234 Threat Hunting Jobs - Page 6

LTI Mindtree hiring Threat Hunting role. 6 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections Job Location: Pan India Experience: 5 to 8 years If you are ready to embark on a new chapter in your career, kindly share your resume at Muthu.Pandi@ltimindtree.com Please share below details: Contact Number: Preferred time to connect: Total Experience : Relevant Experience : Current Location: Preferred Location: Notice Period: Current CTC: Expected CTC: Reason for job change: Regards, Muthu Pandi HR LTIMindtree

LTI Mindtree hiring Threat Hunting Lead role. 6 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections Job Location: Pan India Experience: 8 to 12 years If you are ready to embark on a new chapter in your career, kindly share your resume at Muthu.Pandi@ltimindtree.com Please share below details: Contact Number: Preferred time to connect: Total Experience : Relevant Experience : Current Location: Preferred Location: Notice Period: Current CTC: Expected CTC: Reason for job change: Regards, Muthu Pandi HR LTIMindtree

6 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections

LTIMindtree Hiring for Malware Analyst. Notice period-immediate to 15 days. Exp-3 to 5 yrs. Location- Hyderabad, Chennai, Pune, Bangalore if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview- Are you okay with Rotational shift- Job description- Static and dynamic malware analysis(aware of file structure like, PE, PDF, OLE, windows short cut files etc...) someone who has hands on writing signatures for malware samples(at-least initial vector malware). Aware of trending malware family campaign and analysis for threat write ups for that follow up family. (example malware family - Emotet/Qakbot/AgentTesla etc..) Email security and Endpoint Security (EOP) Investigating the Phishing campaign and spam emails which users have received and reported. Threat Intelligence analysis/ Threat hunting Analyzing PE files (Dynamic and static analysis) and providing detection for malicious PE files.(RE/Malware Analysis) Analyzing non-PE file s (like OLE / PDF / HTML / HTA / VBS|VBE /JS/ WSF/JAR/LNK) and providing detection for malicious files. Malware Analysis and Reversing. Reverse Engineering skills: familiar with debuggers, disassemblers, network protocols, file formats, sandboxes, hardware/firmware internals, software communication mechanisms, Classification, clustering and labelling of Malware. Knowledge of Advanced Techniques of Malware Analysis. Knowledge of Malware kill chain and MITRE ATT&CK techniques and tactics. Knowledge of AV evasion techniques and Pen testing tools like - Veil (equal rank), PowerShell Empire, Meterpreter, Unicorn, Cactus Torch, and Any other similar tools Additionally, Experience with advanced persistent threats, human adversary compromises and incident response. Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvements. Excellent analytical skills and ability to identify patterns and trends. Strong research skills, data knowledge, and ability to analyze and present complex data in a meaningful way. Strong understanding of Cyber Security, modern security problems and threat landscape, Operating Systems (internals), computer networking concepts. Required Skills: Olly DBG, IDA PRO, Static and dynamic malware analysis, PE and non-PE file analysis

As an India lead, Cyber Response, you will lead a team of talented and passionate cyber security professionals who are responsible for defending the cyber threats. You will be part of the global Cyber Response function and you will collaborate with your peers and stakeholders across the organisation. You will have a dual role of people leader and technical leader. You will use your extensive experience and skills in cyber incident response to guide and coach your team and occasionally be hands-on with the data and tools. You will also ensure that your team has the resources, support, and direction they need to perform their core mission. You will also contribute to the continuous improvement and maturity of the Cyber Response function, by driving innovation, quality, and efficiency in the processes, methods, and capabilities. You will need to have a strong background in managing and leading global teams, leading an operational SOC/IR function, and demonstrating excellent technical and leadership skills. Your key accountabilities will include: - Managing 24/7 Cyber Response function in India, including daily operations, escalation, quality, reporting, supplier management, etc - Leading and directing Cyber Response on major incidents as part of the global team - Uplifting the Cyber Response capability, methodology and tradecraft - Managing and reporting on operational performance and meeting KPIs and stretch targets - Contributing to strategy, planning and investment activities to enhance the Cyber Response capability - Leading and supporting projects delivering new Cyber Response capability or requiring integration to Cyber Response services, including requirements, delivery and operational acceptance - Working with stakeholders to improve BAU security posture and defence against current & emerging threats - Working closely with other related teams including Cyber Threat Intelligence, Red Team, Vulnerability Management and Application Security - Performing other related activities as required by Management

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for an experienced SOC Lead to manage security operations, lead incident investigations, and handle client interactions. The ideal candidate has hands-on expertise with Microsoft Sentinel, strong knowledge of the MITRE ATT&CK framework, and experience with EDR, SOAR, and network log analysis. Roles & Responsibilities:-Lead day-to-day SOC operations and manage a team of analysts.-Perform in-depth investigations using Sentinel SIEM, SOAR tools, and threat intel.-Analyze logs from EDR, firewalls, and network devices.-Apply MITRE ATT&CK to enhance threat detection and response.-Design and tune Sentinel analytics, playbooks, and automation workflows.Collaborate directly with clients on incident response, reporting, and recommendations.-Mentor team members and improve SOC processes. :-6+ years in SOC, 2+ in a lead role.-Strong Sentinel and SOAR hands-on experience.-Solid grasp of EDR tools, threat hunting, and log analysis.-Excellent client communication and stakeholder management skills.-Certifications like SC-200, AZ-500, GCIH, or similar are a plus. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities:- Architect and maintain scalable Microsoft Sentinel workspaces and data ingestion pipelines (Syslog, Azure AD, MDE, custom logs).- Develop and fine-tune advanced Sentinel analytics rules and watchlists.- Write and optimize complex KQL queries for threat hunting and anomaly detection.- Build and maintain automation workflows via Sentinel Playbooks (Logic Apps).- Conduct deep forensic analysis via MDE (Advanced Hunting, Live Response.- Analyze attacker TTPs leveraging MITRE ATT&CK within Sentinel and MDE environments.- Create and manage custom threat detection and incident enrichment logic.- Build and maintain SOAR playbooks to auto-contain threats (e.g., isolate devices, revoke tokens).- Mentor and train SOC analysts and engineers in Sentinel/MDE best practices.- Collaborate with detection engineers, cloud architects, and incident responders.- Participate in red/blue team exercises to continually improve detection maturity. Professional & Technical Skills: - Exp in Security Operations, Incident Response, or Cyber Threat Detection.- Expert-level KQL (Kusto Query Language) proficiency.- Proven experience in Sentinel rule authoring, hunting queries, and data modeling.- Strong background in SOAR automation (Microsoft Logic Apps).- Deep understanding of MITRE ATT&CK and its mapping to telemetry.- Familiarity with JSON, ARM templates, Azure Monitor, and Event Hub integration.- Experience integrating third-party tools and custom connectors into Sentinel.- Proficiency in PowerShell, REST APIs, and Azure Resource Manager.- SC-200:Microsoft Security Operations Analyst- SC-100:Microsoft Cybersecurity Architect- AZ-500:Microsoft Azure Security Technologies- GCFA/GCIA (SANS) for deep forensic or network detection background- MITRE ATT&CK Defender (MAD) certificate.- CISSP, CEH, or equivalent industry certifications -Strong problem-solving and analytical thinking.- Effective communicator with ability to explain complex issues to various stakeholders.- Passion for mentoring and knowledge-sharing within the security team.- Proactive, detail-oriented, and highly autonomous.- Comfortable working under pressure in high-stakes incident response situations.- Collaboration-first mindset with cross-functional teams (SOC, IR, Cloud, IT) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Level 2 SOC Analyst, your role involves deeper investigation of security alerts and confirmed incidents. You will validate escalated events using Sumo Logic and CrowdStrike Falcon, enrich them with context, and work closely with L3 analysts to assist in containment and timely remediation. You will also assist in improving detection fidelity and supporting SOAR automation. Roles & Responsibilities:-Intermediate Sumo Logic SIEM query and dashboarding skills-Alert Triage & Investigation:Experience investigating escalated alerts using SIEM or EDR-Hands-on experience with CrowdStrike EDR investigations-Incident Response and Containment:Take necessary actions to contain, eradicate and recover from security incidents.-Malware Analysis:Perform malware analysis using the sandboxing tools like CS etc.-SOAR Execution:Running and modifying basic playbooks in Sumo Logic SOAR-Incident Reporting and Documentation:Strong reporting skills with accurate detail capture to provide the RCA for the true positive security incidents with detailed documentation.-Communication & Collaboration:Send emails to request information, provide updates, and coordinate with different teams to ensure tasks are completed efficiently.-MITRE ATT&CK Mapping:Ability to classify incidents with tactics/techniques-Alert fine tuning recommendations to reduce false positive noise-Investigate alerts escalated by L1 to determine scope, impact, and root cause-Perform in-depth endpoint and network triage using CrowdStrike-Use CrowdStrike Falcon to perform endpoint analysis and threat validation-Correlate multiple log sources in Sumo Logic to trace attacker activity-Execute or verify SOAR playbooks for containment actions (isolate host, disable user)-Enrich events with asset, identity, and threat intelligence context-Document investigation workflows, evidence, and final conclusions-Support L3 during major incidents by performing log or memory triage-Suggest improvements in alert logic or SOAR workflow to reduce false positives-Conduct threat research aligned to alert patterns and business context-Enhance alert fidelity with threat intel and historical context-Document investigation findings and communicate with stakeholders Professional & Technical Skills: -Exposure to threat hunting techniques-Scripting to assist SOAR playbook tuning-Triage Automation:Ability to identify playbook gaps and recommend improvements-Cloud Security Basics:Awareness of log patterns from AWS/Azure-Log Analysis:Correlation and trend identification in Sumo Logic-Certifications:SC-200, CySA+, ECSA or relevant advanced certification-SIEM:Advanced queries, dashboards, correlation logic-SOAR:Execute and troubleshoot playbooks-Tools:CrowdStrike (RTR, detections, indicators), Sumo Logic SIEM-Threat Analysis:IOC enrichment, TTP identification-Primary Skill:Incident Investigation and Enrichment Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a Lead EDR Engineer with expertise in Microsoft Defender for Endpoint (MDE) to lead its implementation, administration, and incident response. As the MDE expert, you will manage enterprise-wide deployment, optimize configurations, guide incident response efforts, and drive endpoint security strategy in collaboration with cross-functional teams. You will lead EDR strategy design, mentor security teams, and drive defense against advanced threats using MITRE ATT&CK-aligned frameworks. Roles & Responsibilities:-Lead deployment and configuration of Microsoft Defender for Endpoint across all supported platforms.-Customize and manage endpoint security policies, attack surface reduction rules, and threat protection settings.-Monitor security alerts and endpoint telemetry to detect and analyze threats.-Conduct investigations using Microsoft 365 Defender and advanced hunting (KQL) capabilities.-Respond to incidents by initiating remediation actions (e.g., isolate endpoints, remove malware, collect forensic data/Artifacts).-Collaborate with the SOC to provide timely incident resolution and root cause analysis.-Tune detection rules and policies to reduce false positives and enhance protection.-Maintain up-to-date documentation, playbooks, and response procedures.-Provide recommendations to improve the organizations endpoint security posture.-Mentor junior analysts and engineers on best practices for MDE and incident response workflows.-Provide executive-level reporting on threat trends, incident metrics, and risk posture.-Perform gap analysis on endpoint security to identify and address areas of improvement.-Build and maintain SOAR playbooks to auto-contain threats (e.g., isolate devices, revoke tokens).-Stay current on emerging threats and align defense strategies with frameworks like MITRE ATT&CK. Professional & Technical Skills: -68+ years of experience in MDE/EDR implementations and security operations.-Strong background in SOAR automation (Microsoft Logic Apps).-Deep technical knowledge of endpoint protection, threat detection, and incident response workflows.-Proficiency in Microsoft security stack:M365 Defender, Intune, Azure AD, and Sentinel. -Strong command of KQL for custom detections and threat hunting.-Experience with scripting (PowerShell), automation, and EDR tooling integrations is a plus.-Experience with Halcyon and CrowdStrike EDR is a plus and considered an added advantage.- Prefered Certifications SC-200:Microsoft Security Operations Analyst,SC-100:Microsoft Cybersecurity Architect,AZ-500:Microsoft Azure Security Technologies,MITRE ATT&CK Defender (MAD) certs,CISSP, CEH, or equivalent industry certifications Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions. Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies. SIEM and Incident ResponseHands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Strong skills in incident response, threat hunting, and forensic investigation. Access and Identity ManagementFamiliarity with IAM concepts and tools, including MFA and SSO solutions. Experience with configuring and troubleshooting access control for network and endpoint systems. Automation and ScriptingBasic scripting abilities (e.g., Python, PowerShell) for automating security processes. Excellent analytical and problem-solving skills. Effective communication skills for interacting with team members and stakeholders. Ability to work in a fast-paced environment and handle high-stakes incidents. Certifications (Preferred) CompTIA Security+, Cisco CCNA Security, Certified Ethical Hacker (CEH), or other relevant security certifications. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 10 years of experience in security & infrastructure administration Experience on any Products for Implementation & Operations in SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Expertise of handling industry standard risk, governance and security standard methodologies and incident response processes (detection, triage, incident analysis, remediation and reporting). have shown attention to detail and interpersonal skills and expertise to oversee input and develop relevant metrics and Competence with Microsoft Office, e.g. Word, Presentation, Excel, Visio, etc Preferred technical and professional experience Ability to multitask and work independently with minimal direction and maximum accountability. One or more security certifications. (CEH, Security+, GSEC, GCIH, etc).

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled WAF and Firewall Security Expert to manage Web Application Firewalls (WAF) and network perimeter security. The ideal candidate will have in-depth knowledge of Akamai, Cloudflare, and similar WAF/CDN platforms, along with a strong grasp of application layer (Layer 7) attacks, web security vulnerabilities, and real-world mitigation strategies Roles & Responsibilities:-WAF Policy Management:Administer Web Application Firewall (WAF) rule sets and policies using industry-leading platforms such as Akamai -Kona Site Defender, Cloudflare WAF, AWS WAF, or similar solutions.-Application Layer Defense:Analyze, detect, and defend against a wide range of OWASP Top 10 and other Layer 7 threats, including:-SQL Injection (SQLi)-Cross-Site Scripting (XSS)-Remote Code Execution (RCE)-Cross-Site Request Forgery (CSRF)-HTTP protocol abuse-Malicious bot traffic and API abuse-Firewall & Network Security:Deploy and manage network firewalls and integrate them with other security technologies including Intrusion-Detection/Prevention Systems (IDS/IPS) and DDoS mitigation tools. Professional & Technical Skills: -Bot Protection Expertise:Strong understanding of automated bot attacks, with hands-on experience in detection and defense strategies using behavioral analytics, CAPTCHA, rate limiting, and JavaScript challenges.-Threat Monitoring & Incident Response:Proactively monitor and respond to threats across both application and network layers, leveraging SIEM tools and real-time alerting systems.-Cross-Functional Collaboration:Work in close partnership with DevOps, development, and security teams to enforce secure deployment practices and ensure robust application configurations.-WAF Tuning & Optimization:Perform continual WAF tuning, including signature refinement and custom rule development, to ensure an optimal balance between security coverage and application functionality.-Threat Intelligence & Research:Stay current on emerging application-layer attack vectors, tools, and adversary tactics to inform proactive defense measures.-Incident Handling:Participate in incident response, including threat hunting, forensic analysis, and contributing to post-mortem investigations to enhance organizational resilience. Additional Information:- The candidate should have minimum 7.5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented CrowdStrike Endpoint Security Administrator to manage, maintain, and optimize our deployment of CrowdStrike Falcon. This role involves operational administration of the platform, proactive threat detection, and ensuring endpoint security across the enterprise. Roles & Responsibilities:-Administer and manage the CrowdStrike Falcon platform including configuration, tuning, and policy management.-Monitor alerts and dashboards for suspicious activity and work with incident response teams as needed.-Deploy and upgrade CrowdStrike agents across Windows, macOS, and Linux systems.-Create and maintain documentation for policies, procedures, and system configurations.-Integrate CrowdStrike with SIEMs, ticketing systems, and other security tools.-Perform regular audits and health checks to ensure endpoint coverage and compliance.-Respond to endpoint-related security incidents and assist with forensic investigations.-Collaborate with IT teams to ensure secure configuration and patch management across endpoints.-Hands-on experience with CrowdStrike Falcon (policy management, sensor deployment, event analysis).-Familiarity with EDR/XDR concepts and tools. Professional & Technical Skills: - Must To Have Skills: Proficiency in Endpoint Extended Detection and Response.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat hunting methodologies.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

We are looking for a skilled professional with 6-9 years of experience to join our team as an SIEM specialist. The ideal candidate will have a strong background in security information and event management. Roles and Responsibility Design, implement, and manage SIEM systems to ensure the security and integrity of our organization's data. Develop and maintain dashboards and reports to provide insights into security threats and trends. Collaborate with cross-functional teams to identify and mitigate potential security risks. Conduct regular vulnerability assessments and penetration testing to identify weaknesses. Analyze log files and system logs to detect anomalies and suspicious activity. Develop and enforce security policies and procedures to ensure compliance with industry standards. Job Requirements Strong understanding of security principles and technologies such as firewalls, intrusion detection systems, and encryption. Experience with SIEM tools such as Splunk, LogRhythm, or QRadar. Excellent analytical and problem-solving skills with attention to detail. Ability to work effectively in a fast-paced environment and meet deadlines. Strong communication and collaboration skills to work with technical and non-technical stakeholders. Familiarity with industry standards and regulations related to security such as HIPAA, PCI-DSS, or NIST.

Responsible for monitoring and responding to security incidents within the SOC. Duties include analyzing security events, identifying vulnerabilities, and managing incidents using SIEM tools. The analyst must be adept at threat detection, incident response, and ensuring network security by implementing proactive measures to prevent data breaches.

Implement and manage cybersecurity measures to protect enterprise systems from external and internal threats. You will monitor, identify, and respond to security incidents. Expertise in network security, threat detection, and incident response is required.

Focuses on implementing and managing Palo Alto network security appliances to safeguard enterprise systems. Duties include configuring firewalls, monitoring network traffic, and performing regular security audits. The role demands expertise in network security, firewalls, VPNs, and threat detection to prevent unauthorized access and data breaches.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled and experienced Senior Threat Hunter with deep expertise in Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The ideal candidate will excel in advanced KQL query writing, hypothesis-driven hunting, detection engineering, and data visualization using Sentinel Notebooks and Workbooks. This role plays a critical part in proactively identifying threats, tuning detection logic, and enhancing our overall threat hunting capabilities.Key Responsibilities:- Write and optimize advanced KQL queries to detect malicious activities in Sentinel and MDE logs.- Conduct proactive threat hunting by forming hypotheses and correlating data across M365 Defender, Sentinel, and other sources.- Use Sentinel Notebooks (Azure ML/Log Analytics) and Workbooks to visualize hunt data and share findings with stakeholders.- Leverage MDE Advanced Hunting for in-depth endpoint telemetry analysis.- Integrate threat hunting with the MITRE ATT&CK framework, mapping TTPs and identifying gaps in coverage.- Collaborate with L3 analysts and detection engineers to fine-tune existing analytics rules and hunting queries.- Create and manage Sentinel Playbooks (Logic Apps) to automate threat response and investigation workflows.- Support continuous improvement of the threat detection lifecycle by contributing to new detection use cases and threat models.- Assist in Purple Team exercises and post-incident retrospectives by contributing hunt-driven insights. Professional & Technical Skills: - 5+ years of experience in cyber threat hunting, SOC operations, or detection engineering.- Strong proficiency in Kusto Query Language (KQL) with hands-on experience in Microsoft Sentinel and MDE.- In-depth knowledge of endpoint, network, and cloud telemetry (especially Microsoft ecosystem).- Experience using Sentinel Workbooks, Notebooks, and custom analytics rule creation.- Practical experience in hypothesis-driven threat hunting and developing custom detection rules.- Familiarity with MITRE ATT&CK framework and its use in mapping attacker TTPs.- Hands-on experience with Sentinel automation workflows using Logic Apps.- Microsoft SC-200:Microsoft Security Operations Analyst- Microsoft SC-100:Microsoft Cybersecurity Architect- GIAC GCFA/GCIA/GCED (or equivalent)- AZ-500:Microsoft Azure Security Technologies- OSCP (for offensive knowledge is a plus) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Say hello to possibilities. Its not everyday that you consider starting a new career. We’re RingCentral, and we’re happy that someone as talented as you is considering this role. First, a little about us, we’re the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. We’re a $2 billion company that’s growing at 30+% annually. Job Type: Full-Time Department: Security This is a great opportunity to work at a rapidly growing, market leading Unified Communications as-a-service company. RingCentral provides Voice-over-IP (VoIP), hosted PBX, voicemail, SMS, e-fax, and HD video meeting solutions for business. About this role: As a SOC Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentral’s global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel. Successful Candidates will: Have proven skills in application security, security monitoring, incident response and intrusion analysis Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills Demonstrated track record of quality processes in candidate’s work history Be strongly self-motivated with an aptitude for both individual and team-oriented work Have experience following and refining standard operating procedures and playbooks Responsibilities: Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment Engage teams within and outside of RingCentral to mitigate and resolve cases Maintain relevant documentation and audit artifacts Identify and track suspicious system activity Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems This role participates in on-call rotations Qualifications / Requirements: 3+ years in a security engineering, SRE, or SOC roles in a cloud services environment Experience with SIEM Experience investigating security incidents Basic knowledge AWS or GCP Experience with IDS, case management, and related tools and practices Experience with Linux, RedHat preferred Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc. Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP) Preferred Skills/Experience: Any combination of the following certifications: GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) GNFA (GIAC Certified Network Forensic Analyst) GCFE (GIAC Forensic Examiner) GASF (GIAC Advanced Smartphone Forensics) GICA GCTI (GIAC Certified Cyber Threat Intelligence) GPEN (GIAC Certified Pentester) GWAPT (GIAC Certified Web Application Pentester) GPYC (GIAC Certified Python Coder) OSCP (Offensive Security Certified Pentester) Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events Strong knowledge of Microsoft Windows Experience automating security tasks, including scripting, programming and/or SecDevOps Experience working with global teams

: Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What well offer you , 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How well support you . . . . About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Essential knowledge• Have over 8+ years of rich experience in information security domain and at least 4-6 years of dedicated experience in Threat-hunting.• Proficiency in using threat intel platforms such as CybelAngel, ThreatConnect, Recorded Future, DarkTrace etc.• Proficiency in using SIEM and SOAR solutions.• Strong understanding of network protocols and security technologies.• Strong understanding of endpoint detection and response (EDR) tools.• Excellent analytical and problem-solving skills• Preferably worked in BFSI domain with proven experience in SOC function.• Knowledge of key security standards and regulations such as NIST 800-61, CERT/CC, ISO 27035 etc.Skills and Application• Maintaining up-to-date knowledge of security landscape, threats, attack patterns and counter measures• Assess and design threat-hunting processes through solutions, tools and methodologies• Reviewing use cases/playbooks for integrating threat-intel• Continuously monitor security hygiene and performance using tools and processes• Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilienceOther• Knowledge of evolving advanced tech stacks and related control and risk universe from a threat-hunting perspective.• The ideal candidate will have a technical or computer science degree.• Professional certifications: GCIH, CISSP, CEH,etc.

We are looking for a Lead Cybersecurity Engineer with deep technical expertise and leadership experience to drive innovative threat detection solutions and lead a team of security engineers. The ideal candidate will bring hands-on experience in research & development (R&D) , demo environment creation , endpoint security , SIEM operations , and cloud-native tools such as Azure Sentinel and the Microsoft Defender suite . This role will play a strategic part in shaping our security detection roadmap and mentoring a high-performing team. Key Responsibilities: Technical Leadership & Strategy Lead a team of cybersecurity engineers in R&D, detection engineering, and solution design. Define detection strategies and oversee implementation of new use cases across tools. Collaborate with security architects, threat intel, and SOC teams for end-to-end threat coverage. R&D & Security Innovation Drive continuous improvement through security research, PoCs, and new technology evaluations. Analyze evolving threats and proactively build defense strategies and custom detections. Lead the development of security content aligned with frameworks like MITRE ATT&CK. Demo Environment & Simulation Lab Design and lead the creation of demo/test environments to simulate real-world threats. Automate environment deployment for testing security tools, rules, and threat scenarios. Build reusable assets and playbooks for internal enablement and customer-facing demos. Endpoint & SIEM Security Lead implementation and optimization of Microsoft Defender for Endpoint , Defender for Identity , and Defender for Cloud . Oversee the configuration and tuning of Azure Sentinel , including custom KQL queries, analytics rules, and automation via playbooks. Ensure integration of diverse log sources and enrichment for advanced threat detection. People & Process Management Mentor junior engineers and promote skill development across the security engineering team. Establish standards and documentation for security engineering best practices. Drive cross-functional collaboration with IT, Cloud, Compliance, and SOC stakeholders. Required Skills & Experience: 8+ years in cybersecurity roles, with 3+ years in a leadership or senior engineering position . Strong hands-on experience with: Azure Sentinel (KQL, workbooks, playbooks) Microsoft Defender for Endpoint, Identity, and Cloud Endpoint security, EDR, and threat detection Security lab/demo environment setup Excellent understanding of security frameworks (MITRE ATT&CK, NIST, etc.). Strong scripting and automation skills (PowerShell, Python, etc.). Experience managing or mentoring technical teams and delivering complex security projects.

As a Fortune 50 company with more than 400,000 team members worldwide, Target is an iconic brand and one of America's leading retailers. Joining Target means promoting a culture of mutual care and respect and striving to make the most meaningful and positive impact. Becoming a Target team member means joining a community that values different voices and lifts each other up. Here, we believe your unique perspective is important, and you'll build relationships by being authentic and respectful. Overview about TII At Target, we have a timeless purpose and a proven strategy. And that hasnt happened by accident. Some of the best minds from different backgrounds come together at Target to redefine retail in an inclusive learning environment that values people and delivers world-class outcomes. That winning formula is especially apparent in Bengaluru, where Target in India operates as a fully integrated part of Targets global team and has more than 4,000 team members supporting the companys global strategy and operations. Job Summary: We are seeking a highly skilled Senior Engineer - Threat hunting and countermeasures to join our world class cybersecurity-cyber defence team. The ideal candidate will proactively identify, investigate, and mitigate cyber threats across the organization. This role involves working with advanced tools, conducting threat hunting and providing actionable insights to improve the organizations security posture. About The Role/Key Responsibilities: Threat Hunting & Analysis: Conduct proactive threat hunting across networks, endpoints, and cloud environments. leveraging intelligence, hypothesis-driven methodologies, and data analysis to identify and mitigate hidden threats. Work collaboratively to implement solutions based on the MITRE ATT&CK framework, Red team or Purple Team results, and other threat modeling methodologies. Advocate for continuous improvement, staying current with emerging threats, tools, and techniques. Advanced Threat Detection: Develop and refine detection rules in SIEMs and other security tools. Build and optimize tools, scripts, and automations to enhance the efficiency and effectiveness of hunting and countermeasure deployment Collaboration & Reporting: Partner with intelligence, detection, and incident response teams to validate and operationalize findings Prepare detailed reports and briefings on threat hunting activities, findings, and trends. Advocate for continuous improvement, staying current with emerging threats, tools, and techniques. Present findings to senior leadership and provide strategic recommendations. About You/Qualifications: Bachelors degree in computer science, Information Security, or related field (or equivalent experience). 4 years of experience in threat hunting, incident response, countermeasure engineering or related roles. Strong understanding of threat hunting methodologies, detection engineering, and countermeasure design. Experience with security tools such as SIEM, EDR, NDR, and forensic analysis tools. Proficiency in scripting languages (Python, PowerShell, etc.) for automation and analysis. Familiarity with threat intelligence platforms and frameworks like MITRE ATT&CK, Pyramid of Pain, and detection engineering principles. Strong analytical, problem-solving, and communication skills. Proven ability to conceptualize and operationalize threat hunting hypotheses based on threat intelligence and research. Proficient in analyzing diverse data sources, including host-based (e.g., Sysmon, CrowdStrike) and network-based (e.g., Zeek, Suricata) logs. Experience with scripting and programming for hunting and countermeasure automation (Python preferred). Familiarity with technologies such as Splunk, Elastic-Search, SIGMA, YARA, and cloud detection in GCP and AWS. Adept at communicating technical concepts to both technical and non-technical audiences, with a focus on leadership and cross-team collaboration. A self-starter with a passion for innovation and solving complex problems in a high-stakes environment. Desired Skills (Added advantage) Experience with deception techniques, honeytokens, or other adversary engagement strategies. Background in malware analysis, reverse engineering, or exploit development. Certifications such as GREM, GCFA, or similar in advanced threat hunting and analysis. Why Join Us Be part of a forward-thinking world class cybersecurity team. Opportunities for professional growth and continuous learning. Useful Links- Life at Target- https://india.target.com/ Benefits- https://india.target.com/life-at-target/workplace/benefits Culturehttps://india.target.com/life-at-target/belonging

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: As a leading technology innovator, Qualcomm pushes the boundaries of what's possible to enable next-generation experiences and drives digital transformation to help create a smarter, connected future for all. As a Qualcomm Software Engineer, you will design, develop, create, modify, and validate embedded and cloud edge software, applications, and/or specialized utility programs that launch cutting-edge, world class products that meet and exceed customer needs. Qualcomm Software Engineers collaborate with systems, hardware, architecture, test engineers, and other teams to design system-level software solutions and obtain information on performance requirements and interfaces. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field. 1-2 years of relevant experience. Additional Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Feature development for Android and Linux/Ubuntu based Snapdragon products. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelor's degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience (3-6 years) with C/C++ and good programming skills. Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Good understanding of Linux kernel and internals. Good understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams.

JD: Work Location Mumbai (Aeroli) Experience – 3-4years Install, configure, and manage FleetDM and OSQuery across the bank's critical endpoints, ensuring continuous monitoring of core banking systems and financial infrastructure. Create and deploy custom queries, alerts, and rules to detect unauthorized activities, internal threats, and system anomalies. Leverage FleetDM and OSQuery to gather and analyze endpoint telemetry data (e.g., processes, network activity, financial transactions, file system changes) for signs of malicious activity targeting banking applications and infrastructure. Proactively hunt for advanced persistent threats (APTs), malware, and other security risks across Windows and Linux environments, with a focus on protecting critical banking systems. Utilize data from FleetDM and OSQuery to identify potential risks and detect fraudulent activities across financial systems and customer-facing services. Investigate malware to understand its impact on financial services, and develop detection rules to mitigate future incidents. Track and respond to threats involving online banking, mobile banking apps, payment systems, and other financial platforms. Knowledge on operating systems, networking, any query language etc