Cyber Security Analyst UltraViolet Cyber is seeking a Cyber Security Analyst to add to our existing team. Primary responsibilities will require: (i) in-depth analysis of intrusions in diverse computing environments; (ii) thorough packet analyses; (iii) implementing/optimizing changes to security infrastructure; (iv) integrating threat intelligence into the operational environment; and (v) protecting systems and infrastructure from infiltration or exfiltration of data. Responsibilities: Perform analyses of network infrastructure, applications, operating systems, firewalls, proxy devices and malware detection in a fast-paced environment Proactively identify threats across a wide range of customer environments Monitor alerts using a SIEM platform to respond, triage and escalate incidents, as necessary Perform vulnerability scans, analyze results and recommend remediation actions Perform continuous monitoring of diverse security environments and analyze event log data to determine severity and prioritization of incident response efforts Contribute to the advancement of security posture Minimum Requirements: 2 years of operational experience with securing and monitoring multiple platforms, network configurations and implementations Broad knowledge of IT security General systems infrastructure experience Experience with log correlation and packet analysis tools Solid understanding of common enterprise information systems services such as Active Directory Solid understanding of TCP/IP protocol suite, security architecture and security techniques/products Experience with various security management tools (e.g., vulnerability management, configuration management and SIEM) Proven ability to analyze captured data to perform incident response and identify potential compromises Excellent written and oral communication skills Preferred Education and Certifications: B.A or B.S in computer science or related field CompTia Sec+ CompTia CySa+
Job Description: Experience: 0-1 Years Provide first-level technical support for network-related issues Troubleshoot and resolve basic network issues, ensuring timely resolution Assist with IP addressing tasks and basic IP understanding Collaborate with senior engineers to escalate complex issues and follow up until resolution Ensure effective communication and coordination with customers and internal stakeholders Document and maintain accurate records of customer interactions and technical solutions Stay up-to-date with industry trends and technologies related to network support CCNA certification is preferred but not mandatory Show more Show less
Job Description: Experience: 0-1 Years Provide first-level technical support for network-related issues Troubleshoot and resolve basic network issues, ensuring timely resolution. Assist with IP addressing tasks and basic IP understanding. Collaborate with senior engineers to escalate complex issues and follow up until resolution. Ensure effective communication and coordination with customers and internal stakeholders. Document and maintain accurate records of customer interactions and technical solutions. Stay up-to-date with industry trends and technologies related to network support. CCNA certification is preferred but not mandatory.
Job Description Learn to create automated workflows and scripts to improve security operations and incident response. Develop, test, and implement automation scripts using tools such as Python, PowerShell, and other scripting languages. Gain hands-on experience working with various security tools and platforms (e.g., SIEM, IDS/IPS, firewalls) to integrate and automate processes. Collaborate with Security and IT teams to ensure seamless integration of automation solutions. Assist in automating repetitive tasks in incident detection, investigation, and response to improve efficiency and accuracy. Learn to develop playbooks and automated response actions for common security incidents Stay updated with the latest cybersecurity trends, threats, and automation technologies. Identify opportunities for process improvements and recommend innovative automation solutions. Document automation processes, scripts, and workflows. Strong understanding of cybersecurity principles, threats, and best practices. Familiarity with DevSecOps practices and integrating security into CI/CD pipelines. Knowledge of cloud security and automation in cloud environments (AWS, Azure, GCP)
Job Description Learn to create automated workflows and scripts to improve security operations and incident response. Develop, test, and implement automation scripts using tools such as Python, PowerShell, and other scripting languages. Gain hands-on experience working with various security tools and platforms (e.g., SIEM, IDS/IPS, firewalls) to integrate and automate processes. Collaborate with Security and IT teams to ensure seamless integration of automation solutions. Assist in automating repetitive tasks in incident detection, investigation, and response to improve efficiency and accuracy. Learn to develop playbooks and automated response actions for common security incidents Stay updated with the latest cybersecurity trends, threats, and automation technologies. Identify opportunities for process improvements and recommend innovative automation solutions. Document automation processes, scripts, and workflows. Strong understanding of cybersecurity principles, threats, and best practices. Familiarity with DevSecOps practices and integrating security into CI/CD pipelines. Knowledge of cloud security and automation in cloud environments (AWS, Azure, GCP)
Job description Job Role : EDR Admin --Work From Office Experience : 3 to 6 Yrs Key Skills: End-End management of MS Defender, Hands-on experience with EDR, Defender Antivirus, Strong knowledge of Python, PowerShell or any scripting Notice Period : 0 to 30 days-- Candidates must attend F2F interview in Hyderabad(Weekdays only) Should be willing to work in Rotational shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Overview: We are seeking a proactive and detail-oriented Endpoint Security Engineer to manage and enhance our endpoint protection technologies. This role focuses on deploying, tuning, and monitoring Microsoft Defender products (such as Defender for Endpoint, Defender for Identity, Defender for O365 and Defender Antivirus ) with a strong emphasis on SCCM\Intune platform expertise to ensure comprehensive visibility, compliance, and rapid threat response. Key Responsibilities: Administer, monitor, and optimize Microsoft Defender suite deployments across the enterprise . Serve as an escalation point for complex endpoint and infrastructure-related incidents. Design and manage endpoint detection and response (XDR) policies using Defender for Endpoint. Develop threat-hunting hypotheses and implement new detection logic in Defender XDR. Provide mentorship and guidance to Tier 1/2 SOC analysts. Develop and maintain configuration baselines, health checks, and compliance reporting using Tanium. Investigate and remediate security alerts and endpoint incidents. Collaborate with SOC and IR teams for threat hunting, forensic analysis, and response automation. Document processes, configurations, and incident response procedures. Automate compliance and remediation workflows using PowerShell and Intune configuration profiles. Manage and monitor Microsoft Defender for Office 365 to protect users from phishing, malware, and other threats across Exchange, SharePoint, OneDrive, and Teams. Requirements: 35 years of experience in endpoint security or a related cybersecurity role. Deep knowledge of Microsoft Defender for Endpoint, Defender for Identity, and related Defender XDR tools. Strong experience with Intune platform. Experience with scripting (PowerShell, Python) for automation and remediation. Familiarity with SIEMs (e.g., Splunk, Sentinel) and EDR integrations. Strong analytical and troubleshooting skills.
Job Description: We are seeking a proactive and detail-oriented Endpoint Security Engineer to manage and enhance our endpoint protection technologies. This role focuses on deploying, tuning, and monitoring Microsoft Defender products (such as Defender for Endpoint, Defender for Identity, Defender for O365 and Defender Antivirus ) with a strong emphasis on SCCM\Intune platform expertise to ensure comprehensive visibility, compliance, and rapid threat response. Key Responsibilities: Administer, monitor, and optimize Microsoft Defender suite deployments across the enterprise . Serve as an escalation point for complex endpoint and infrastructure-related incidents. Design and manage endpoint detection and response (XDR) policies using Defender for Endpoint. Develop threat-hunting hypotheses and implement new detection logic in Defender XDR. Provide mentorship and guidance to Tier 1/2 SOC analysts. Develop and maintain configuration baselines, health checks, and compliance reporting using Tanium. Investigate and remediate security alerts and endpoint incidents. Collaborate with SOC and IR teams for threat hunting, forensic analysis, and response automation. Document processes, configurations, and incident response procedures. Automate compliance and remediation workflows using PowerShell and Intune configuration profiles. Manage and monitor Microsoft Defender for Office 365 to protect users from phishing, malware, and other threats across Exchange, SharePoint, OneDrive, and Teams. Requirements: 3–5 years of experience in endpoint security or a related cybersecurity role. Deep knowledge of Microsoft Defender for Endpoint, Defender for Identity, and related Defender XDR tools. Strong Experience With Intune Platform. Experience with scripting (PowerShell,Python) for automation and remediation. Familiarity with SIEMs (e.g., Splunk, Sentinel) and EDR integrations. Strong analytical and troubleshooting skills.
Job Description: We are seeking a proactive and detail-oriented Endpoint Security Engineer to manage and enhance our endpoint protection technologies. This role focuses on deploying, tuning, and monitoring Microsoft Defender products (such as Defender for Endpoint, Defender for Identity, Defender for O365 and Defender Antivirus ) with a strong emphasis on SCCM\Intune platform expertise to ensure comprehensive visibility, compliance, and rapid threat response. Key Responsibilities: Administer, monitor, and optimize Microsoft Defender suite deployments across the enterprise . Serve as an escalation point for complex endpoint and infrastructure-related incidents. Design and manage endpoint detection and response (XDR) policies using Defender for Endpoint. Develop threat-hunting hypotheses and implement new detection logic in Defender XDR. Provide mentorship and guidance to Tier 1/2 SOC analysts. Develop and maintain configuration baselines, health checks, and compliance reporting using Tanium. Investigate and remediate security alerts and endpoint incidents. Collaborate with SOC and IR teams for threat hunting, forensic analysis, and response automation. Document processes, configurations, and incident response procedures. Automate compliance and remediation workflows using PowerShell and Intune configuration profiles. Manage and monitor Microsoft Defender for Office 365 to protect users from phishing, malware, and other threats across Exchange, SharePoint, OneDrive, and Teams. Requirements: 3–5 years of experience in endpoint security or a related cybersecurity role. Deep knowledge of Microsoft Defender for Endpoint, Defender for Identity, and related Defender XDR tools. Strong experience with Intune platform. Experience with scripting (PowerShell,Python) for automation and remediation. Familiarity with SIEMs (e.g., Splunk, Sentinel) and EDR integrations. Strong analytical and troubleshooting skills.
Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms—Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.
Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms—Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.
Job Role : Tanium Administrator Experience : 4 to 8 Yrs Key Skills: Tanium Admin, Scripting, Tanium Modules(Enforce, Threat Response, Comply, Interact, Patch, Deploy, Certificate Manager, Performance, Investigate, and Impact) Notice Period : 0 to 15 days(Must)--Need to come F2F interview in Hyderabad after 1st level interview Should be willing to work in rotational shift Office Address : Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Summary: We are looking for a highly skilled Tanium Platform Engineer with hands-on experience managing and optimizing a wide range of Tanium modules, including Enforce, Threat Response, Comply, Interact, Patch, Deploy, Certificate Manager, Performance, Investigate, and Impact . The ideal candidate will have a strong scripting background (PowerShell, Python, Shell, and VBS) and the ability to automate, orchestrate, and scale endpoint security and operations across a global enterprise environment. Key Responsibilities: Manage, administer, and optimize Tanium modules, including but not limited to: Enforce : Configure and apply security baselines and policies. Threat Response & Investigate : Conduct real-time threat hunting, forensics, and incident response. Comply : Monitor and report endpoint compliance against CIS, NIST, and custom baselines. Patch & Deploy : Design and execute patch deployment strategies and software rollouts. Certificate Manager : Track, manage, and alert on endpoint certificates across the enterprise. Performance & Impact : Monitor and analyze endpoint performance metrics and operational impact. Interact : Build and optimize Tanium sensors, packages, and saved questions for visibility and control. Develop custom Tanium content (sensors, packages, dashboards) tailored to business and security requirements. Automate endpoint management tasks using PowerShell, Python, Shell, or VBScripts. Integrate Tanium with other tools (SIEMs, ITSM platforms, configuration management, XDR tools). Collaborate with security, infrastructure, and endpoint teams to support compliance, incident response, and operational efficiency. Provide documentation, training, and knowledge transfer to stakeholders and internal teams. Support lifecycle upgrades and health of Tanium infrastructure and endpoints. Required Qualifications: 4+ years of experience in IT security or endpoint management, with at least 3 years of direct Tanium platform experience. Deep knowledge and hands-on experience with multiple Tanium modules listed above. Proficiency in scripting languages: PowerShell, Python, Shell (Bash), and VBScript. Strong experience building and maintaining custom sensors, packages, and scheduled actions in Tanium. Familiarity with endpoint hardening standards, vulnerability management practices, and threat hunting methodologies. Experience with enterprise OS platforms (Windows, macOS, Linux). Excellent troubleshooting, documentation, and collaboration skills. Preferred Qualifications: Experience with Microsoft Defender for Endpoint and integration with Tanium. Familiarity with Intune, SCCM, JAMF, or other endpoint management platforms. Experience integrating Tanium with ServiceNow, or Sentinel. Tanium Certified Operator or Tanium Certified Administrator certification.
You are a hands-on and motivated OT Security Analyst with approximately 3 years of experience in securing Operational Technology (OT) and Industrial Control Systems (ICS) environments. In this role, you will be instrumental in supporting the implementation and enhancement of the manufacturing security program, contributing to the development of OT security strategies, assisting in the deployment of security controls, and collaborating with various teams to bolster the OT security posture. Your responsibilities will include implementing and supporting security controls for a range of OT assets such as PLCs, HMIs, SCADA systems, and RTUs. You will conduct risk assessments, define segmentation strategies, and assist in establishing OT security baselines. Utilizing OT security tools like Claroty, Nozomi, Armis, or Tenable.ot, you will monitor and safeguard industrial networks. Collaboration with plant operations, engineering teams, and OT vendors will be crucial for ensuring secure implementation and ongoing support. Additionally, you will contribute to SIEM log integration, alert triage, and incident investigations pertaining to OT systems. Furthermore, you will actively participate in tasks related to network segmentation, firewall configuration, and passive traffic monitoring within OT environments. Your role will involve contributing to the creation of documentation, playbooks, and process enhancements for OT security operations. To excel in this position, you should possess at least 3 years of experience in OT/ICS cybersecurity or related roles. A strong understanding of ICS protocols such as Modbus, DNP3, and OPC is essential. Experience working with industrial devices and systems like PLCs, SCADA, RTUs, and robotic automation will be beneficial. Familiarity with OT-specific risks and the unique challenges of industrial environments is required. Proficiency in OT security tools like Claroty, Nozomi, Armis, and Tenable.ot is preferred. You should also have a working knowledge of SIEM tools, firewalls, and network segmentation within OT setups. Effective communication skills and the ability to collaborate with multidisciplinary teams are essential for success in this role. Preferred qualifications include certifications like GICSP, GRID, IEC 62443, or other OT security credentials. Familiarity with cybersecurity frameworks such as NIST CSF, IEC 62443, or related standards is advantageous. Experience in the manufacturing or industrial sectors is considered a plus.,
Experience: 3 to 6 years Roles And Responsibilities Overview: We are seeking a motivated and technically skilled Cloud Security Engineering Analyst with at least 3 years of experience in AWS Cloud Security. The role involves leading the design, testing, deployment, and compliance validation of AWS security policies and controls. You will be responsible for integrating cloud-native and custom guardrails, performing risk assessments, managing policy exceptions, and collaborating with cross-functional teams to enforce security-by-default principles. This position requires a strong understanding of AWS-native security services and the ability to develop scalable policy enforcement strategies across multiple accounts. Key Responsibilities: Design, develop, and deploy custom and AWS-native security policies (e.g., SCPs, IAM policies, AWS Config Rules) across AWS accounts Perform pre-deployment compliance assessments and identify non-compliant configurations in AWS environments Collaborate with application and infrastructure teams to remediate misconfigurations and implement secure-by-design practices Validate and monitor policy effectiveness post-deployment using tools like AWS Config, Security Hub, CloudTrail, and GuardDuty Own and manage the AWS policy exemption workflow — review exception requests, conduct risk assessments, and track approvals Maintain detailed documentation on policy changes, enforcement status, and exception decisions Participate in tool evaluations and implementations that support cloud security posture management and automation Support continuous improvement of cloud security posture through quarterly reviews, metrics, and tuning recommendations Required Qualifications: Minimum 3 years of hands-on experience in AWS cloud security or policy enforcement Strong working knowledge of AWS security services: IAM, SCPs, AWS Config, Security Hub, CloudTrail, GuardDuty, KMS, etc Experience with cloud compliance standards (e.g., CIS AWS Foundations Benchmark, NIST, ISO 27001, HIPAA) Proficient in writing and troubleshooting IAM policies, JSON/YAML templates, Lambda functions, and scripting (Python/Bash) Familiarity with DevSecOps practices and Infrastructure as Code (IaC) tools such as Terraform or CloudFormation Preferred Certifications: AWS Certified Security – Specialty AWS Certified Solutions Architect – Associate or Professional Soft Skills: Excellent communication and stakeholder collaboration skills Strong analytical thinking and problem-solving abilities Ability to manage multiple tasks and priorities in a fast-paced environment
FIND ON MAP