14 Threat Jobs

The Cyber Security Architect is a senior manager aligned with the CISO's Organisation. You will be responsible for enforcing Information Security compliance within your area of responsibility in accordance with the CISO's mandate and strategy, as well as the Company's risk appetite. As a Security Architect, you will be the expert and point of escalation for all IT security-related aspects of the IT assets in your area of responsibility. You will provide guidance on implementing technical control aspects, achieving compliance with Information Security controls, and ensuring appropriate handling of relevant exceptions. Collaborating closely with the respective Business Functions, you will support the business divisions as well as the CIO in complying with Security Controls. Your key responsibilities will include designing, building, and implementing enterprise-class security systems for a production environment, aligning standards, frameworks, and security with the overall business and technology strategy, identifying and communicating current and emerging security threats, designing security architecture elements to mitigate threats, and creating solutions that balance business requirements with information and cyber security requirements. You will also be responsible for identifying security design gaps, recommending changes or enhancements, writing code, performing testing and debugging of applications, training users, and deriving the IT Security strategy from the overall CISO strategy and translating it into an operational plan for delivery within your area of responsibility. As a Security Architect, you will act as the point of escalation for IT Security issues and exceptions, drive the integration of CISO initiatives, programs, and central solutions, ensure effective communication and implementation of CISO IT Security requirements and decisions, and be responsible for the adoption of centrally mandated Security Solutions and maintenance of technical security documentation and compliance to security controls. You will also be the recognized expert in Information Security Policies and procedures, proactively manage IT audits, plan preparation and remediation, verify remediation concepts for critical and systemic issues, and partner with key stakeholders to act as a mediator and subject matter expert on Information Technology Security topics. To qualify for this role, you must have knowledge of Security architecture, experience in designing and implementing security solutions, expertise in hands-on Servers (Windows, Linux, Unix), Cloud technologies (AWS, Azure), Container Technology, Automation tools like Ansible, and Security considerations of cloud computing. Additionally, you should have hands-on experience in Cyber Technologies such as Encryption, Endpoint Security, Application Security, PKI, Firewalls, SIEM/SOAR tools, Vulnerability Scanning, Systems Hardening, Threat Intelligence, and more. Strong communication skills, critical thinking, analytical skills, leadership abilities, and project management skills are essential for success in this role. Ideally, you should possess a B.Tech./MCA in Computer Science, Computer Engineering, or a related field, along with certifications like CISSP, CISM, or other relevant certifications. Comprehensive knowledge of FFIEC, GDPR, MAS, SOC1/2 will be beneficial for this position.,

Job Purpose/Summary: The Identify Service Line is responsible for identifying, assessing and analyzing all of the cyber threats and vulnerabilities that can affect the Group. This Service Line is composed of three main activities: Cyber Threat Intelligence (CTI) Vulnerability Assessment SandboxingYou will be hierarchically attached to the IT Manager responsible of the CyberSOC team based in India and will daily refer to the Identify Service Line Team Leader based in India and the Identify Service Line Manager based in France. Key Responsibilities: The Cyber Threat Intelligence Analyst will be in charge of delivering these three services: Collect, analyze and exploit customized outputs from our Cyber Threat Intelligence partner and open-source intelligence to anticipate emerging cyber threats and get knowledge on threat actors, tactics, techniques and procedures:- Performs cyber threat hunting on Indicators of Compromise (IoCs) through our security tools (EDR, SIEM, SOAR, etc.) to detect prior compromise.- Ask for blocking IoCs in anticipation in our different security tools (EDR, Antivirus, Proxies, Email Protection solution, etc.). Communicate on vulnerabilities related to the software used in the co. scope. Update on a regular basis our software inventory in the scope of Vulnerability Assessment Service. Analyze on request the maliciousness of packages and files in our sandbox and formalize synthesis. Produce and communicate monthly KPIs on each activity Key Performance Indicators: The Cyber Threat Intelligence Analyst will be in charge of delivering these three services: Collect, analyze and exploit customized outputs from our Cyber Threat Intelligence partner and open-source intelligence to anticipate emerging cyber threats and get knowledge on threat actors, tactics, techniques and procedures:- Performs cyber threat hunting on Indicators of Compromise (IoCs) through our security tools (EDR, SIEM, SOAR, etc.) to detect prior compromise.- Ask for blocking IoCs in anticipation in our different security tools (EDR, Antivirus, Proxies, Email Protection solution, etc.). Communicate on vulnerabilities related to the software used in the Gobains scope. Update on a regular basis our software inventory in the scope of Vulnerability Assessment Service. Analyze on request the maliciousness of packages and files in our sandbox and formalize synthesis. Produce and communicate monthly KPIs on each activity Qualificaton: Bachelors Degree in Computer Engineering, Information Technology or any relevant certifications. Experience in investigating and reporting on cyber-attacks. Ability to demonstrate comprehensive, practical knowledge of research/collection skills and analytic methods. Strong technical skills with an interest in open source intelligence investigations and malware analysis. In-depth knowledge of security tools such as SIEM, IDS/IPS, web proxies, SIEM and firewalls. Team-oriented and skilled in working within a collaborative environment and with other Service Lines. Good sense of priorities and good sense of initiative. Rigorous and autonomous. Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders. Functional Skills/Competencies: Bachelors Degree in Computer Engineering, Information Technology or any relevant certifications. Experience in investigating and reporting on cyber-attacks. Ability to demonstrate comprehensive, practical knowledge of research/collection skills and analytic methods. Strong technical skills with an interest in open source intelligence investigations and malware analysis. In-depth knowledge of security tools such as SIEM, IDS/IPS, web proxies, SIEM and firewalls. Team-oriented and skilled in working within a collaborative environment and with other Service Lines. Good sense of priorities and good sense of initiative. Rigorous and autonomous. Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders. Behavioral Skills/Competencies: Bachelors Degree in Computer Engineering, Information Technology or any relevant certifications. Experience in investigating and reporting on cyber-attacks. Ability to demonstrate comprehensive, practical knowledge of research/collection skills and analytic methods. Strong technical skills with an interest in open source intelligence investigations and malware analysis. In-depth knowledge of security tools such as SIEM, IDS/IPS, web proxies, SIEM and firewalls. Team-oriented and skilled in working within a collaborative environment and with other Service Lines. Good sense of priorities and good sense of initiative. Rigorous and autonomous. Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders. --

The Threat Response Analyst position at Applied Systems, Inc. within the Corporate IT team requires a skilled professional with a background in security threat response activities. As a Threat Response Analyst, you will be responsible for conducting threat response activities, leveraging SIEM tools for security event analysis, and utilizing endpoint detection and response solutions. To qualify for this role, you must hold a BE or BTech degree and have a minimum of 5-6 years of experience, with at least 3 years specifically focused on threat response activities. You should possess a strong working knowledge of security log parsing, networking fundamentals, and information security incident investigation and response skillset. Key responsibilities include using a logging platform for security analytics, contributing to the creation of threat and incident response runbooks, and automating detection, analysis, and response actions using SOAR and platform integrations. Additionally, you will participate in the Security Incident Response Team on-call rotation, collect and analyze threat intelligence reports, and assist in the development of project plans and process documentation. The ideal candidate will be able to author threat intelligence reports based on our security operations team's incidents, analysis, and adversary engagements, as well as analyze event feeds and collected malware for trends and correlations. You will also be responsible for triaging and handling/escalating security events and issues as needed. If you are a proactive individual with a passion for cybersecurity and a desire to contribute to a high-energy, fast-paced environment in Bengaluru, we encourage you to apply for the Threat Response Analyst position at Applied Systems, Inc.,

The Security Operations Centre (SOC) department is seeking a candidate with strong oral and written communication skills. Experience in managing global customers, particularly in the US and Canada, is an advantage. The ideal candidate should be proficient in Incident Management and Response, with in-depth knowledge of security concepts such as cyber-attacks, threat vectors, risk management, and incident management. Strong familiarity with EDR and XDR is preferred. A strong understanding of various security solutions including EDR, XDR, NDR, EPP, Web Security, Firewalls, Email Security, O365, SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset Web Security, AV, UBEA, and Advanced SOC is required. The role involves working in a 24x7 Security Operation Centre (SOC) environment and includes creating, performing, reviewing, and delivering Incident Response playbooks and procedures. The responsibilities also include providing analysis and trending of security log data, threat and vulnerability analysis, security advisory services, and experience with Security Information Event Management (SIEM) tools. Hands-on experience in creating advanced correlation rules and conducting Vulnerability Assessments is a must. The candidate should have experience in threat hunting and forensic investigations. Other tasks and responsibilities may be assigned, including creating and fine-tuning rules, playbooks, etc. Strong knowledge of various operating systems such as Windows, Linux, and Unix, as well as TCP/IP Protocols, network analysis, and common Internet protocols and applications, is essential. Effective communication skills are required for contributing to the development and delivery of various written and visual documents for diverse audiences. Location: Ahmedabad Experience: 3-6 yrs Essential Skills/Certifications: GCFA, GCFE, CISP, CISSP, CCNP, CCIE Security, CEH; CSA If you meet the requirements and possess the essential skills/certifications, please send your CV to careers@eventussecurity.com.,

As a Security Lead at Big Data Exchange (BDX), you will play a crucial role in providing security incident response and readiness within a 24x7 Security Operations Centre supporting the IT Infrastructure and Operations team. Your responsibilities will include managing security incidents, responding to operational incidents, coordinating incident responses, and developing incident response playbooks and procedures. You will be responsible for supporting global vulnerability management processes, conducting regular vulnerability assessments, collaborating with IT teams to implement security patches, and validating updates. Additionally, you will manage the Total Cost of Ownership for security solutions, operate various security tools such as HIDS, NIDS, IPS, analysers, and scanners, and monitor and analyze security tools to identify threats and vulnerabilities. Your role will involve assisting in the identification and evaluation of security threats and vulnerabilities, conducting in-depth analysis of security events, and providing recommendations for mitigation and remediation solutions. You will also be required to participate in industry cyber forums, support audits and reviews, and stay updated on developments in the information security industry. To excel in this role, you should have a proven track record in managing technical resources, relevant information security experience, solid knowledge of cloud technologies, and familiarity with cloud security architecture and operations. You must also possess experience with SecDevOps principles, Security Automation and Orchestration, and industry best-practice approaches to IT systems design and management. Strong communication skills, both written and verbal, are essential for effectively communicating with senior management and technical/non-technical audiences. A relevant University degree in Computer Science, Information Management, or a related field, or equivalent experience is a must. Additionally, holding certifications such as CISSP, CCSP, or other relevant cyber security certifications is advantageous. For this role, essential competencies and behavioral skills include a Bachelor's degree in computer science, at least 10 years of relevant experience in cyber security, knowledge of information technology operation, cyber security assessment, cyber security products, and market best practices and frameworks. Certification in cyber security and project management is desirable for this position. Big Data Exchange (BDX) offers a dynamic environment where you can contribute to the security operations and incident response functions while staying abreast of the latest developments in the information security industry. Join us in our mission to provide mission-critical infrastructure for Enterprise IT workloads and support digital transformations and sustainability.,

You have an exciting opportunity at EthicalHat Cyber Security Pvt. Ltd. as a Security Operations Center Manager. In this role, you will play a crucial part in managing the Security Operations Center (SOC) and ensuring the effective and efficient operation of security processes. Your responsibilities will include directing the functions, processes, and operations of the SOC to maintain compliance with policies and procedures. You will lead the 24/7 operations of the SOC to ensure timely identification and resolution of security incidents, enhancing client security. Additionally, you will manage the SOC team, including shift scheduling, performance monitoring, and process adherence. As the SOC Manager, you will be responsible for managing the collection, documentation, and research of security incidents received via the SOC. You will provide realistic overviews of risks and threats to CISO/Senior Management and develop incident response management programs. Moreover, you will work closely with customers to ensure resolution management and customer satisfaction. Your role will also involve creating reports, dashboards, and metrics for SOC operations, conducting training exercises for staff, and establishing performance goals and priorities. Desired candidates should have at least 4 years of SOC experience and 10+ years of Security Operations management experience. The ideal candidate will possess good knowledge of SIEM concepts and experience with tools such as LogRhythm, Sourcefire, and Cisco AMP. Strong expertise in security operational services, including threat management, cyber investigations, and forensic investigations, is required. Advanced knowledge of information systems security standards and procedures, along with excellent time management and leadership skills, are essential for this role. If you have 8-12 years of relevant experience, excellent communication skills, and a strong understanding of networking and security fundamentals, we encourage you to apply for this challenging position at EthicalHat Cyber Security Pvt. Ltd.,

The role is based in Bengaluru, Kolkata and is a part of Grant Thornton, a global organization with 62,000 people across 135 countries. Grant Thornton LLP is the U.S. member firm of Grant Thornton International Ltd. with revenues exceeding $1.87 billion. Grant Thornton operates 58 offices in the U.S., with 623 partners and over 10,000 employees in the United States and in Bangalore and Kolkata, India. GT INDUS, the in-house offshore center for GT US, based in Bangalore, consists of over 2000 professionals in Tax, Audit, Advisory, Client Services, and Enabling functions. The culture at GT INDUS is focused on empowered people, bold leadership, and distinctive client service. It offers a transparent, competitive, and excellence-driven environment with opportunities for significant contributions and growth. The professionals at GT INDUS are actively involved in community service initiatives. The Cyber Risk Advisory practice at Grant Thornton provides risk management consulting and advisory services to clients. This role involves engagement planning, directing, and completion of Security Framework assessment, GRC Management, Third Party Risk Assessment, and Information Security architectural design. The responsibilities include working on audit engagements from beginning to end, developing and supervising other engagement staff, and assisting in client management and practice development activities. The ideal candidate should have a working knowledge of cybersecurity industry best practices, project management experience, and the ability to communicate security technology issues effectively to clients at all levels. Desired skills for this position include supporting engagement management, fieldwork documentation, training team members, attending professional development sessions, and staying updated on cybersecurity trends and risks. The candidate should hold a Bachelor's and/or Masters degree in Information Technology, Computer Science, or a related field. Preferred certifications include Certified Ethical Hacker (CeH v9 & above), CISSP, OSCP. Grant Thornton INDUS offers various benefits to full-time employees including insurance benefits, wellness programs, parental support, mobility benefits, retirement benefits, and a hybrid work model. Grant Thornton INDUS comprises GT U.S. Shared Services Center India Pvt Ltd and Grant Thornton U.S. Knowledge and Capability Center India Pvt Ltd, supporting the operations of Grant Thornton LLP. Established in 2012, Grant Thornton INDUS employs professionals across disciplines to seamlessly support U.S. engagement teams, increase access to talent, and improve operational efficiencies. The culture at Grant Thornton INDUS is driven by empowered people, bold leadership, and distinctive client service, emphasizing transparency, competitiveness, and excellence.,

Looking for someone who has strong hands-on experience on Security Incident Response,Vulnerability Management,Security tool operation, Threat and Vulnerability Identification. Must have relevant experiencewith design, implementation,management

Looking for someone who has strong hands-on experience on Security Incident Response,Vulnerability Management,Security tool operation, Threat and Vulnerability Identification. Must have relevant experiencewith design, implementation,management

Looking for someone who has strong hands-on experience on Security Incident Response,Vulnerability Management,Security tool operation, Threat and Vulnerability Identification. Must have relevant experiencewith design, implementation,management

Designation Program Lead Threat hunting Work Mode : WFO only Education: University degree in the field of computer science Or IT is preferable. However, any graduate with relevant experience and technical certifications in the domain can be considered for the Vacancy. Desired Experience/Exposure Minimum 10 years of experience in a technical role in the areas of Security Operations, Cyber Incident Response with extensive experience performing Threat hunting on IT Systems, Network and Endpoints. With at least 7 years in threat hunting, incident response, or SOC roles. Proficiency in SIEM platforms (Splunk, Sentinel, QRadar, etc.) XDR and EDR tools (CrowdStrike, Carbon Black, etc.). Experience with scripting (Python, PowerShell, etc.) and automating threat detection or hunting tasks. Strong understanding of Windows, Linux, and network protocols. Familiarity with threat intelligence sources and frameworks (MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Ability to proactively find cybersecurity threats and mitigate them. Knowledge about Advanced persistent threats and treat actors, their TTPs. Ability to recognize attack patterns and corelate them with specific threat actors. Ability to obtain as much information on threat behaviour, goals and methods as possible. Knowledge of Analytics platforms for carrying out detailed analytics of obtained telemetry. Industry Financial Domain (Banking / NBFC experience is desirable) Responsibilities Use Various available Security controls and the telemetry data within to conduct proactive threat hunts using a hypothesis-based approach. Coordinate with various stakeholders to obtain the data as required. Conduct proactive threat hunting across systems, networks, and endpoints using a variety of tools and data sources. Analyse large datasets (logs, packet captures, alerts) to identify anomalies, malicious activity, and Indicators of Compromise (IOCs). Develop and test hunting hypotheses based on threat intelligence, adversary emulation, and red team activities. Collaborate with SOC analysts, incident responders, and threat intelligence teams to improve detection rules and response strategies. Create custom detection logic and fine-tune SIEM/EDR alerts. Provide detailed reports and briefings to stakeholders about findings and mitigation strategies. Continuously improve hunting methodologies, automation, and use of threat hunting frameworks (e.g., MITRE ATT&CK). Stay current on emerging threats, vulnerabilities, and cyber-attack techniques. Identify Risks and Threats based on threat hunts undertaken. Communicate with Senior Management and other stakeholders about the findings and to take necessary actions. Work with Security Operations to take the identified anomalies to a conclusion. Prepare monthly reports on threat hunts and able to showcase ROI of the overall threat hunting program. Certifications Security certifications such as GCFA, GCTI, GCIA, OSCP, CEH, or similar. Experience using threat hunting platforms or custom-built hunting environments. Interested can share resume at neena@neptuneconsultant.com

LTI Mindtree hiring Threat Hunting role. 6 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections Job Location: Pan India Experience: 5 to 8 years If you are ready to embark on a new chapter in your career, kindly share your resume at Muthu.Pandi@ltimindtree.com Please share below details: Contact Number: Preferred time to connect: Total Experience : Relevant Experience : Current Location: Preferred Location: Notice Period: Current CTC: Expected CTC: Reason for job change: Regards, Muthu Pandi HR LTIMindtree

Role & responsibilities Role : Azure Sentinel Experience : 7 to 9 Years Location : Hyderabad Notice Period: Immediate to 15 Days Job Description We are looking for an experienced SOC Engineer (L2/L3) with hands-on expertise in Microsoft Azure Sentinel. The ideal candidate will be responsible for advanced threat detection, incident response, and evaluating AI-generated security analysis outputs. Key Responsibilities: Perform exploratory, simple, and complex data analysis for the alerts on sentinel (e.g., anomaly detection, clustering). Create and review visualizations such as timelines and activity graphs. Generate and validate reports with insights, recommendations, and next steps. Evaluate AI-generated outputs for: Accuracy of insights and structured data. Quality of code and logic. Relevance and real-world applicability. Grade outputs using a predefined rubric and provide feedback. Handle 2030 evaluations per day depending on task complexity.Required Skills: 6-9 years of experience in a SOC environment (L2/L3 level). Strong knowledge of Azure Sentinel and KQL (Kusto Query Language). Experience with threat detection, incident response, and security analytics. Familiarity with data visualization and reporting tools. Ability to assess AI-generated content and provide structured evaluations. Preferred Qualifications:Ai/ML Knowledge and understanding of Python Experience with AI/ML in cybersecurity. Certifications like AZ-500, SC-200, or equivalent

Looking for someone who has strong hands-on experience on Security Incident Response,Vulnerability Management,Security tool operation, Threat and Vulnerability Identification. Must have relevant experiencewith design, implementation,management