentinel Playbooks) and SOAR frameworks.-Deep understanding of MITRE ATT&CK and threat modeling.-Familiarity with PowerShell, JSON, REST APIs, Azure Resource Manager (ARM), Azure Monitor, and Event Hub integrations.-Experience with integrating custom and third-party telemetry sources into Sentinel-SC-200:Microsoft Security Operations Analyst-SC-100:Microsoft Cybersecurity Architect-AZ-500:Microsoft Azure Security Technologies-GCFA / GCIA (SANS) for forensic/network detection expertise-MITRE ATT&CK Defender (MAD) certifications-CISSP, CEH, or equivalent industry-recognized credentials Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education