233 Threat Hunting Jobs - Page 5

Job Discription: Threat Intelligence Roles & Responsibilities: o Use various intelligence collection and reporting tools and frameworks to create customized threat Intelligence reports o Publish, present, and explain the reports to relevant stakeholders Collect, process, catalog, and document information using an all-source approach and various technical and human means on cyber-security topics as required based on defined intelligence requirements. Development of various tactical and strategic intelligence products including advisories and threat landscape reports Maintain a deep understanding of threat actor groups, campaigns and tactics, techniques, and procedures o Act as an escalation point for CTI analysis and investigation-related events Work with members of various teams, such as incident response and security monitoring, to carry out joint investigations or other threat management functions Identifies gaps in available intelligence information and engages with leadership on strategies to meet intelligence requirements through Intelligence collection processes. Aid in and participate in daily, weekly, quarterly, and yearly production reporting for clients, partners, and internal teams. Required Skillset: Should have hands on experience in various OSINT tools o Should be able to perform with dark and deep web scans Should have experience in deployment/management of various tools pertaining o Threat Intelligence including MISP, Recorded Future etc. Should have basic understanding vulnerability scanning solutions Must possess intermediate level of Cyber Security threats and various attack vectors

Cyber & Information Security team is seeking a Third-Party Security Analyst. Reporting to the Director of Cyber & Information Security, the analyst will perform third-party security assessments. You will work with a team of professional Security Analysts leveraging Next Gen security tools to perform the full lifecycle of third-party reviews from onboarding to real-time monitoring of vendors and suppliers. Total Experience 4 to 6 years. Responsibilities, Functions and Duties : - Conduct technical security assessments of third-party vendors, suppliers and partners by reviewing their security controls, adherence to regulations, compliance and contracts. - Analyze third-party security assessment findings and document security risks within the management software for tracking of risk reporting. - Coordinate with various stakeholders to verify and remediate security risk findings. - Develop KRIs and KPIs around third-party risk assessments and the remediation of key findings. - Develop, Update, and Publish Policies and Standard Operating Procedures for third-party risk management. - Continuously monitor for active vulnerabilities and cyber events against our vendors and suppliers. - Participate in third-party cyber incident response by reaching out to impacted vendors and tracking remediation. - Be an ambassador for Cyber & Information Security within Crum & Forster. Requirements Knowledge and Requirements : - Previous experience performing technical security audits or third-party assessments. - Understanding of current Cyber Vulnerabilities & threats. - Knowledge of security assessments (SOC reports, ISO/NIST, vulnerability and pen testing assessments). - Fundamental understanding of system and network security principles and technology. - Ability to interface with a wide audience of technical and non-technical personnel. Cyber 3rd Party Risk Analyst - Ability to prioritize and manage workloads and deadlines. - Excellent written and verbal communication skills. - Self-starter who is motivated and driven to learn. - Bachelors degree in a technical discipline or equivalent experience Preferred Qualifications : - Prior experience and/or certifications in AWS, Azure, and/or GCP. - Experience in performing third-party assessments of SaaS providers and vendors operating in cloud environments. - Experience performing risk assessments. - Any Security focused Certifications. - 3-5 year Cybersecurity related experience.

Role & responsibilities Incident Management: Lead the end-to-end incident response lifecycle, including detection, analysis, containment, eradication, and recovery. Threat Investigation: Analyze and investigate a variety of attack vectors, such as: Identity attacks include credential abuse, privilege escalation, and MFA bypass. Web Attacks: SQL injection, cross-site scripting (XSS), remote code execution. Network Attacks: DDoS, lateral movement, traffic manipulation. Cloud Threats: IAM misconfigurations, exposed services, container security vulnerabilities. Collaboration & Coordination: Work closely with SOC analysts, threat intelligence teams, forensics, and engineering groups during and after security incidents. Root Cause Analysis: Conduct comprehensive investigations to determine the root cause of incidents and provide actionable remediation recommendations. Preferred candidate profile A minimum of 5 years of hands-on experience in cybersecurity incident response or security operations. Proven expertise in investigating and mitigating incidents across one or more areas: identity, web, network, or cloud. Proficiency with SIEM, EDR, and SOAR tools (e.g., Splunk, Sentinel, CrowdStrike). Experience in hybrid or cloud-first environments (AWS, Azure, or GCP). Strong understanding of frameworks and methodologies such as MITRE ATT&CK, the cyber kill chain, and threat modeling.

Level 3 SOC Responder Role Overview: A Level 3 SOC Analyst is responsible for advanced threat detection, incident response, and continuous monitoring of security events. They lead investigations, coordinate responses, and mentor junior analysts, ensuring the security and integrity of information systems. Key Responsibilities: Lead the investigation and response to complex security incidents, including advanced persistent threats (APTs), malware outbreaks, and insider threats Liaison between SOC and customer Incident response team to handle complex incidents Document security incidents, investigative findings, and remediation activities in accordance with established incident response procedures and protocols Suggest SIEM rule finetuning to reduce false positive alerts Develop standard operating procedures (SOPs) Perform quality review of the alerts handled by L1 and L2 Track KPIs and create dashboards for executive briefing Provide guidance and mentorship to junior SOC analysts, imparting knowledge and best practices in incident detection, analysis, and response. Conduct training sessions and workshops to enhance the skills and capabilities of SOC team members Skills and Qualifications: Education: Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field. Experience: 7+ years of experience in SOC operations, incident response, and threat hunting. Experience in CrowdStrike SIEM and EDR preferred. Certifications (Preferred): Relevant certifications such as CISSP, CEH, GCIH, or similar. Problem-Solving Skills: Excellent problem-solving skills and attention to detail. Communication Skills: Strong communication skills, both written and verbal. Work Environment: Typically works in a security operations center. May require shift work to provide 24/7 monitoring. Looking for immediate joiner

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : Microsoft Azure SentinelMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security expertise to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will also monitor security systems and respond to incidents, all while staying updated on the latest cyber threats and security technologies to effectively safeguard the organizations information and infrastructure. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance the organization's security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM).- Good To Have Skills: Experience with Microsoft Azure Sentinel.- Strong understanding of security protocols and best practices.- Experience in incident response and threat hunting.- Familiarity with network security technologies and tools. Additional Information:- The candidate should have minimum 3 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior Security Engineer your typical day will involve security platform related activities on Microsoft Sentinel, providing end to end investigation on health monitoring and platform monitoring. You will also engage in proactive monitoring of security systems to analyze and respond to incidents effectively and normalize the log source and use case finetuning activities. Roles & Responsibilities:- Develop and deploy use case -New log source onboarding to SIEM-Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify gaps in the configuration and detections of false positives.- Develop and implement security policies and procedures to safeguard information, inclusive of optimization of analytic rules. Professional & Technical Skills- Microsoft Sentinel:Hands-on experience with SIEM/SOAR, including KQL query development, alert tuning, and automation with Logic Apps.- Expertise in Devops and Terraform to mange pipeline and infrastructure deployment.-Platform and Healthmonitorng incident investigation and deployment. -Required knowledge Entra ID management.-Managing Cribl and Logstash pipeline for log source onboarding.-Strong understanding of incident response and threat management.-Experience with security monitoring tools and technologies.-Able to manage requests, incidents, and changes on ServiceNow as per service management process.-Familiarity with scripting (PowerShell, KQL), infrastructure-as-code, and automation tools is a plus.-Required active participation/contribution in team discussions-To be a part of audits and service improvement activities within the team- threat hunting, MDE and use case engineering experience- Knowledge of security frameworks like MITRE.- Deliver security solutions using Microsofts security stack, with a focus on Microsoft Defender for Cloud, Endpoint, Identity, Azure Firewall, and Microsoft Sentinel.-Implement and operationalize MDC for cloud security posture management and workload protection.-Support deployment and ongoing management of MDE for endpoint threat detection and response.-Integrate MDI into customer environments to monitor identity-related threats and provide remediation recommendations.- Ability to analyze security incidents from L2/L3 perspective as well as developing effective response strategies.-Knowledge of network security protocols and best practices. Additional Information:- The candidate should have minimum 6 years of experience in Microsoft Azure Security suite.- This position will be operated from Bengaluru location.-A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the architecture aligns with organizational objectives, while also addressing any emerging security challenges in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate and recommend new security technologies and tools to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and best practices.- Experience with threat detection and incident response methodologies.- Familiarity with security frameworks such as NIST, ISO 27001, and CIS.- Ability to analyze security incidents and develop effective remediation strategies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the architecture aligns with organizational objectives, while also addressing any emerging security challenges in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Monitor and evaluate the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and frameworks.- Experience with security incident response and threat intelligence.- Familiarity with security compliance standards and regulations.- Ability to analyze security risks and develop mitigation strategies. Additional Information:- The candidate should have minimum 5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Role & responsibilities : Process Must be honest and hard working with a high degree of integrity. Must be of good character and display loyalty towards Linfox. Must possess good communication skills. Must be able to read & write in both English and Local language. Must be in good health and possess a basic level of physical fitness. Must be capable of performing in a disciplined environment (able to follow and comply with written or verbal lawful instructions). Must be capable of working in a team environment. Must be able to propagate and ensure the Linfox Safety Standards are being always complied to. Must have a clear understanding of anti -bribery legislation and be able to deal confidently with enforcement bodies. Capable of motivating personnel under your control. Capable of providing confidence in others that they have the ability to provide good, high-level of Leadership and direction. Must be able to perform duties to a high standard when under pressure or in stressful situations. Must possess sound judgment and good decision-making skills. Must be capable of establishing and maintaining good relationships with Local Police, Government Officials and Customers. Must be capable of providing verbal briefings to various interested parties. Able to record lagging indicators/ root cause for accidents & incidents involving the following against set targets, and corrective actions taken: Third parties. Vehicles and fleet Operators. Carries out site Security reviews / security audits. Carry our detailed audit process on subcontract transport companys giving accurate findings to senior management. Establishes regular communication with Site Manager / National Security Operations & Compliance Manager to share best practices. Meets regularly with unit Operations team to track and monitor Compliance. Maintains regular dialogue with Unit Management to communicate the Security agenda and goals. Make sure that all Incidents, accidents & near miss are reported & investigated. To transform Vision Zero” to reality”. this includes Security Inductions for new site staff that covers the above points. Customer Works In partnership with Unit Managers, ensure that all Security & Safety processes are in place. Conducts detailed investigations in line with Linfox Standards. People Works closely with Site Operations Manager / National Security Operations & Compliance Manager to identify and mitigate Risks. Influences and ensures that Unit Operation processes comply with LINFOX Group and related local Legal requirements, as well as Industry best practices. Ensures unit line personnel understand these Standards and gain commitment from staff to these Standards. Work closely with Site Manager to develop plans, programmes, and performance measures. Meets regularly with key stakeholders to track progress and identify areas for improvement; ensures local practices are in line with LINFOX Group practices and local legislation. Regularly meets with Unit Operations Management/ Supervisory team to track Safety Kannad Language is mandatory

ELIGIBILITY: MCA / B Tech (CS/IT) / BE (CS/IT) Work Experience: 7-10 Years of total work experience. 4+ Years experience of managing SOC. Roles & Responsibilities Manage the SOC operations and related activities Lead SOC team to SOC/SIEM implementation, Log aggregation, Detection & Prevention rules. Direct the functions, processes, and operations of the SOC and ensure standard SOPs are followed. Lead the continuous monitoring related operations of the SOC to ensure optimal identification / resolution of security incidents and enhance security. Develop and maintain an incident response management program that includes incident detection, analysis, containment, eradication, recovery and chain of evidence / forensic Actively participate in security incident management and document security/incident response playbooks Review SOC Roster and SOC team performance. Ensure compliance of SLA and adherence of related processes with review of improvement opportunities to meet operational objectives. Lead SOC threat hunting team and create new detection rules Create and publish reports, dashboards, metrics for SOC operations and presentation to customers and management. Conduct scheduled and ad hoc training exercises to ensure staff are current with the latest threats and incident response techniques. Optimization of rules, alerts as per severity of threat perceived from any specific events. Build use cases and correlation alerts in the SIEM for continuous security monitoring Periodic Rules/configuration review as per standard procedure / CIS. SKILLS: Hands-on experience of security tools that include SIEM, SOAR and EDR/XDR, experience in Microsoft Sentinel and IBM Qradar preferred. Familiar with MITRE ATT&CK framework Familiar with multiple Operating System platforms such as Windows, Linux and Unix. Familiar with popular commercials / open source tools and techniques used by hackers Knowledge of Security testing methodology, and other international industry recognised standards and guidelines including CIS controls in depth. Experience in creating detection rule creation using KQL and Regex Aware of general cyber security practices needed by computer and internet user Strong written and verbal communication skills expected - ability to communicate security and risk-related scenarios to both technical and non-technical stakeholders Strong knowledge of Word, Excel and PowerPoint for professional documentations. Ability to work at nights and/or weekends as per urgency / requirement.

About Qylis Qylis is a leading provider of innovative cybersecurity solutions. We are committed to empowering organizations to safeguard their digital assets, mitigate cyber threats, and optimize their operations. Job Description As the Cybersecurity Department Head, you will play a pivotal role in driving the growth and success of our cybersecurity practice. You will be responsible for overseeing a wide range of services, including Security Operations Center (SOC), Managed Detection and Response (MDR), Extended Detection and Response (XDR), Vulnerability Assessment and Penetration Testing (VAPT), Digital Forensics, Pre-sales, Client Management, and Cyber Forensics. Key Responsibilities: • Strategic Leadership: Develop and execute a comprehensive cybersecurity strategy aligned with Qylis' overall business objectives. Identify emerging trends and technologies in cybersecurity to drive innovation and competitive advantage. Foster strong relationships with key stakeholders, including clients, partners, and industry experts. Practice Development: Build and scale high-performing cybersecurity teams through effective recruitment, training, and development. Ensure the cybersecurity team delivers high-quality services across SOC, MDR, XDR, VAPT, Cyber Forensics, and Incident Response (IR). Sales and Business Development: Lead pre-sales activities, including solution demonstrations, proposals, and RFP responses, for cybersecurity services. Identify and pursue new business opportunities, leveraging your deep understanding of the cybersecurity market. Collaborate with the sales team to drive revenue growth and achieve sales targets. Customer Success: Ensure high levels of customer satisfaction through exceptional service delivery and proactive support for cybersecurity services. Manage client relationships, address concerns, and identify upsell and cross-sell opportunities. Conduct regular business reviews with key clients to assess performance and identify areas for improvement. Technical Expertise: Possess a deep understanding of cybersecurity principles, technologies, and industry best practices. Stay up to date with the latest threats, vulnerabilities, and mitigation techniques in the cybersecurity domain. Provide technical guidance to the team and contribute to the development of innovative security solutions. Qualifications and Experience: • Proven track record in leading and growing successful cybersecurity practices. • Extensive experience in SOC, MDR, XDR, VAPT, Cyber Forensics, and Incident Response (IR). • Strong technical expertise in cybersecurity technologies and frameworks. • Experience in managing client relationships and delivering pre-sales solutions. • Excellent communication, presentation, and interpersonal skills. • Strong leadership and team management skills. • A passion for cybersecurity and a commitment to delivering exceptional results. • Advanced certifications (e.g., CISSP, CISM, CISA) are highly valued.

Dear Candidate, Seeking a Security Automation Engineer to automate detection and remediation of threats. Key Responsibilities: Build SOAR workflows and automated playbooks. Monitor logs and alerts using SIEM tools. Respond to security incidents and conduct root cause analysis. Required Skills & Qualifications: Experience with tools like Splunk, XSOAR, Sentinel. Scripting in Python or Bash. Familiar with SOC and threat intel operations. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Advanced knowledge in handling security incidents and leading investigations. Proficiency in managing and optimizing SOC operations. Experience in implementing security protocols and policies. Expertise in Malware Reverse Engineering, Required Candidate profile Certified Information Systems Security Professional (CISSP). Certified Information Security Manager (CISM). GIAC Certified Enterprise Defender (GCED). Certified Information Security Auditor (CISA),

Role Proficiency: Resolve enterprise trouble tickets within agreed SLA and raise problem tickets for permanent resolution and/or provide mentorship (Hierarchical or Lateral) to junior associates Outcomes: 1) Update SOP with updated troubleshooting instructions and process changes2) Mentor new team members in understanding customer infrastructure and processes3) Perform analysis for driving incident reduction4) Escalate high priority incidents to customer and organization stakeholders for quicker resolution5) Contribute to planning and successful migration of platforms 6) Resolve enterprise trouble tickets within agreed SLA and raise problem tickets for permanent resolution7) Provide inputs for root cause analysis after major incidents to define preventive and corrective actions Measures of Outcomes: 1) SLA Adherence2) Time bound resolution of elevated tickets - OLA3) Manage ticket backlog timelines - OLA4) Adhere to defined process - Number of NCs in internal/external Audits5) Number of KB articles created6) Number of incidents and change ticket handled 7) Number of elevated tickets resolved8) Number of successful change tickets9) % Completion of all mandatory training requirements Outputs Expected: Resolution: Understand Priority and Severity based on ITIL practice resolve trouble ticket within agreed resolution SLA Execute change control tickets as documented in implementation plan Troubleshooting: Troubleshooting based on available information from previous tickets or consulting with seniors Participate in online knowledge forums reference. Covert the new steps to KB article Perform logical/analytical troubleshooting Escalation/Elevation: Escalate within organization/customer peer in case of resolution delay. Understand OLA between delivery layers (L1 L2 L3 etc) adhere to OLA. Elevate to next level work on elevated tickets from L1 Tickets Backlog/Resolution: Follow up on tickets based on agreed timelines manage ticket backlogs/last activity as per defined process. Resolve incidents and SRs within agreed timelines. Execute change tickets for infrastructure Installation: Install and configure tools software and patches Runbook/KB: Update KB with new findings Document and record troubleshooting steps as knowledge base Collaboration: Collaborate with different towers of delivery for ticket resolution (within SLA resolve L1 tickets with help from respective tower. Collaborate with other team members for timely resolution of tickets. Actively participate in team/organization-wide initiatives. Co-ordinate with UST ISMS teams for resolving connectivity related issues. Stakeholder Management: Lead the customer calls and vendor calls. Organize meeting with different stake holders. Take ownership for function's internal communications and related change management. Strategic: Define the strategy on data management policy management and data retention management. Support definition of the IT strategy for the function's relevant scope and be accountable for ensuring the strategy is tracked benchmarked and updated for the area owned. Process Adherence: Thorough understanding of organization and customer defined process. Suggest process improvements and CSI ideas. Adhere to organization' s policies and business conduct. Process/efficiency Improvement: Proactively identify opportunities to increase service levels and mitigate any issues in service delivery within the function or across functions. Take accountability for overall productivity efforts within the function including coordination of function specific tasks and close collaboration with Finance. Process Implementation: Coordinate and monitor IT process implementation within the function Compliance: Support information governance activities and audit preparations within the function. Act as a function SPOC for IT audits in local sites (incl. preparation interface to local organization mitigation of findings etc.) and work closely with ISRM (Information Security Risk Management). Coordinate overall objective setting preparation and facilitate process in order to achieve consistent objective setting in function Job Description. Coordination Support for CSI across all services in CIS and beyond. Training: On time completion of all mandatory training requirements of organization and customer. Provide On floor training and one to one mentorship for new joiners. Complete certification of respective career paths. Performance Management: Update FAST Goals in NorthStar track report and seek continues feedback from peers and manager. Set goals for team members and mentees and provide feedback Assist new team members to understand the customer environment Skill Examples: 1) Good communication skills (Written verbal and email etiquette) to interact with different teams and customers. 2) Modify / Create runbooks based on suggested changes from juniors or newly identified steps3) Ability to work on an elevated server ticket and solve4) Networking:a. Trouble shooting skills in static and Dynamic routing protocolsb. Should be capable of running netflow analyzers in different product lines5) Server:a. Skills in installing and configuring active directory DNS DHCP DFS IIS patch managementb. Excellent troubleshooting skills in various technologies like AD replication DNS issues etc.c. Skills in managing high availability solutions like failover clustering Vmware clustering etc.6) Storage and Back up:a. Ability to give recommendations to customers. Perform Storage & backup enhancements. Perform change management.b. Skilled in in core fabric technology Storage design and implementation. Hands on experience on backup and storage Command Line Interfacesc. Perform Hardware upgrades firmware upgrades Vulnerability remediation storage and backup commissioning and de-commissioning replication setup and management.d. Skilled in server Network and virtualization technologies. Integration of virtualization storage and backup technologiese. Review the technical diagrams architecture diagrams and modify the SOP and documentations based on business requirements.f. Ability to perform the ITSM functions for storage & backup team and review the quality of ITSM process followed by the team.7) Cloud:a. Skilled in any one of the cloud technologies - AWS Azure GCP.8) Tools:a. Skilled in administration and configuration of monitoring tools like CA UIM SCOM Solarwinds Nagios ServiceNow etcb. Skilled in SQL scriptingc. Skilled in building Custom Reports on Availability and performance of IT infrastructure building based on the customer requirements9) Monitoring:a. Skills in monitoring of infrastructure and application components10) Database:a. Data modeling and database design Database schema creation and managementb. Identify the data integrity violations so that only accurate and appropriate data is entered and maintained.c. Backup and recoveryd. Web-specific tech expertise for e-Biz Cloud etc. Examples of this type of technology include XML CGI Java Ruby firewalls SSL and so on.e. Migrating database instances to new hardware and new versions of software from on premise to cloud based databases and vice versa.11) Quality Analysis: a. Ability to drive service excellence and continuous improvement within the framework defined by IT Operations Knowledge Examples: 1) Good understanding of customer infrastructure and related CIs. 2) ITIL Foundation certification3) Thorough hardware knowledge 4) Basic understanding of capacity planning5) Basic understanding of storage and backup6) Networking:a. Hands-on experience in Routers and switches and Firewallsb. Should have minimum knowledge and hands-on with BGPc. Good understanding in Load balancers and WAN optimizersd. Advance back and restore knowledge in backup tools7) Server:a. Basic to intermediate powershell / BASH/Python scripting knowledge and demonstrated experience in script based tasksb. Knowledge of AD group policy management group policy tools and troubleshooting GPO sc. Basic AD object creation DNS concepts DHCP DFSd. Knowledge with tools like SCCM SCOM administration8) Storage and Backup:a. Subject Matter Expert in any of the Storage & Backup technology9) Tools:a. Proficient in the understanding and troubleshooting of Windows and Linux family of operating systems10) Monitoring:a. Strong knowledge in ITIL process and functions11) Database:a. Knowledge in general database management b. Knowledge in OS System and networking skills Additional Comments: Job Title: Threat Hunter | VAPT Analyst Role Overview: We are seeking a versatile cybersecurity professional who will serve as a Threat Hunter, and VAPT Analyst, responsible for proactively identifying cyber threats, assessing security vulnerabilities, and mitigating email-based attacks. This role requires expertise in threat hunting, and penetration testing, combining advanced technical skills with strong analytical capabilities. The ideal candidate will play a pivotal role in strengthening the organization's cybersecurity posture. Responsibilities: Threat Hunting - Proactively hunt for undetected threats within the organization's networks, systems, and endpoints using threat intelligence and behavioral analysis. - Identify patterns, TTPs (Tactics, Techniques, and Procedures), and anomalies that indicate potential threats or APT activity. - Leverage threat intelligence feeds and MITRE ATT&CK framework to create detection use cases and hypotheses. - Work closely with SOC teams to improve detection rules and accuracy. - Perform forensic investigations and root cause analysis of incidents and suspicious activities. - Develop custom scripts and queries to automate hunting activities (e.g., with EDR, SIEM, XDR tools). - Generate threat hunting reports, indicators of compromise (IOCs), and actionable recommendations. Vulnerability Assessment and Penetration Testing (VAPT) - Conduct vulnerability assessments and penetration tests on systems, applications, and networks. - Identify and analyze critical vulnerabilities, and deliver detailed, actionable reports. - Use automated tools (e.g., Nessus, Burp Suite, Nmap, Metasploit) and manual testing techniques. - Ensure VAPT processes align with compliance and internal policies. - Perform regular and ad-hoc assessments, including web apps, databases, wireless, and APIs. - Provide recommendations for remediation and validate fixes through re-testing. - Maintain up-to-date knowledge of evolving vulnerabilities and attack methods. Qualifications: - Bachelor's degree in Computer Science, Information Security, or related discipline. - 5+ years of experience in a cybersecurity role encompassing threat hunting, and VAPT. - Expertise in VAPT tools and methodologies (e.g., Nessus, Burp Suite, Metasploit, OWASP Top 10). - Strong experience with SIEMs, EDR platforms, threat intel, and threat hunting frameworks (MITRE ATT&CK). - Proficiency in scripting (Python, PowerShell, Bash) for automation and analysis. - Excellent problem-solving, investigative, and reporting skills. - Strong communication and interpersonal skills. - Certifications such as OSCP, CEH, GIAC (GCIH/GPEN/GWAPT), CISSP, or CESM are highly preferred. Required Skills Soc,TTP,Troubleshooting

Key Responsibilities: Design, implement, and manage Palo Alto Networks solutions, including: Next-Gen Firewall (NGFW) EDR/XDR (Cortex XDR) SIEM/SOAR (Cortex XSIAM) Lead and support migration projects from legacy platforms (e.g., Splunk, Sentinel, QRadar) to Palo Alto Cortex XSIAM Work with clients to understand business requirements and deliver tailored cybersecurity solutions Perform threat hunting, alert tuning, policy configuration, and use case development Collaborate with global teams (onshore/offshore model) for delivery in sectors like Telecom, Finance, Retail, and Public Sector Support security assessments, integrations, and continuous improvement initiatives Required Skills & Qualifications: Strong hands-on experience in Palo Alto technologies (NGFW, Cortex XDR/XSIAM) Proven knowledge of cybersecurity operations, SOC processes, and incident response Experience with SIEM migration and integrations Understanding of threat intelligence, detection engineering, and automation Good knowledge of scripting (Python, PowerShell) and log analysis Excellent communication and client-facing skills Preferred Certifications: Palo Alto Networks Certifications, such as: PCNSE (Network Security Engineer) Cortex XDR/XSIAM certifications (if available) Additional certifications like CEH, CISSP, or relevant SIEM/EDR vendor certifications are a plus

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift The candidate should have minimum 2 years of experience This position is based at our Chennai office.A 15 year full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a secure environment for all stakeholders. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to safeguard information and assets. Professional & Technical Skills: - Must To Have Skills: Proficiency in Accenture MxDR Ops Security Threat Analysis.- Strong understanding of security frameworks and compliance standards.- Experience with incident response and threat hunting methodologies.- Familiarity with security information and event management tools.- Knowledge of network security protocols and best practices. Additional Information:- The candidate should have minimum 2 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will engage in proactive monitoring and response to security incidents, while also contributing to the development of security policies and procedures that align with organizational goals. Your role is crucial in safeguarding information and maintaining the integrity of business processes in a constantly evolving threat landscape. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Role & responsibilities Must Have: 3 + years hands-on experience with cybersecurity Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), antivirus (AV), Identity and Access Management (IDAM), Security Information and Event Monitoring (SIEM) Security Orchestration and Automation (SOAR) platforms Key Ask for the discussed role: Candidate should be able to support for security related incidents Troubleshooting experience is essential. Should be able to identify and applies mitigation controls (where possible) to remediate alerts Good to have Skills: Cybersecurity certifications including CompTIA Network+, Security+, Cloud+, Ethical Hacker, EnCE, GCFE, GCFA, GNFA, GDAT, GCIH, GREM, CISA, CISM, CISSP, and/or similar cybersecurity certifications

Must-Have Skills: Experience with SIEM vendors such as QRadar, Sentinel, Splunk Incident response and threat hunting expertise Strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) Experience in writing procedures, runbooks, and playbooks Strong analytical and problem-solving skills Hands-on experience with system logs, network traffic analysis, and security tools Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) Good-to-Have Skills: Experience setting up SIEM solutions and troubleshooting connectivity issues Familiarity with security frameworks and best practices Ability to collaborate with IT and security teams effectively Responsibilities: Act as an escalation point for high and critical severity security incidents Conduct in-depth investigations to assess impact and understand the extent of compromise Analyze attack patterns and provide recommendations for security improvements Perform proactive threat hunting and log analysis to detect potential threats Provide guidance on mitigating risks and improving security hygiene Identify gaps in security processes and propose enhancements Ensure end-to-end management of security incidents Document and update incident response processes and define future outcomes Participate in war room discussions, team meetings, and executive briefings Train team members on security tools and incident resolution procedures Required Skills L3 SOC Analyst, Qradar OR Sentinel OR Splunk or Google Chronicle) - Any 2 of the SIEM tools required EDR tools (Crowdstrike OR Defender OR SentinelOne) - Any 2 of the EDR tools required

Location: Bangalore Department: InfoSec About Zybisys: At ZyBiSys , our success is driven by innovation and technical excellence. We deliver top-tier IT solutions and services, ensuring seamless connectivity and efficient infrastructure management for our clients. Additionally, we specialize in managing cybersecurity , information security , and compliance to safeguard our customers' digital environments. As we continue to grow, we are seeking skilled professionals to join our SOC Team . If you are passionate about information technology and eager to make a difference, we invite you to be part of our journey! Role Overview: A SOC-Analyst is the first line of defence in a Security Operations Center, responsible for monitoring, detecting, and responding to security incidents in real-time. Key Responsibilities: Monitoring & Alerting Use SIEM and EDR tools to continuously monitor system alerts and network traffic. Identify suspicious activities and indicators of compromise (IoCs). Incident Handling Perform initial triage of alerts and determine severity levels. Escalate incidents with clear documentation and context. Threat Investigation Investigate alerts for root causes and determine actionable steps. Analyze phishing attempts, flagged URLs, and suspicious file attachments. Documentation & Reporting Maintain detailed incident logs and generate regular security activity reports. Assist in creating playbooks and refining response workflows. Collaboration Work with IT teams to remediate vulnerabilities and support compliance audits. Participate in war-room discussions during critical incidents. Analytical Thinking Root cause analysis for distinguishing false positives from genuine threats. Ability to correlate data from diverse sources to identify complex attack vectors. Threat Intelligence Integration Leverage threat intelligence feeds to compare alerts with known signatures. Identify emerging threats and communicate insights to senior analysts. Technical Expertise Hands-on experience with SIEM platforms (e.g., Splunk, QRadar) and EDR tools (e.g., CrowdStrike, Carbon Black). Basic scripting knowledge for automating repetitive SOC tasks. Adaptability & Learning Stay updated on the latest cyber threats, tools, and techniques. Contribute to continuous improvement of SOC processes and detection capabilities. Interpersonal Skills Strong communication skills for effective coordination with cross-functional teams. Mentorship of junior team members to foster team growth and resilience. Qualifications: Education: - Tech degree or equivalent (B. Tech/MCA/BCA/M.Tech)] Required Key Skills Key Tools & Hands-on Experience Technical Proficiency Familiarity with SIEM platforms (Splunk, Azure Sentinel) and EDR tools (Microsoft Defender, Sentinel One). Basic understanding of IDS/IPS, vulnerability scanning tools (Nessus, Qualys), and packet analysis tools (Wireshark). Firewalls and Network Security Solid understanding of TCP/IP, DNS, DHCP, ARP, HTTP/HTTPS, and other protocols. Knowledge of packet capture and analysis tools like Wireshark or tcpdump. Operating Systems Windows: Event logs, registry analysis, PowerShell basics. Linux/Unix: Command-line utilities, syslogs, and basic shell scripting.( Bash , Python, etc ) Active Directory (AD) Vulnerability Management Basic understanding of vulnerability scanning tools like Nessus, Qualys, or OpenVAS. Knowledge of collecting and analyzing evidence (e.g., memory dumps, disk images). Certification: - Mandatory: Certified Ethical Hacker (CEH) Preferred: CompTIA Security+, Certified SOC Analyst (CSA), or GSEC. Communication Skills: Strong communication and documentation skills, with the ability to work collaboratively with other teams. Problem-Solving Ability Strong analytical and troubleshooting skills to address complex security incidents effectively. Shift Flexibility:- Willingness to work in shifts, including weekends and off-hours if required. __________________________________________________________________________________ To Apply: Are you an experienced IT professional with a passion for tackling complex challenges and enhancing information security and cybersecurity? If you're driven to make a meaningful impact, we want to hear from you! Submit your resume and a cover letter showcasing your relevant experience and why you're the ideal candidate for the SOC-Analyst role at ZyBiSys . We look forward to welcoming you to our team!

Threat Hunter & Threat Huner lead roles JD : 8 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detection

Role & responsibilities Threat Hunter JD : 5 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections

LTI Mindtree hiring Threat Hunting role. 6 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections Job Location: Pan India Experience: 5 to 8 years If you are ready to embark on a new chapter in your career, kindly share your resume at Muthu.Pandi@ltimindtree.com Please share below details: Contact Number: Preferred time to connect: Total Experience : Relevant Experience : Current Location: Preferred Location: Notice Period: Current CTC: Expected CTC: Reason for job change: Regards, Muthu Pandi HR LTIMindtree