234 Threat Hunting Jobs - Page 9

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate emerging security technologies and recommend improvements to existing security frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Good To Have Skills: Experience with cloud security tools and frameworks.- Strong understanding of risk assessment methodologies and threat modeling.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.- Experience in incident response and security operations. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Cybersecurity expert skilled in Microsoft Defender, CrowdStrike, Intune, Entra ID, QRadar, PowerShell, and Python. Experienced in Zero Trust, PAM (CyberArk), and hybrid/cloud environments. Certified in CISSP, CEH, CCFA, and Microsoft SOA.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : Microsoft Azure Sentinel, No Function Specialty Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a key player in ensuring the security of the organization's digital assets and infrastructure. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Implement security measures to protect systems, networks, and data. Conduct security assessments and audits to identify vulnerabilities and risks. Develop and implement security policies, procedures, and best practices. Stay updated on the latest security trends, threats, and technologies. Professional & Technical Skills: Must To Have Skills:Proficiency in Splunk Security Information and Event Management (SIEM). Good To Have Skills:Experience with Microsoft Azure Sentinel. Strong understanding of security principles and practices. Knowledge of network security protocols and technologies. Experience in incident response and threat hunting. Ability to analyze and interpret security data for actionable insights. Additional Information: The candidate should have a minimum of 5 years of experience in Splunk Security Information and Event Management (SIEM). This position is based at our Bengaluru office. A 15 years full time education is required. Qualifications 15 years full time education

The Cyber Threat Detection and Development role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Cyber Threat Detection and Development domain.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a secure environment for all stakeholders. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Threat hunting experience is must. Familiarity with threat intelligence sources and frameworks (MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Ability to proactively find cybersecurity threats and mitigate them. Knowledge about Advanced persistent threats and treat actors, their TTPs. Ability to recognize attack patterns and corelate them with specific threat actors. Ability to obtain as much information on threat behaviour, goals and methods as possible. Knowledge of Analytics platforms for carrying out detailed analytics of obtained telemetry.

Job Summary: We are seeking a highly experienced SOC SME to lead complex incident response, design advanced detective controls, and perform proactive threat hunting across multi-platform environments. This role demands strong technical expertise in security operations and a proactive approach to threat mitigation. Work from Office - Bangalore location [Brookfield] Rotational and Night Shift applicable Mandatory Skill Set: 8+ years in Security Operations/Incident Response Hands-on with SIEM, SOAR, XDR platforms (e.g., Cortex XSIAM, Torq) Expertise in threat hunting and event analysis Knowledge of cyber frameworks: MITRE ATT&CK, NIST, Kill Chain Experience with EDR tools , network forensics , and log analysis Strong understanding of incident lifecycle and post-incident reporting Excellent analytical and communication skills Bachelor's degree in Computer Science or related field Key Responsibilities: Lead incident response (IR) and analyze complex security events Design and improve detective controls and alert use cases Conduct proactive threat hunting and trend analysis Stay updated on cyber threat landscape and threat actor TTPs Contribute to security innovation , tool enhancement, and process maturity Deliver detailed incident reports and post-mortem reviews Preferred Skills: Scripting: Python, PowerShell Cloud Security: AWS, Azure, GCP Certifications: CISSP, GIAC, CEH Strong grasp of defense-in-depth and layered security strategies

threat hunting and intelligence analysis tools,malware analysis and threat detection, SOC operations, Malware Reverse Engineering, Exploit Development, SIEM, IDS/IPS, and other security tools, CTIA, GCIA,GCIH, OSCP+,GCTI Required Candidate profile malware, ransomware, application & network layer attacks,shell, Python, and PowerShell SIEM platform (e.g., Splunk, Elastic Stack) SQL queries,Threat Hunter & Threat Intelligence Analyst

About Information Security Group (ISG) Tredence CISO's office is accountable for Security and Privacy on all aspects of Tredence's internal and Client facing business. The team in charge of Security - the Information Security Group (ISG) - focusses on all elements of Information Security for the organization working collaboratively with stakeholders from across its business. The team provides internal as well as external stakeholders assurance while confidential data is being handled to meet business objectives. ISG takes care of implementing, maintaining and reporting of Information Security and its posture using a combination of Policies, Procedures, Guidelines and Cyber Security technology controls on an ongoing basis. The team comprises of two Groups, 1. Cyber Security Governance, Risk and Compliance (GRC) and, 2. Cyber Security Technical Operations (TechOps) Responsibilities o In this role in SecArch (under the TechOps group), you will partake in strategizing and handling of initiatives related to building and keeping up-to-date all relevant Technical Security Standards (e.g.: Hardening Standards, Encryption Standards etc.) as well as build and maintain the Security Architecture artifacts (e.g.: Framework etc.), and help evolve the Security Architecture and Cyber Security maturity of the Organization o You will review and sign-off on all relevant IT and IoT changes which can influence the Security Architecture as well as manage exceptions to the same o You will track and extend / revoke exceptions in a timely manner so as to ensure exceptions are only utilized on a business-need-to-have basis o You will handle supplier technical security due diligence of the products and/or services so as to ensure the assessee has apt set of technical controls as desired - with respect to Confidentiality, Integrity and Availability - before being contracted for work / use with the organization; and similarly in M&A initiatives as and when applicable o You will maintain a constant view of the current security state in the organization so as to ensure adequacy and coverage of technical security controls in the organization o You will handle initiatives pertaining to systematic detection and mitigation of technical control gaps across the organization on an ongoing basis o From a Security Engineering standpoint, you will partake in the development and implementation of the Security Engineering program in which various implementations of Cyber Security technologies will be undertaken to help protect the organization from Cyber Threats from time to time o You will work with Security Vendors from initial expectation conversations, RFPs, functional requirements, proof of concepts (POCs) and vendor short listing, UAT, production rollouts, product or platform upgrades as well as ongoing maintenance as required o You will keep abreast with the latest events pertaining to the Global Cyber Security Threat landscape so as to consider critical Cyber Security stack upgrades for the organization on priority o You will ensure control coverage and effectiveness in all solution rollouts in a systematic fashion o You will work closely with Security Architecture team and other relevant stakeholders to obtain a clear understanding of the current Cyber Security posture of the organization and control gaps to help derive the required Security Engineering Strategy and implementation of the same o You will assist the team in handling Cyber Security budgets for the CISO Office through its entire lifecycle from budget proposals, approvals and periodic tracking and reporting Knowledge expectations o You come with up to 5 years of hands-on working experience in Information Security o You have good knowledge of various latest Cyber Security technology controls (e.g.: SASE, CASB, anti-APT, EDR, XDR, SIEM, SOAR, UEBA, Threat Hunting, WAF, Firewalls, anti-DDoS, PIM-PAM, Attack Surface Monitoring (ASM) technologies etc.), Enterprise Security Architecture, Cyber Resilience, Cloud Security Strategy and roadmap, and Security Standards not withstanding its applicability on-prem, on-cloud, mobile or on IoT infrastructure paradigms o You have basic knowledge in various topics in the following areas, such as but not limited to application of Security to Systems, Storage, Compute, Cloud, Networks, Virtualization, Software and OT o You have a fundamental knowledge of applying essential security controls in one or more of the following Cloud platforms - Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP) o You have a basic understanding of various Security Standards and Frameworks such as, but not limited to, Information Security Management System (ISO 27001), Business Continuity Management System (ISO 22301), NIST Cyber Security Framework (NIST), NIST 800-53, PCI DSS, HIPAA, SSAE-18 SOC 1 or SOC 2 and SoX controls Required education and certifications o You are an Engineering graduate, have an equivalent or higher education o You have acquired one or more of the following certifications - CISSP, CISM, CCSP, ISO 27001 Lead Implementer / Auditor, Azure, AWS and GCP Certifications Skill expectations and others o You have great attention to detail, strong communication and collaboration skills o You come with a mix of technical, analytical and problem-solving skills o You come with a mindset of helping improve the Information Security Program at all times o You are an avid learner which you continuously look at imbibing and applying on the job o You are a self-starter, a go getter and an innovative thinker with a positive attitude Required Skills

Security Specialist, Incident Response Responsibilities includes • Lead security incident response in a cross-functional environment and drive incident resolution. • Lead and develop Incident Response initiatives that improve Allianz capabilities to effectively respond and remediate security incidents. • Perform digital forensic investigations and analysis of a wide variety of assets including endpoints. • Perform log analysis from a variety of sources to identify potential threats. • Build automation for response and remediation of malicious activity. • Write complex search queries in the EDR as well as SIEM tools for hunting the adversaries. • Works on SOAR cases, automation, workflow & Playbooks. • Integrating and working on Identity solutions. • Developing SIEM use cases for new detections specifically on identity use cases. Minimum Qualifications: • 5-10 years of experience in Security Incident Response, Investigations • Working experience in Microsoft On-prem and Entra ID solutions • Good knowledge in Active Directories and Tier 0 concepts • Very good knowledge of operating systems, processes, registries, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux. • Experience investigating and responding to both external and insider threats. • Experience with attacker tactics, techniques, and procedures (MITRE ATT&CK) • Experience analyzing network and host-based security events

Role : Cyber 3rd Party Risk Analyst Job Description : Cyber & Information Security team is seeking a Third-Party Security Analyst. Reporting to the Director of Cyber & Information Security, the analyst will perform third-party security assessments. You will work with a team of professional Security Analysts leveraging Next Gen security tools to perform the full lifecycle of third-party reviews from onboarding to real-time monitoring of vendors and suppliers. Total Experience 4 to 6 years. Responsibilities, Functions and Duties : - Conduct technical security assessments of third-party vendors, suppliers and partners by reviewing their security controls, adherence to regulations, compliance and contracts. - Analyze third-party security assessment findings and document security risks within the management software for tracking of risk reporting. - Coordinate with various stakeholders to verify and remediate security risk findings. - Develop KRIs and KPIs around third-party risk assessments and the remediation of key findings. - Develop, Update, and Publish Policies and Standard Operating Procedures for third-party risk management. - Continuously monitor for active vulnerabilities and cyber events against our vendors and suppliers. - Participate in third-party cyber incident response by reaching out to impacted vendors and tracking remediation. - Be an ambassador for Cyber & Information Security within Crum & Forster. Requirements Knowledge and Requirements : - Previous experience performing technical security audits or third-party assessments. - Understanding of current Cyber Vulnerabilities & threats. - Knowledge of security assessments (SOC reports, ISO/NIST, vulnerability and pen testing assessments). - Fundamental understanding of system and network security principles and technology. - Ability to interface with a wide audience of technical and non-technical personnel. Cyber 3rd Party Risk Analyst - Ability to prioritize and manage workloads and deadlines. - Excellent written and verbal communication skills. - Self-starter who is motivated and driven to learn. - Bachelors degree in a technical discipline or equivalent experience Preferred Qualifications : - Prior experience and/or certifications in AWS, Azure, and/or GCP. - Experience in performing third-party assessments of SaaS providers and vendors operating in cloud environments. - Experience performing risk assessments. - Any Security focused Certifications. - 3-5 year Cybersecurity related experience.

Exp. in a SOC, incident detection and response,SIEM platform and EDR. understanding of networking principles, TCP/IP, WANs, LANs, and Internet protocols (SMTP, HTTP, FTP, POP, LDAP). cloud security concepts & platforms (e.g., AWS, Azure, GCP).

Dreaming big is in our DNA Its who we are as a company Its our culture Its our heritage And more than ever, its our future A future where were always looking forward Always serving up new ways to meet lifes moments A future where we keep dreaming bigger We look for people with passion, talent, and curiosity, and provide them with the teammates, resources and opportunities to unleash their full potential The power we create together when we combine your strengths with ours is unstoppable Are you ready to join a team that dreams as big as you do AB InBev GCC was incorporated in 2014 as a strategic partner for Anheuser-Busch InBev The center leverages the power of data and analytics to drive growth for critical business functions such as operations, finance, people, and technology The teams are transforming Operations through Tech and Analytics, Do You Dream Big We Need You, Job Description Job Title: Senior Specialist Cyber Security Operations Location: Bengaluru Reporting to: Senior Manager Cyber Security Operations Purpose of the role Do you want to join the world largest brewerWe at AB-InBev have a fantastic opportunity for you to work as a Cyber threat hunter & join a growing team of top professionals who invest time and effort in protecting Ab-InBev from top Sophisticated Threats We're constantly improving, advancing, and adopting new trends, new skills, and new expertise, giving our employees endless opportunities for professional development Youll be expected to work with in a team of incident responders operating in 24x7 shift model with deep knowledge on investigating Security alerts, and process responses for alerts generated by cyber security systems within defined timelines, Key tasks & accountabilities Work in a team of cyber security incident responders monitoring, responding, and processing responses for the security alerts triggered from SOC tools deployed across on-premises and cloud environments like EDR, IDS/IPS, Web proxy, SIEM, phishing analysis etc , And from Cloud Security platforms like MS Defender for Cloud, AWS Guard duty, Orca Security etc , Monitor threats and new attack techniques being disclosed in the wild, Investigate events to determine if they are true events or false positive, Perform hunts in environment to identify any persistent in environment, Create incident storyline based on the investigations, identify, and communicate required remediation steps for all security alerts/incidents, Co-relate different log sources to collect the evidence required to understand the impact and advise on response actions, Must have worked on Tuning existing alerts and Creation of exiting alerts to reduce False positive, Adhere to the SLAs and operational practices during a 24x7 shift schedule, Follow shift routine, regular updates to incidents, follow-up with vendors, AB InBev Zone Security contacts, and shift handover, Work closely with In-house automation, data science to automate the repeated tasks, Participate in projects to improve security monitoring toolkits as well as to improve defensive controls, Act as an Incident commander during Critical incidents Act quickly on identifying potential kill switch and containment Post Containment, Prepare the incident report and share with required stakeholders, Create Incident response SOPs and run books as in when needed, Seek opportunities to drive efficiencies and collaborate with other technology teams within and outside SOC (Eg : NOC, Infra, automation, Intel, Offensive team, Cloud Ops, etc ,) Working closely with Engineering team, to aid in the enhancement of contextual analysis and providing threat hunting support, Business Environment Flexible to support in 24*7 support environment, Proficient in Threat Hunting techniques (endpoint and network data analysis), Knowledge on Operational Technology (OT) Devices, Protocols, Effective interpersonal, team building and communication skills, Good Oral and Written communication skills Ability to communicate complex technology to non tech audience in simple and precise manner Ownership skills, Effectively collaborates and communicates with the stakeholders and ensures client satisfaction, Learn things quickly, while working outside the area of expertise, Good knowledge of security standards and best practices, Understanding of various operating systems, Familiarity with the Cyber Kill Chain and demonstrable analytical skills, Qualifications, Experience, Skills Bachelors degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience, 6+ years of experience in a technical role in the areas of Incident response, CISRT and SOC Operations, Experience with more than one EDR, SIEM, and log analysis tools and techniques, Experience on Cloud Security native solutions like MS Defender for Cloud, AWS Guard duty, GCP Command center etc , and commercial tools like Orca, Wiz etc , Experience in handling critical incidents in the past with Strong ability to use data points to sketch a story, Ability to identify and communicate remediation steps for cybersecurity events by considering architecture, infra and system limitations, Ability to recognize potential intrusion attempts and compromises through analyses of relevant event logs, Good knowledge on operating system internals (Windows, Linux/UNIX & MAC) and Networking concepts, Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively, Nice to have: Security certifications like CEH, CHFI, CompTIA Security +, etc , Should have strong experience on Cyber Security alert response practices and Critical incident handling procedures, Good to have experience in tuning UBEA platform, Should have Advanced knowledge on operating system internals (Windows & Linux/UNIX) and Networking protocols, A demonstrated passion towards cyber security, Competencies: Familiarity with offensive strategies and attack vectors, Ability to effectively work in a global team across a complex, geographically dispersed organization, Good understanding of common threat analysis models such as the Cyber Kill Chain, and MITRE ATTCK, Knowledge on Operational handling will be an additional advantage, And above all of this, an undying love for beer! We dream big to create future with more cheers

Managed Services SOC Manager Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

We are looking for a highly skilled and experienced Cyber Triage and Forensics professional with 4 to 9 years of experience to join our team as a Shift Lead. The ideal candidate will have a strong background in cybersecurity, excellent leadership skills, and the ability to work effectively in a fast-paced environment. ### Roles and Responsibility Manage day-to-day operations and performance of CTF Analysts. Ensure prompt and efficient response to email and case queues. Distribute workload among threat hunting teams and oversee their activities. Participate in security event analysis and triage. Provide technical leadership and mentorship to junior analysts. Set clear performance expectations and manage team performance. Report case status and significant incident updates to the global lead. Update Standard Operating Procedures (SOPs) and drive continuous improvement within the team. Coordinate with the Technical Lead for incident and investigation support as needed. ### Job Requirements Bachelor's degree in Computer Science, Information Systems, Information Security, or equivalent work experience. Minimum 4-5 years of experience in a Security Monitoring/Security Operations Center environment (SOC), investigating security events, threats, and/or vulnerabilities. Understanding of electronic investigation and log correlation with proficiency in the latest intrusion detection platforms. Working knowledge of Linux and/or Windows systems administration, including Active Directory. Scripting or programming skills (Shell scripting, Python, PowerShell, Perl, Java, etc.). Familiarity with network and endpoint security principles, current threat trends, and a basic understanding of the OSI model. Working knowledge of Defense in depth strategies. Understanding Information Security Principles, Technologies, and Practices. Demonstrable experience with multiple security event detection platforms. Thorough understanding of TCP/IP and basic IDS/IPS rules to identify and/or prevent malicious activity. Demonstrated integrity in a professional environment. Good social, communication, and technical writing skills. Comfortable navigating and troubleshooting Linux and Windows system issues. Desired certifications such as SSCP, CEH, GCIH, GCFA, GCIA, GSEC, GIAC, Security+. Previous leadership experience as a team lead or supervisor is preferred.

We are looking for a highly skilled and experienced Security Analyst to join our team in Bengaluru. The ideal candidate will have 7-10 years of experience in incident response, computer forensics, and malware reverse engineering. ### Roles and Responsibility Perform forensic and malware analysis to detect, investigate, and resolve security incidents. Engage in proactive threat hunting and provide expert security assessments using EDR, SIEM, and other tools. Communicate with IT stakeholders during incident response activities to ensure effective containment, remediation, and accurate identification of compromise indicators. Report on incident metrics, analyze findings, and develop reports to ensure comprehensive resolution and understanding of security events. Act as an escalation point for incident response, lead shifts, mentor junior team members, and contribute to team skill enhancement. Analyze security events, provide feedback on security controls, and drive process improvements to strengthen the organization's security posture. ### Job Requirements Undergraduate or Postgraduate Degree in Computer Science, Engineering, or a related field (MCA/MTech/BTech/BCA/BSc CS or BSc IT). At least 7 years of overall experience with a minimum of 5 years specialized in incident response, computer forensics, and malware reverse engineering. Proficiency in operating within a Security Monitoring/Security Operations Center (SOC) environment, including experience with CSIRT and CERT operations. Demonstrated experience in investigating security events, threats, and vulnerabilities. Strong understanding of electronic investigation and forensic methodologies, including log correlation, electronic data handling, investigative processes, and malware analysis. In-depth knowledge of Windows and Unix/Linux operating systems, and experience with EDR solutions for threat detection and response. Possession of or willingness to obtain professional certifications like GREM, GCFE, GCFA, or GCIH. Experience with security incident response in cloud environments, including Azure. Knowledge of legal considerations in electronic discovery and analysis. Proficiency in scripting or programming (e.g., Shell scripting, PowerShell, C, C#, Python). Solid understanding of security best practices for network architecture and server configuration. Demonstrates integrity in a professional environment. Strong ethical behavior. Ability to work independently. Possesses a global mindset for working with diverse cultures and backgrounds. Knowledgeable in industry-standard security incident response processes, procedures, and lifecycle. Positive attitude and Excellent teaming skills. Excellent social, communication, and writing skills. Good presentation skills. Excellent investigative, analytical, and problem-solving skills. Supervising Responsibilities: Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues. Provide mentoring and training to other team members as required, supporting their development and ensuring consistent team performance.

We are looking for a highly skilled and experienced Senior OT Analyst to join our team, with 2-5 years of experience in the field. ### Roles and Responsibility Monitor and analyze ICS/OT alerts generated by IDS tools such as Defender for IoT, Nozomi, Claroty, etc. Identify unusual or suspicious activity, security breaches, or indicators of compromise. Triage and prioritize alerts based on severity and potential impact. Collaborate with SOC analysts and incident response teams to address and mitigate security incidents. Perform pcap analysis to investigate and validate OT alerts. Develop and maintain standard operating procedures (SOPs) for OT alert analysis and triage. Conduct regular security assessments and use cases validations to assure evolving threat coverage and remediation controls in OT systems. Conduct threat hunting activities to identify potential security threats within the OT environment. Provide expert guidance on ICS/OT security best practices and contribute to the continuous improvement of SOC processes. Document all security incidents comprehensively, providing detailed analysis and recommendations to prevent future occurrences. Design and maintain incident response plans and recovery procedures specific to OT incidents. Collaborate closely with IT security counterparts to ensure a cohesive security posture across both IT and OT domains. Stay updated with the latest trends and developments in ICS/OT security. Develop and deliver OT cybersecurity awareness training programs for operational staff. ### Job Requirements Strong knowledge of industrial control systems (ICS), SCADA systems, and other OT technologies. Good understanding of how OT and IT devices interact with each other and how OT devices work. Experience with SIEM tools and log management. Knowledge of regulatory requirements and standards related to ICS/OT security is desirable. Experience with network security solutions, including firewalls and intrusion detection systems (IDS). Analytical skills to screen through data and logs to identify patterns indicative of cyber threats or threat actor methods. Effective communication skills for interacting with technical and non-technical colleagues and stakeholders. Problem-solving attitude, with the ability to manage incidents under pressure. Knowledge of OT-specific malware, Mitre ICS tactics & techniques, and procedures used by threat actors. Relevant certifications are desirable.

Greetings from IT.. I am now hiring a Threat Detection Engineer for my Clients. Location: Bangalore, Gurugram. Experience: 6-13 Years N[P: Immediate-30 days Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE). Kindly share your resume at chanchal@oitindia.com

About Zscaler Serving thousands of enterprise customers around the world including 40% of Fortune 500 companies, Zscaler (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the world’s largest security cloud, Zscaler accelerates digital transformation so enterprises can be more agile, efficient, resilient, and secure. The pioneering, AI-powered Zscaler Zero Trust Exchange™ platform, which is found in our SASE and SSE offerings, protects thousands of enterprise customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Named a Best Workplace in Technology by Fortune and others, Zscaler fosters an inclusive and supportive culture that is home to some of the brightest minds in the industry. If you thrive in an environment that is fast-paced and collaborative, and you are passionate about building and innovating for the greater good, come make your next move with Zscaler. Our Engineering team built the world's largest cloud security platform from the ground up, and we keep building. With more than 100 patents and big plans for enhancing services and increasing our global footprint, the team has made us and our multitenant architecture today's cloud security leader, with more than 15 million users in 185 countries. Bring your vision and passion to our team of cloud architects, software engineers, security experts, and more who are enabling organizations worldwide to harness speed and agility with a cloud-first strategy. We're looking for an experienced Staff Security Researcher to join our Zscaler Threat Hunting team. Reporting to the Director, Zscaler Threat Hunting, you'll be responsible for: Analyze emerging threats, adversarial behaviors, and tactics, techniques, and procedures (TTPs) to understand attacker methodologies and improve detection capabilities Conducting proactive and retroactive threat hunting using Zscaler telemetry drawing from proven experience in behavioral-based threat hunting Researching, analyzing, validating, and clearly documenting threat hunting findings Independently hunting and responding to customers while working flexible schedules, including weekend night shifts and providing on-call support as needed to meet operational demands while getting two days off during the weekdays What We're Looking for (Minimum Qualifications) Proven experience in one or more of the following - threat hunting, incident response, security operations, malware analysis, blue teaming, purple teaming or network defence Hands-on experience in a Security Information and Event Management (SIEM) tool, such as Splunk, Microsoft Sentinel, or ElasticSearch Familiarity with MITRE ATT&CK framework and modern Tactics, Techniques, and Procedures (TTPs) Bachelor’s or graduate degree from four-year college or university (preferably in Computer Science, Engineering, or a related discipline), or equivalent security industry work experience What Will Make You Stand Out (Preferred Qualifications) Must be able to validate findings, perform root cause analysis, and deliver recommendations Scripting and automation skills (Python preferable) Must have excellent reporting and analytical skills and experience writing IDS/IPS, YARA signatures Experience in network-based threat detection #LI-Onsite #LI-AC10 At Zscaler, we believe in innovation, productivity, and success. We are looking for individuals from all backgrounds and identities to join our team and contribute to our mission to make doing business seamless and secure. We are guided by these principles as we create a representative and impactful team, and a culture where everyone belongs. Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including: Various health plans Time off plans for vacation and sick time Parental leave options Retirement options Education reimbursement In-office perks, and more! By applying for this role, you adhere to applicable laws, regulations, and Zscaler policies, including those related to security and privacy standards and guidelines. Zscaler is committed to providing equal employment opportunities to all individuals. We strive to create a workplace where employees are treated with respect and have the chance to succeed. All qualified applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy or related medical conditions), age, national origin, sexual orientation, gender identity or expression, genetic information, disability status, protected veteran status, or any other characteristic protected by federal, state, or local laws. See more information by clicking on the Know Your Rights: Workplace Discrimination is Illegal link. Pay Transparency Zscaler complies with all applicable federal, state, and local pay transparency rules. For additional information about the federal requirements, click here . Zscaler is committed to providing reasonable support (called accommodations or adjustments) in our recruiting processes for candidates who are differently abled, have long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support.

SIEM tools to identify potential threats;VAPT tools, Incident Handling, Forensic Analysis;CEH CSA;CySA+;CISA;incidents and breaches; operating systems, network devices, and security devices.Familiarity with Security Information and Event Management

Advanced knowledge in handling security incidents and leading investigations. Proficiency in managing and optimizing SOC operations. Experience in implementing security protocols and policies. Expertise in Malware Reverse Engineering, Required Candidate profile Certified Information Systems Security Professional (CISSP). Certified Information Security Manager (CISM). GIAC Certified Enterprise Defender (GCED). Certified Information Security Auditor (CISA),

Role & responsibilities Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred. Lead and mentor the SOC team, fostering a culture of continuous improvement and collaboration. Oversee the day-to-day operations of the SOC, ensuring efficient incident detection, response, and recovery processes Collaborate with IT and business units to integrate cybersecurity measures into existing and new technology deployments Manage cybersecurity projects, including the selection and implementation of state-of-the-art security tools and technologies. Conduct regular security assessments, penetration testing, and proactive threat hunting to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC. At least 5 years of experience in cybersecurity, with a minimum of 3 years in a leadership role within an SOC environment. Extensive knowledge of and experience with cybersecurity regulations and standards. Proficient in managing and configuring security technologies (e.g., SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools). Demonstrated ability to lead and develop high-performing teams. Excellent problem-solving, communication, and presentation skills. Must be a flexible to work in US Shift

https://zrec.in/jXrSD?source=CareerSite

Role & responsibilities Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE) Preferred candidate profile

Job Summary: We are looking for an experienced SOC Security Analyst SME to join our cybersecurity team. This role involves real-time monitoring, threat hunting, incident response, and implementing modern detective controls to proactively defend against evolving cyber threats. Need Immediate Joiners or with a notice Period of a Month would be preferrable. Work From Office and will have Rotational Shifts. Key Responsibilities: Analyze and respond to security alerts and incidents. Perform deep-dive investigations to identify root causes and suggest mitigations. Design modern detective controls and continuously improve detection capabilities. Conduct proactive threat hunting and improve alerting use cases. Participate in 24/7 incident response rotation and document IR activities. Stay informed on threat actor tactics and industry trends to enhance security posture. Mandatory Skills & Qualifications: Bachelors degree in Computer Science, InfoSec, or related field 57+ years of experience in a Security Operations Center (SOC) or similar role Strong background in threat hunting and security incident analysis Experience with SIEM, SOAR, and XDR tools (e.g., Cortex XSIAM, Torq) Familiarity with cybersecurity frameworks like NIST , MITRE ATT&CK , and kill chain methodology Excellent analytical skills and attention to detail Preferred (Good-to-Have) Skills: Cloud security (Azure, AWS, GCP) Incident response experience in complex environments Endpoint and network forensic analysis Certifications: CISSP, GIAC, CEH Scripting in Python, PowerShell