26 Virustotal Jobs

Cyber Security Senior Analyst - HIH - Evernorth – Threat Intelligence Position Summary: Cigna Information Protection is looking for a Cyber Threat Intelligence Senior Analyst –to identify threats to Cigna, its subsidiaries, and the healthcare industry. The goal of the Threat Researcher is to uncover new and novel threats, track threat actors’ operations against Cigna, and collaborate with internal teams to counter threats. As a Threat Analyst you will identify adversary tactics, techniques, and procedures (TTP), malware, and other threats in various log data and in external repositories. You will identify and track adversary infrastructure, malware, and delivery mechanisms of concern to Cigna. Experience Required: Total 3-5 years of experience in cybersecurity, security operations center, incident response threat intelligence, threat hunting, or reverse engineering malware. 3+ years of experience using an adversary threat framework (e.g. Mitre ATT&CK) 3+ years of experience analyzing cyber threat attack scenarios. 3+ years of experience automating and/or scripting with Python, other language. Background in intelligence analysis and threat intelligence. 3+ years of experience tracking threat actor infrastructure using tools like Shodan, VirusTotal, etc GCTI, SEC+, CYSA, or similar Cyber Security or Incident Response Certifications Job Description & Responsibilities : Develop, document, and execute threat research in collaboration with internal intelligence and hunting teams to identify adversaries and their behaviors, including new/emerging tactics. Identify and track adversary infrastructure, malware, and delivery mechanisms of concern to Cigna. Learn and understand the threat environment of Cigna. Experience in analyst, complex problem solving and critical thinking. Conduct research that yields new insights, theories, analyses, data, algorithms, and prototypes that advance state-of-the-art of controls, detections, monitoring, and investigation/hunting capabilities or leads to improvements to the protection capabilities of our products and services. Present threat landscape briefings and finished intelligence products. Innovate processes, create strategies, develop automation or tools and work with partner teams to promote efficiency for hunters and investigators. Collaborate with internal Threat Hunting team to share insights and findings to find threats internal to the Cigna environment. Identify and collaborate on response to advanced threats, actor techniques, anomalous or suspicious activity, combined with intelligence, to identify potential and active risks to systems and data or to major incidents affecting the enterprise and cloud’s infrastructure. Education and Training Required: A degree (Bachelor’s Degree preferred) from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; OR Education and / or experience which is equivalent to the above Primary Skills: Deep understanding of cyber attacks, threat actor tactics, techniques, & malware types. Strong analytical and investigative mindset. Firm understanding of MITRE framework. Work well with objective-based tasks and ability to identify opportunities for research tasks. Strong communication skills, both written and oral. Ability to self-identify opportunities Thorough knowledge of operating systems, networking, and host analysis. Additional Skills: Ability to work effectively in a team-oriented environment and collaborate with cross-functional teams Flexibility to adapt to evolving security challenges and stay current with emerging threats About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Cyber Security Lead Analyst - HIH - Evernorth – Threat Intelligence Position Summary: Cigna Information Protection is looking for a Cyber Threat Intelligence Lead Analyst –to identify threats to Cigna, its subsidiaries, and the healthcare industry. The goal of the Threat Researcher is to uncover new and novel threats, track threat actors’ operations against Cigna, and collaborate with internal teams to counter threats. As a Threat Analyst you will identify adversary tactics, techniques, and procedures (TTP), malware, and other threats in various log data and in external repositories. You will identify and track adversary infrastructure, malware, and delivery mechanisms of concern to Cigna. Experience Required: 5 - 8 years of experience in cybersecurity, security operations center, incident response threat intelligence, threat hunting, or reverse engineering malware. 3+ years of experience using an adversary threat framework (e.g. Mitre ATT&CK) 3+ years of experience analyzing cyber threat attack scenarios. 3+ years of experience automating and/or scripting with Python, or other language. Background in intelligence analysis and threat intelligence. 3+ years of experience tracking threat actor infrastructure using tools like Shodan, VirusTotal, etc GCTI, SEC+, CYSA, or similar Cyber Security or Incident Response Certifications Job Description & Responsibilities : Develop, document, and execute threat research in collaboration with internal intelligence and hunting teams to identify adversaries and their behaviors, including new/emerging tactics. Identify and track adversary infrastructure, malware, and delivery mechanisms of concern to Cigna. Learn and understand the threat environment of Cigna. Experience in analyst, complex problem solving and critical thinking. Conduct research that yields new insights, theories, analyses, data, algorithms, and prototypes that advance state-of-the-art of controls, detections, monitoring, and investigation/hunting capabilities or leads to improvements to the protection capabilities of our products and services. Present threat landscape briefings and finished intelligence products. Innovate processes, create strategies, develop automation or tools and work with partner teams to promote efficiency for hunters and investigators. Collaborate with internal Threat Hunting team to share insights and findings to find threats internal to the Cigna environment. Identify and collaborate on response to advanced threats, actor techniques, anomalous or suspicious activity, combined with intelligence, to identify potential and active risks to systems and data or to major incidents affecting the enterprise and cloud’s infrastructure. Education and Training Required: A degree (Bachelor’s Degree preferred) from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; OR Education and / or experience which is equivalent to the above Primary Skills: Deep understanding of cyber attacks, threat actor tactics, techniques, & malware types. Strong analytical and investigative mindset. Firm understanding of MITRE framework. Work well with objective-based tasks and ability to identify opportunities for research tasks. Strong communication skills, both written and oral. Ability to self-identify opportunities Thorough knowledge of operating systems, networking, and host analysis. Additional Skills: Ability to work effectively in a team-oriented environment and collaborate with cross-functional teams Flexibility to adapt to evolving security challenges and stay current with emerging threats About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

– Threat Intelligence Position Summary Cigna Information Protection is looking for a Cyber Threat Intelligence Senior Analyst –to identify threats to Cigna, its subsidiaries, and the healthcare industry. The goal of the Threat Researcher is to uncover new and novel threats, track threat actors’ operations against Cigna, and collaborate with internal teams to counter threats. As a Threat Analyst you will identify adversary tactics, techniques, and procedures (TTP), malware, and other threats in various log data and in external repositories. You will identify and track adversary infrastructure, malware, and delivery mechanisms of concern to Cigna. Experience Required Total 3-5 years of experience in cybersecurity, security operations center, incident response threat intelligence, threat hunting, or reverse engineering malware. 3+ years of experience using an adversary threat framework (e.g. Mitre ATT&CK) 3+ years of experience analyzing cyber threat attack scenarios. 3+ years of experience automating and/or scripting with Python, other language. Background in intelligence analysis and threat intelligence. 3+ years of experience tracking threat actor infrastructure using tools like Shodan, VirusTotal, etc GCTI, SEC+, CYSA, or similar Cyber Security or Incident Response Certifications Job Description & Responsibilities Develop, document, and execute threat research in collaboration with internal intelligence and hunting teams to identify adversaries and their behaviors, including new/emerging tactics. Identify and track adversary infrastructure, malware, and delivery mechanisms of concern to Cigna. Learn and understand the threat environment of Cigna. Experience in analyst, complex problem solving and critical thinking. Conduct research that yields new insights, theories, analyses, data, algorithms, and prototypes that advance state-of-the-art of controls, detections, monitoring, and investigation/hunting capabilities or leads to improvements to the protection capabilities of our products and services. Present threat landscape briefings and finished intelligence products. Innovate processes, create strategies, develop automation or tools and work with partner teams to promote efficiency for hunters and investigators. Collaborate with internal Threat Hunting team to share insights and findings to find threats internal to the Cigna environment. Identify and collaborate on response to advanced threats, actor techniques, anomalous or suspicious activity, combined with intelligence, to identify potential and active risks to systems and data or to major incidents affecting the enterprise and cloud’s infrastructure. Education And Training Required A degree (Bachelor’s Degree preferred) from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the particular position; OR Education and / or experience which is equivalent to the above Primary Skills Deep understanding of cyber attacks, threat actor tactics, techniques, & malware types. Strong analytical and investigative mindset. Firm understanding of MITRE framework. Work well with objective-based tasks and ability to identify opportunities for research tasks. Strong communication skills, both written and oral. Ability to self-identify opportunities Thorough knowledge of operating systems, networking, and host analysis. Additional Skills Ability to work effectively in a team-oriented environment and collaborate with cross-functional teams Flexibility to adapt to evolving security challenges and stay current with emerging threats About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Ankura is a team of excellence founded on innovation and growth. Location: Conditional Remote / Gurgaon Hours: 40 hours a week Reporting: Director - Threat Detection Operations (TDO) Duties include providing On-Job Training to fellow Senior Analysts and Analysts, continuous monitoring of Security Information Event Management (SIEM), EDR, XDR and related platforms for correlated events and alerts and working with the client to take action. Senior Analysts leverage events to determine the impact, document possible causes, and provide useful information to clients. A deep understanding of various commercial and open-source network sensors, intrusion detection systems, and event log correlation engines is required as senior analysts are expected to deliver enhanced threat awareness and knowledge through research and continuous improvement of use cases, signatures, and metrics. Expected to help automate anomaly detection and alerting while documenting security incidents, processes, investigations, and remediation efforts. Senior Analysts are also expected to maintain open communication and visibility with their team members, Directors, and Clients. Usually, employees will be permitted to work remotely in the current operational setup however that setup may change based on company and/or business needs, with or without notice. It may also be considered a conditional privilege as the employees are personally responsible to maintain uninterrupted availability and communication via all official channels throughout their designated shifts. If the employee's performance cannot be satisfactorily ascertained by their manager or the employee is unable to adapt to work without disturbance, they may be called upon to work out of the company’s office. CAPABILITIES Knowledge of IR process, ticketing tools, Knowledgeable in various IR response commands related to Windows, Linux Strong knowledge on advanced attack techniques related to Endpoints and servers, Threat hunting using EDR/XDR. Experience in handling latest attack techniques LOLBAS, fileless malware etc. Experience in monitor globally emerging threats, vulnerabilities, malicious activities etc. research about the same and reports to concerned teams and management for proactive actions. Must have knowledge of various OSINT tools: VirusTotal, Cisco Talos Intelligence, IBM X-force Exchange, URL.io etc. during the investigation of security alerts. Capable to handle a team of L1 analysts, impart training etc Must have experience of Vulnerability management to identify emerging risks in organization's environment using Qualys, Nessus, MS-Defender etc Knowledgeable about Automation and SOAR Must have the necessary experience to conduct initial triage and in depth analysis of security events and incidents; determine the priority, criticality, and impact; facilitate communication within the client's SOC, escalate to the for containment and remediation, and document/journal progress throughout the Incident Response Lifecycle within the respective service level objectives. Required to have experience in conducting research analysis and data gathering requirements to present in a report format. Should be detail-oriented and able to work independently and communicate effectively both verbally and in writing.Must be flexible enough to work in a 24x7 rotational shift setup, including overnight, weekend, and national holidays. TECHNICAL Emerging SIEM/XDR such as MS Azure Sentinel, SentinelOne Experience with security tools: Nessus, Burpsuite, Acunetix, Kali Linux Strong knowledge on XDR tools such as Sentinel One, Cortex, CrowdStrike, Microsoft etc Understanding of KQL, Lucene, Python, and/or other similar programming/query/scripting languages Proficient in finetuning detection rules of XDR, creation of SOPs, Playbooks for various scenarios and techniques EDUCATION, EXPERINCE, TRAINING & CERTIFICATIONS Minimum Experince in SOC/IR/VM 4 yrs plus Preferred to have a degree in CS/IT or a Masters's Diploma in the field of IT Security. Certifications such as CEH, Security+ CHFI,ACE, and specific to vendor XDR tools SentinelOne cortex, Microsoft CrowdStrike etc COMMUNICATION Comfortable working in a remote work environment including web-based team management and collaboration applications, and time-keeping systems e.g. Slack, Microsoft Teams, Intapp, and Workday. Ability to communicate complex ideas effectively, both verbally and in writing in English and the local office language(s) Able to provide reports showing progress or achievement of assigned goals and responsibilities as required. Must be an active listener and ask questions of others when clarity is needed Ability to gain an understanding of client needs and apply analytic reasoning Demonstrates proactive engagement in meetings and process discussions KEY PERFORMANCE INDICATORS Analyze client networks for threats using analytical platforms for event monitoring such as NSM, SIEM, UEBA, ETDR. Deliver client reports based on analyses that are timely, high quality, and accurate. Understand and support incident response and triage Improve reporting to avoid ‘analysis paralysis’. Develop new skills within analytical platforms INDIVIDUAL & TEAMWORK Must be able to effortlessly switch between independent and team-based work Understands that the work product is dependent on team efforts and remains responsive to internal and external deadlines Able to share expertise and experience with team members to encourage growth and shared success Able to maintain focus and attention to detail for sustained periods of time Engaged in supporting the development and growth of all team members GROWTH MINDSET Can receive and provide feedback in a constructive manner that leads to the growth of self and others. Displays perseverance of effort and passion for a long-term goal and end state. Works well under timelines and puts in extra effort as required to meet timelines. Self-motivated to identify areas for team & process improvement and collaborate with others to develop creative solutions LEADERSHIP TRAITS Willing to adapt leadership skills to support larger and more complex projects. Work product for self and team is consistently of excellent quality and efficiency. Respectful and professional in all interactions with team members, clients, and colleagues. Maintains composure and calm disposition under high-pressure or stressful circumstances. #LI-JK1 Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

Ankura is a team of excellence founded on innovation and growth. Location: Conditional Remote / Gurgaon Hours: 40 hours a week Reporting: Director - Threat Detection Operations (TDO) Duties include providing On-Job Training to fellow Senior Analysts and Analysts, continuous monitoring of Security Information Event Management (SIEM), EDR, XDR and related platforms for correlated events and alerts and working with the client to take action. Senior Analysts leverage events to determine the impact, document possible causes, and provide useful information to clients. A deep understanding of various commercial and open-source network sensors, intrusion detection systems, and event log correlation engines is required as senior analysts are expected to deliver enhanced threat awareness and knowledge through research and continuous improvement of use cases, signatures, and metrics. Expected to help automate anomaly detection and alerting while documenting security incidents, processes, investigations, and remediation efforts. Senior Analysts are also expected to maintain open communication and visibility with their team members, Directors, and Clients. Usually, employees will be permitted to work remotely in the current operational setup however that setup may change based on company and/or business needs, with or without notice. It may also be considered a conditional privilege as the employees are personally responsible to maintain uninterrupted availability and communication via all official channels throughout their designated shifts. If the employee's performance cannot be satisfactorily ascertained by their manager or the employee is unable to adapt to work without disturbance, they may be called upon to work out of the company’s office. Capabilities Knowledge of IR process, ticketing tools, Knowledgeable in various IR response commands related to Windows, Linux Strong knowledge on advanced attack techniques related to Endpoints and servers, Threat hunting using EDR/XDR. Experience in handling latest attack techniques LOLBAS, fileless malware etc. Experience in monitor globally emerging threats, vulnerabilities, malicious activities etc. research about the same and reports to concerned teams and management for proactive actions. Must have knowledge of various OSINT tools: VirusTotal, Cisco Talos Intelligence, IBM X-force Exchange, URL.io etc. during the investigation of security alerts. Capable to handle a team of L1 analysts, impart training etc Must have experience of Vulnerability management to identify emerging risks in organization's environment using Qualys, Nessus, MS-Defender etc Knowledgeable about Automation and SOAR Must have the necessary experience to conduct initial triage and in depth analysis of security events and incidents; determine the priority, criticality, and impact; facilitate communication within the client's SOC, escalate to the for containment and remediation, and document/journal progress throughout the Incident Response Lifecycle within the respective service level objectives. Required to have experience in conducting research analysis and data gathering requirements to present in a report format. Should be detail-oriented and able to work independently and communicate effectively both verbally and in writing.Must be flexible enough to work in a 24x7 rotational shift setup, including overnight, weekend, and national holidays. TECHNICAL Emerging SIEM/XDR such as MS Azure Sentinel, SentinelOne Experience with security tools: Nessus, Burpsuite, Acunetix, Kali Linux Strong knowledge on XDR tools such as Sentinel One, Cortex, CrowdStrike, Microsoft etc Understanding of KQL, Lucene, Python, and/or other similar programming/query/scripting languages Proficient in finetuning detection rules of XDR, creation of SOPs, Playbooks for various scenarios and techniques EDUCATION, EXPERINCE, TRAINING & CERTIFICATIONS Minimum Experince in SOC/IR/VM 4 yrs plus Preferred to have a degree in CS/IT or a Masters's Diploma in the field of IT Security. Certifications such as CEH, Security+ CHFI,ACE, and specific to vendor XDR tools SentinelOne cortex, Microsoft CrowdStrike etc COMMUNICATION Comfortable working in a remote work environment including web-based team management and collaboration applications, and time-keeping systems e.g. Slack, Microsoft Teams, Intapp, and Workday. Ability to communicate complex ideas effectively, both verbally and in writing in English and the local office language(s) Able to provide reports showing progress or achievement of assigned goals and responsibilities as required. Must be an active listener and ask questions of others when clarity is needed Ability to gain an understanding of client needs and apply analytic reasoning Demonstrates proactive engagement in meetings and process discussions KEY PERFORMANCE INDICATORS Analyze client networks for threats using analytical platforms for event monitoring such as NSM, SIEM, UEBA, ETDR. Deliver client reports based on analyses that are timely, high quality, and accurate. Understand and support incident response and triage Improve reporting to avoid ‘analysis paralysis’. Develop new skills within analytical platforms INDIVIDUAL & TEAMWORK Must be able to effortlessly switch between independent and team-based work Understands that the work product is dependent on team efforts and remains responsive to internal and external deadlines Able to share expertise and experience with team members to encourage growth and shared success Able to maintain focus and attention to detail for sustained periods of time Engaged in supporting the development and growth of all team members GROWTH MINDSET Can receive and provide feedback in a constructive manner that leads to the growth of self and others. Displays perseverance of effort and passion for a long-term goal and end state. Works well under timelines and puts in extra effort as required to meet timelines. Self-motivated to identify areas for team & process improvement and collaborate with others to develop creative solutions LEADERSHIP TRAITS Willing to adapt leadership skills to support larger and more complex projects. Work product for self and team is consistently of excellent quality and efficiency. Respectful and professional in all interactions with team members, clients, and colleagues. Maintains composure and calm disposition under high-pressure or stressful circumstances. Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms—Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.

Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms—Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.

Location: Gurgaon (Work from Office) Looking for Immediate joiners only Required Technical Skills & Experience: Experience: 7+ years in cybersecurity, with at least 3 years in a SOC leadership role . SIEM & Log Analytics: XSIAM, ArcSight, Splunk, Elastic Stack (ELK), QRadar, Microsoft Sentinel Threat Intelligence: MITRE ATT&CK, Cyber Kill Chain, MISP, STIX/TAXII. Incident Response & Forensics: Volatility, Wireshark, FTK, EnCase, Sleuth Kit, YARA. Endpoint Security & EDR/XDR: CrowdStrike Falcon, Microsoft Defender, Palo Alto XDR, SentinelOne, Carbon Black. Cloud Security: AWS GuardDuty, Azure Security Center, Google Chronicle, CSPM, CNAPP. Compliance & Risk: NIST 800-53, ISO 27001, PCI-DSS, SOC2, GDPR, CIS Benchmarks. Key Responsibilities: SOC Operations & Security Monitoring Lead and manage the 24/7 Security Operations Center (SOC) , ensuring continuous threat detection and response . Working extensively on SIEM (XSIAM. Arcsight, Splunk, QRadar, ELK, Sentinel, etc.) and other security monitoring tools. Oversee 24/7 monitoring of security events and alerts. Ensure effective use of SIEM (Security Information and Event Management) tools. Prioritize, analyze, and manage security incidents. Improve threat intelligence capabilities and integrate with threat intelligence feeds. Continuously optimize detection rules, correlation logic, and security alerts to minimize false positives and improve response times. Incident Response & Management Develop and enforce incident response plans (IRPs) . Ensure timely response to cyber threats, minimizing impact. Coordinate with stakeholders during major incidents. Conduct post-incident analysis and lessons learned exercises. EDR/XDR (Endpoint Detection & Response / Extended Detection & Response) CrowdStrike Falcon – AI-powered threat detection with real-time response. Palo Alto XDR – Extended Detection and Response. Microsoft Defender for Endpoint – Integrated with Azure security solutions. – Behavioral AI-driven endpoint protection. Carbon Black (VMware) – Next-gen EDR with cloud analytics. Sophos Intercept X – Machine-learning-based ransomware prevention. Threat Intelligence Platforms (TIP) Recorded Future – AI-driven threat intelligence analysis. MISP (Malware Information Sharing Platform) – Open-source threat sharing platform. Flashpoint Threat Intel Outseer AFCC ( Previously RSA) IBM X-Force Exchange – Intelligence-sharing with global threat data. Anomali ThreatStream – Automated threat intelligence processing. VirusTotal Enterprise – File and URL malware scanning with shared intelligence. Compliance & Reporting Ensure compliance with security frameworks (ISO 27001, NIST, GDPR, etc.). Maintain accurate security logs and reports for audits. Prepare executive-level reports on security incidents and risk posture.

Relevant Experience: 0 -2 years About The Role We are seeking a Junior Security Analyst with a keen interest in malware analysis, software safety, and secure application delivery. You will assist in the validation and vetting of third-party applications and patches to ensure only safe, trusted content is distributed via our MDM platform. You’ll gain hands-on experience in a sandboxed analysis environment and grow under the mentorship of senior team members. Key Responsibilities Assist in analyzing third-party Windows apps and software patches for safety, authenticity, and compliance. Operate sandbox environments to observe application behavior and report findings. Support malware scanning, threat assessment, and signature validation workflows. Help document analysis results and generate reports for internal approvals. Perform basic reverse engineering tasks and learn malware behavior patterns under guidance. Work closely with the security and product teams to ensure timely and secure app onboarding. Keep up-to-date with the latest malware threats, vulnerabilities, and security advisories. Qualifications 0–2 years of experience in cybersecurity or a related field (internships or personal projects are a plus). Foundational understanding of malware types, threat vectors, and software vulnerabilities. Basic knowledge of Windows operating system internals and executable formats. Familiarity with tools like Wireshark, Process Monitor, VirusTotal, or Cuckoo Sandbox. Enthusiasm to learn malware analysis and reverse engineering. Comfortable with scripting or automation in Python, PowerShell, or Bash. A degree in Computer Science, Cybersecurity, or a related field (or equivalent experience). Certifications like Security+, GSEC, or a desire to pursue malware analysis certifications are a plus. Apply Name Email Address Phone Number Upload Resume Drag & Drop Files Here or Browse Files 0 of 1 File name should contain "A-B a-b 0-9 () -".File type: PDF, Maximum file size: 2MB, If you encounter any difficulties with uploading your resume, please feel free to email it to us at jobs@42gears.com. I hereby acknowledge that I have read and understood the 42Gears Applicant Privacy Policy, and agree to 42Gears' use of my personal data in accordance with the Applicant Privacy Notice. Δ

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Description: Cyber Threat Intelligence Analyst Position Overview : We are seeking a highly skilled and experienced Senior Cyber Threat Intelligence Analyst to join our cybersecurity team. The ideal candidate will have a strong background in threat intelligence monitoring, report writing, and the use of various threat intelligence platforms. This role requires a proactive individual who can develop and sustain custom threat intelligence feeds, integrate them into SIEMs, and provide in-depth reporting tailored to client needs. The candidate must be comfortable working in the EST timezone (evening shift for overlap with onshore/client team ) and be on-call for high-priority urgent tasks. Key Responsibilities: Monitor and analyze threat intelligence using tools such as ZeroFox, Recorded Future, Digital Shadows, or similar platforms. Write comprehensive and technical cybersecurity reports with strong attention to detail. Utilize OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search for threat intelligence gathering. Develop, sustain, and enrich custom threat intelligence feeds using platforms like MISP, with scripting in Python, Azure, and Linux. Manage threat intelligence feeds using platforms such as Anomali, ThreatQ, Cyble, Cyware, OpenCTI, and MISP. Integrate threat intelligence feeds into common SIEMs, particularly Microsoft Sentinel. Execute domain and social media account takedowns as necessary. Create custom, in-depth reports specific to client requirements. Apply knowledge of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain in threat analysis. Utilize Excel and/or Power BI for data visualization and graph creation. Experience with excel data cleansing, VLookups, Pivot Tables Prepare and deliver PowerPoint presentations and reports to stakeholders. Maintain strong verbal and written communication skills in English. Work independently under pressure and prioritize tasks effectively. Be available for on-call duties for high-priority urgent tasks. Collaborate with Managed Security Service Providers (MSSPs) for backend and client-facing work. Qualifications : Minimum of 2 years of experience with threat intelligence monitoring tools. At least 1 year of experience in threat intelligence report writing. Proficiency with OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search. Experience with scripting in Python, Azure, and Linux. Familiarity with one or more threat intelligence platforms for feed management. Experience integrating threat intelligence feeds into SIEMs, especially Microsoft Sentinel. Proven experience with domain and social media account takedowns. Strong understanding of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain. Excellent English writing skills. Proficiency in Excel and/or Power BI for data visualization. Strong experience with PowerPoint presentations and reporting. Strong verbal English and presentation skills. Cybersecurity certifications (e.g., COMPTIA, SANS GIAC, ISC, EC-Council) are a plus. Certifications specific to cyber threat intelligence are an asset. Ability to work in the EST timezone (evening shift for overlap with onshore/client team ). Strong analytical skills and ability to prioritize tasks effectively. Experience working with MSSPs for backend and client-facing work. Preferred Skills: Experience with additional threat intelligence platforms. Advanced technical writing and reporting skills. Strong analytical and problem-solving abilities. Ability to work independently and as part of a team. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Description: Cyber Threat Intelligence Analyst Position Overview : We are seeking a highly skilled and experienced Senior Cyber Threat Intelligence Analyst to join our cybersecurity team. The ideal candidate will have a strong background in threat intelligence monitoring, report writing, and the use of various threat intelligence platforms. This role requires a proactive individual who can develop and sustain custom threat intelligence feeds, integrate them into SIEMs, and provide in-depth reporting tailored to client needs. The candidate must be comfortable working in the EST timezone (evening shift for overlap with onshore/client team ) and be on-call for high-priority urgent tasks. Key Responsibilities: Monitor and analyze threat intelligence using tools such as ZeroFox, Recorded Future, Digital Shadows, or similar platforms. Write comprehensive and technical cybersecurity reports with strong attention to detail. Utilize OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search for threat intelligence gathering. Develop, sustain, and enrich custom threat intelligence feeds using platforms like MISP, with scripting in Python, Azure, and Linux. Manage threat intelligence feeds using platforms such as Anomali, ThreatQ, Cyble, Cyware, OpenCTI, and MISP. Integrate threat intelligence feeds into common SIEMs, particularly Microsoft Sentinel. Execute domain and social media account takedowns as necessary. Create custom, in-depth reports specific to client requirements. Apply knowledge of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain in threat analysis. Utilize Excel and/or Power BI for data visualization and graph creation. Experience with excel data cleansing, VLookups, Pivot Tables Prepare and deliver PowerPoint presentations and reports to stakeholders. Maintain strong verbal and written communication skills in English. Work independently under pressure and prioritize tasks effectively. Be available for on-call duties for high-priority urgent tasks. Collaborate with Managed Security Service Providers (MSSPs) for backend and client-facing work. Qualifications : Minimum of 2 years of experience with threat intelligence monitoring tools. At least 1 year of experience in threat intelligence report writing. Proficiency with OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search. Experience with scripting in Python, Azure, and Linux. Familiarity with one or more threat intelligence platforms for feed management. Experience integrating threat intelligence feeds into SIEMs, especially Microsoft Sentinel. Proven experience with domain and social media account takedowns. Strong understanding of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain. Excellent English writing skills. Proficiency in Excel and/or Power BI for data visualization. Strong experience with PowerPoint presentations and reporting. Strong verbal English and presentation skills. Cybersecurity certifications (e.g., COMPTIA, SANS GIAC, ISC, EC-Council) are a plus. Certifications specific to cyber threat intelligence are an asset. Ability to work in the EST timezone (evening shift for overlap with onshore/client team ). Strong analytical skills and ability to prioritize tasks effectively. Experience working with MSSPs for backend and client-facing work. Preferred Skills: Experience with additional threat intelligence platforms. Advanced technical writing and reporting skills. Strong analytical and problem-solving abilities. Ability to work independently and as part of a team. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

We are looking to onboard a freelance SOC Analyst on a project basis to support our growing Security Operations Center (SOC) initiatives. This role will be essential in helping us expand capabilities for clients across the finance, SaaS, and critical infrastructure sectors. Please find below the project overview and candidate expectations: Project Overview The selected analyst will play a critical role in threat monitoring, log analysis, incident response , and real-time security event detection . This position will be project-based, with the potential for ongoing engagements depending on performance. Key Responsibilities Security Monitoring: Monitor alerts from Wazuh, Splunk, ELK, IDS/IPS, endpoint logs, and cloud environments. Incident Response: Analyze and respond to alerts, perform root cause analysis, and escalate as needed. Threat Hunting: Identify potential threats using intelligence feeds and behavioral anomalies. Alert & Rule Tuning: Customize Wazuh/OSSEC rules to reduce false positives. Documentation: Prepare incident reports, runbooks, and weekly summaries. Client Support: Assist in aligning with client-specific SOC policies, and support us during client meetings for POC and SOC service delivery discussions. Skills & Competencies Technical Expertise SIEM platforms: Wazuh (mandatory), ELK Stack, Splunk OS: Linux (Debian/Ubuntu/CentOS) & Windows (Event logs) Network: TCP/IP, DNS, ports, protocols, packet analysis Monitoring: File/process integrity, rootkit detection Scripting: Basic Python or Bash Tools Stack (Preferred) EDR: OSQuery, CrowdStrike Network: Zeek, Suricata, Wireshark Threat Intel: VirusTotal, AbuseIPDB, MISP, MITRE ATT&CK Case Management: TheHive + Cortex Minimum Qualifications 2–5 years of experience in a SOC Proven ability to analyze security logs and events Strong analytical and reporting skills Proficiency in written English for documentation Interested can share the profile at hr@petadot.com or visit www.petadot.com

Experience: 3- 8 years Location: Hyderabad Working Shift: Rotational Shift Key Responsibilities: Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis of PE and non-PE files. Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with crossfunctional teams to improve detection capabilities and response strategies. Develop and implement incident response plans and coordinate incident investigations. Provide continuous monitoring and analysis of network traffic and security events. Conduct research on advanced persistent threats (APTs) and develop protection solutions. Maintain and update real-time block lists and URL block lists. Write and review regular expressions for spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Participate in endpoint detection and response (EDR) efforts to identify and mitigate threats. Conduct threat hunting to proactively identify and address potential security risks. Basic Qualifications: Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analysing email borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. AntiPhishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management (SIEM): Platforms like Splunk or IBM QRadar to monitor and analyze security events, including email threats. Incident Response Tools: Solutions like TheHive or MISP (Malware Information Sharing Platform) for managing and sharing incident response data. Show more Show less

About Flentas Technologies: Flentas helps enterprises leverage the full potential of the Cloud with the help of consulting and implementation practice. As an organization, Flentas has the technology expertise and experience to drive large digital transformation projects and scale cloud operations. Flentas serves clients globally of all shapes and sizes with a strong and passionate team of experienced Solution Architects and Technology Enthusiasts. Job Title: Team Lead - SOC Analyst Team Department: Cybersecurity / Security Operations Location: Pune Key Responsibilities: Guide and support a group of security analysts in their day-to-day work. Oversee daily SOC operations and ensure team adherence to processes, SLAs, and quality standards. Facilitate team meetings, knowledge-sharing sessions, and performance evaluations. Schedule and coordinate shifts, ensuring 24/7 coverage and proper workload distribution. Oversee detection, triage, investigation, and response to cybersecurity incidents. Work closely with threat intelligence, IT, and engineering teams to remediate threats. Conduct root cause analysis post-incident and recommend preventive measures. Skills: Strong understanding of security frameworks (MITRE ATT&CK, NIST, etc.). Hands-on experience with CrowdStrike, Splunk, WIZ, VirusTotal, Jira, Confluence, AWS/Azure/GCP. Proficient in incident detection, investigation, and response. Familiar with handling various alert types including IDS/IPS alerts, EDR detections, malware and forensic investigations, phishing attempts, cloud-related security incidents, dynamic analysis, and static analysis. Excellent communication, leadership, and decision-making skills. Ability to manage pressure during security incidents and multitask in a dynamic environment. Strong analytical and problem-solving skills. Experience: Minimum 5-7 years in a SOC environment. Minimum 1-2 years of team leadership or supervisory experience. Working Conditions: The role involves working in rotational shifts to maintain 24/7 coverage of security operations. Nice to have: CompTIA Security+ Google Cybersecurity Professional Training Show more Show less

Job Title: Team Lead - SOC Analyst Team Department: Cybersecurity / Security Operations Job Type: Full-Time Key Responsibilities Guide and support a group of security analysts in their day-to-day work. Oversee daily SOC operations and ensure team adherence to processes, SLAs, and quality standards. Facilitate team meetings, knowledge-sharing sessions, and performance evaluations. Schedule and coordinate shifts, ensuring 24/7 coverage and proper workload distribution. Oversee detection, triage, investigation, and response to cybersecurity incidents. Work closely with threat intelligence, IT, and engineering teams to remediate threats. Conduct root cause analysis post-incident and recommend preventive measures. Skills Strong understanding of security frameworks (MITRE ATT&CK, NIST, etc.). Hands-on experience with CrowdStrike, Splunk, WIZ, VirusTotal, Jira, Confluence, AWS/Azure/GCP. Proficient in incident detection, investigation, and response. Familiar with handling various alert types including IDS/IPS alerts, EDR detections, malware and forensic investigations, phishing attempts, cloud-related security incidents, dynamic analysis, and static analysis. Excellent communication, leadership, and decision-making skills. Ability to manage pressure during security incidents and multitask in a dynamic environment. Strong analytical and problem-solving skills. Experience Minimum 5-7 years in a SOC environment. Working Conditions Minimum 1-2 years of team leadership or supervisory experience. The role involves working in rotational shifts to maintain 24/7 coverage of security operations. Certifications Such As Nice to Have (Optional but Valuable): CompTIA Security+ Google Cybersecurity Professional Training These are appreciated but not mandatory - hands-on experience and leadership ability come first. Show more Show less

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support Engineer Mandatory Skills : Phishing, Threat Attack, Cyber Security Experience: 3 to 5 Years Location : Hyderabad Notice Period : Immediate to 15 Days Job Description: Key Responsibilities Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Basic Qualifications Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to varshini.t@s3staff.com Show more Show less

Our technology services client is seeking multiple SOC Analyst to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: SOC Analyst Mandatory Skills : Phishing, Threat Attack, Cyber Security Experience: 8-12 Years Location : Hyderabad Notice Period : Immediate to 15 Days Job Description: Key Responsibilities Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Basic Qualifications Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to sushmitha.r@s3staff.com Show more Show less

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support Engineer Mandatory Skills : Phishing, Threat Attack, Cyber Security Experience: 8-12 Years Location : Hyderabad Notice Period : Immediate to 15 Days Job Description: Key Responsibilities Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Basic Qualifications Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to rajesh.s@s3staff.com Show more Show less

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support Engineer Mandatory Skills : Phishing, Threat Attack, Cyber Security Experience: 3 to 5 Years Location : Hyderabad Notice Period : Immediate to 15 Days Job Description: Key Responsibilities Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Basic Qualifications Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to sushmitha.r@s3staff.com Show more Show less

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support Engineer Mandatory Skills : Phishing, Threat Attack, Cyber Security Experience: 8-12 Years Location : Hyderabad Notice Period : Immediate to 15 Days Job Description: Key Responsibilities Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Basic Qualifications Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to mukesh.s@s3staff.com Show more Show less

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support Engineer Mandatory Skills : Phishing, Threat Attack, Cyber Security Experience: 3 to 5 Years Location : Hyderabad Notice Period : Immediate to 15 Days Job Description: Key Responsibilities Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Basic Qualifications Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to madhuri.p@s3staff.com Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Qualys is looking for threat researchers who can leverage their experience and expertise to identify and analyze threats, produce original research publications, and work with engineering teams to provide a feedback and related insights into a multitude of Qualys products. You will be a member of the Qualys Threat Research Team, a team of security researchers working together to solve security challenges in new and innovative methods. The team is responsible for leading and conducting research related to adversary attack tactics and techniques, threat actor groups and campaign activity. The primary output of the Threat Research Team is security content for Qualys products, blog posts, and conference presentations via researching the latest tactics, techniques, and procedures leveraged by adversaries. The Threat Research Team also works closely with the security, malware research, product, and engineering teams to develop novel protection strategies against emerging cybersecurity threats. Responsibilities: Monitor, analyze and research emerging cyber threats, vulnerabilities, and exploits to identify novel TTPs and their related mitigations. Produce and test rules for hunting and enrichment (Yara, etc.) Analyze threat attack life-cycle including its behavior, modus operandi and objectives. Follow an exhaustive approach involving intelligence collection, signature creation, and initial malware analysis. Research new methods and technologies to detect cyber threats, identify signals, and design approaches to use these signals to identify security threats and security breaches. Develop tools to automate and scale detection and response activities Writing detailed technical blog posts about the threats and TTPs discovered. Collaborate with other teams in developing and adding cross-product intelligence. Educational Qualifications: E./B.Tech/M.Tech Computer Science/MCA/MCS from a reputed institution. Certifications in Computer Security domains are desired.Experience: 3 years of relevant technical experience Technical Qualifications: Expertise in MITRE ATT&CK and EDR/XDR technologies. Experience with threat hunting, incident response, or security operations Experience with common threat intelligence tools, such as VirusTotal, Shodan, etc. Understanding of security controls, forensics, kill chain analysis, risk assessment and security metrics. Ability to perform initial static and dynamic malware analysis. Understanding of reverse engineering techniques. Knowledge of networking and the TCP/IP stack. Knowledge of programming or scripting languages. Knowledge of networking protocols and application file formats like PDF, Office files, and operating system internals.Soft Skills: Excellent written and verbal communication. 'Can-do' attitude and great problem-solving skills. Adapt to changing priorities and quickly come up with innovative solutions. Take initiatives and work with minimal supervision. Act as a go-to person for your area of expertise. Show more Show less

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support Engineer Mandatory Skills : Phishing, Threat Attack, Cyber Security Experience: 3 to 5 Years Location : Hyderabad Notice Period : Immediate to 15 Days Job Description: Key Responsibilities Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps. Basic Qualifications Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Security, or a related field. Strong understanding of computer security, network architecture, and threat landscape. Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS). Strong knowledge of networking concepts and OSI layers. Understanding of enterprise IT architecture, operating systems, and file systems. Excellent analytical skills and ability to identify patterns and trends. Strong research skills and ability to analyze and present complex data. Good logical reasoning and deep analytical skills. Good communication skills and attention to detail. Ability to perform well under stress, particularly in critical response situations. Basic qualities of a researcher, including curiosity, persistence, and attention to detail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identify indicators of compromise (IOCs), and respond to incidents promptly. Phishing Detection and Mitigation: Expertise in identifying and mitigating phishing attacks, including spear-phishing and whaling. Malware Analysis: Skills in analyzing email-borne malware, understanding its behavior, and developing countermeasures. Cryptography: Knowledge of encryption techniques to secure email communications and protect sensitive data. Network Security: Understanding of network protocols and security measures to detect and prevent email-based attacks. Programming and Scripting: Proficiency in languages like Kusto, Python, PowerShell, or Bash for automating security tasks and analyzing email logs. Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, and others that impact email security practices. Tools Secure Email Gateways (SEGs): Tools like Microsoft Defender for Office, Proofpoint, Mimecast, or Barracuda to filter and block malicious emails. Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME (Secure/Multipurpose Internet Mail Extensions) for encrypting email content. Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box like ThreatConnect or Recorded Future to gather and analyze threat intelligence data. Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo Alto Networks WildFire to safely analyze suspicious email attachments. Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond to phishing attempts. Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to bhavana.m@s3staff.com Show more Show less

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support EngineerMandatory Skills : Phishing, Threat Attack, Cyber SecurityExperience: 3 to 5 YearsLocation : HyderabadNotice Period : Immediate to 15 Days Job Description:Key ResponsibilitiesConduct email analysis and reverse engineer to identify and mitigate threats.Perform static and dynamic analysisAnalyze network traffic and develop heuristic signatures to detect malicious activities.Investigate security incidents, including data breaches, system intrusions, and policyviolations.Collaborate with cross-functional teams to improve detection capabilities andresponse.Develop and implement incident response plans and coordinate incidentinvestigations.Classify, Maintain and update real-time block lists and URL block lists.Write and review regular expressions for phish, spam and fraud detection.Perform URL and email grading to assess and categorize potential threats.Engage in security response activities to address and resolve security incidents.Conduct threat hunting to proactively identify and address potential detection gaps. Basic QualificationsBachelor's or Master's degree in Computer Science, Computer Engineering,Information Security, or a related field.Strong understanding of computer security, network architecture, and threatlandscape.Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS).Strong knowledge of networking concepts and OSI layers.Understanding of enterprise IT architecture, operating systems, and file systems.Excellent analytical skills and ability to identify patterns and trends.Strong research skills and ability to analyze and present complex data.Good logical reasoning and deep analytical skills.Good communication skills and attention to detail.Ability to perform well under stress, particularly in critical response situations.Basic qualities of a researcher, including curiosity, persistence, and attention todetail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identifyindicators of compromise (IOCs), and respond to incidents promptly.Phishing Detection and Mitigation: Expertise in identifying and mitigating phishingattacks, including spear-phishing and whaling.Malware Analysis: Skills in analyzing email-borne malware, understanding itsbehavior, and developing countermeasures.Cryptography: Knowledge of encryption techniques to secure emailcommunications and protect sensitive data.Network Security: Understanding of network protocols and security measures todetect and prevent email-based attacks.Programming and Scripting: Proficiency in languages like Kusto, Python,PowerShell, or Bash for automating security tasks and analyzing email logs.Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, andothers that impact email security practices. ToolsSecure Email Gateways (SEGs): Tools like Microsoft Defender for Office,Proofpoint, Mimecast, or Barracuda to filter and block malicious emails.Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME(Secure/Multipurpose Internet Mail Extensions) for encrypting email content.Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box likeThreatConnect or Recorded Future to gather and analyze threat intelligence data.Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo AltoNetworks WildFire to safely analyze suspicious email attachments.Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond tophishing attempts.Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to sohail.s@s3staff.com

Our technology services client is seeking multiple Anti Spam Support Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: Anti Spam Support EngineerMandatory Skills : Phishing, Threat Attack, Cyber SecurityExperience: 3 to 5 YearsLocation : HyderabadNotice Period : Immediate to 15 Days Job Description:Key ResponsibilitiesConduct email analysis and reverse engineer to identify and mitigate threats.Perform static and dynamic analysisAnalyze network traffic and develop heuristic signatures to detect malicious activities.Investigate security incidents, including data breaches, system intrusions, and policyviolations.Collaborate with cross-functional teams to improve detection capabilities andresponse.Develop and implement incident response plans and coordinate incidentinvestigations.Classify, Maintain and update real-time block lists and URL block lists.Write and review regular expressions for phish, spam and fraud detection.Perform URL and email grading to assess and categorize potential threats.Engage in security response activities to address and resolve security incidents.Conduct threat hunting to proactively identify and address potential detection gaps. Basic QualificationsBachelor's or Master's degree in Computer Science, Computer Engineering,Information Security, or a related field.Strong understanding of computer security, network architecture, and threatlandscape.Familiarity with operating systems internals (Windows, MacOS, Linux, Android, iOS).Strong knowledge of networking concepts and OSI layers.Understanding of enterprise IT architecture, operating systems, and file systems.Excellent analytical skills and ability to identify patterns and trends.Strong research skills and ability to analyze and present complex data.Good logical reasoning and deep analytical skills.Good communication skills and attention to detail.Ability to perform well under stress, particularly in critical response situations.Basic qualities of a researcher, including curiosity, persistence, and attention todetail. Technical Skills Threat Analysis and Incident Response: Ability to analyze email threats, identifyindicators of compromise (IOCs), and respond to incidents promptly.Phishing Detection and Mitigation: Expertise in identifying and mitigating phishingattacks, including spear-phishing and whaling.Malware Analysis: Skills in analyzing email-borne malware, understanding itsbehavior, and developing countermeasures.Cryptography: Knowledge of encryption techniques to secure emailcommunications and protect sensitive data.Network Security: Understanding of network protocols and security measures todetect and prevent email-based attacks.Programming and Scripting: Proficiency in languages like Kusto, Python,PowerShell, or Bash for automating security tasks and analyzing email logs.Regulatory Compliance: Familiarity with regulations such as GDPR, HIPAA, andothers that impact email security practices. ToolsSecure Email Gateways (SEGs): Tools like Microsoft Defender for Office,Proofpoint, Mimecast, or Barracuda to filter and block malicious emails.Email Encryption Tools: Solutions like PGP (Pretty Good Privacy) or S/MIME(Secure/Multipurpose Internet Mail Extensions) for encrypting email content.Threat Intelligence Platforms: Tools other than VirusTotal, MX Tool box likeThreatConnect or Recorded Future to gather and analyze threat intelligence data.Sandboxing Solutions: Tools like Windows Sandbox, FireEye or Palo AltoNetworks WildFire to safely analyze suspicious email attachments.Anti-Phishing Tools: Solutions like PhishMe or Cofense to detect and respond tophishing attempts.Security Information and Event Management or Incident Response Tools If you are interested, share the updated resume to renu.a@s3staff.com