53 Xdr Jobs

Eventus Security is a prominent cybersecurity solutions provider specializing in threat detection, incident response, and managed security services. The organization aims to assist clients in proactively securing their digital assets through cutting-edge technologies and expert-driven services. By prioritizing innovation and trust, Eventus Security empowers businesses to remain resilient in the constantly evolving cyber threat landscape. The ideal candidate for the position of Security Lead (L3) SOC at Eventus Security should possess 5-10 years of relevant experience. The job locations for this role are Navi Mumbai and Ahmedabad. Key Responsibility Areas: Security Incident Leadership: - Take charge of high-priority security investigations and incident response activities. - Ensure accurate analysis, containment, remediation, and post-incident reporting. Operational Oversight: - Supervise day-to-day Security Operations Center (SOC) operations. - Manage shift handovers, escalation procedures, and ensure continuous operations in a 24/7 environment serving global customers. Technical Expertise: - Serve as the escalation point for complex threats and security incidents. - Conduct in-depth analysis of logs, packets, malware, and behavioral patterns using EDR, XDR, SIEM, and forensic tools. Threat Detection and Hunting: - Proactively hunt for threats using various data sources and tools. - Develop and optimize detection use-cases, correlation rules, and playbooks to enhance threat visibility and decrease dwell time. Process & Playbook Management: - Develop, refine, and enforce standard operating procedures (SOPs), playbooks, and incident response workflows. - Drive consistent and measurable outcomes through effective process management. Customer Engagement: - Engage with global stakeholders, particularly clients from the US and Canada. - Provide clear incident briefings, RCA reports, and advisory support to clients. Collaboration and Mentorship: - Mentor L1 and L2 analysts and facilitate training sessions. - Support skill development across shifts to enhance team capabilities. Continuous Improvement: - Participate in tuning detection content and tool configurations. - Support red/blue/purple team exercises to enhance SOC maturity. Documentation and Reporting: - Maintain high-quality documentation of incidents, processes, and technical findings. - Contribute to executive and operational reporting to ensure transparency and accountability.,

Synax seeks an experienced SOC Leader (10+ years) to address global customers' cybersecurity needs and empower our partner network to achieve next-level service cyber-Security excellence. Why Join Synax Technologies Lead and pioneer a strategic cybersecurity initiative from inception. Thrive in a collaborative, innovative environment with ambitious growth objectives. Gain exposure and influence at a global, enterprise scale. Enjoy competitive compensation, career advancement, and executive visibility. What You&aposll Own: Design the Blueprint. Architect and scale a global SOC from the ground upset the strategy, define the roadmap, and own the outcome. Build the Dream Team. Recruit, lead, and inspire top-tier cybersecurity prosfrom threat hunters to incident responders. Set the Standard. Create world-class frameworks, playbooks, and metrics aligned with global best practices. Outsmart Threats. Lead the charge on cutting-edge detection and response using the full tech arsenal: SIEM, SOAR, EDR, XDR, UEBA, threat intel, and automation. Innovate Relentlessly. Drive a culture of continuous evolution, powered by AI, machine learning driven automation. You&aposre the Perfect Fit If You Have: Deep Roots in Cybersecurity: Minimum 10 years of experience navigating the world of security products and solutions, including 6 years in leading SOC/CSOC teams on a global scale. A Track Record of Building Greatness: You&aposve successfully built and rapidly scaled SOC/CSOC teams from scratch, turning vision into realityand you&aposre eager to do it again. Technical Mastery: Your expertise runs deep in cybersecurity operations, threat intelligence, incident response, and cutting-edge endpoint security technologies. Certifications That Count: Industry-recognized credentials like CISSP, CISM, or CISA showcase your professional commitment and credibility. Industry Savvy: Bonus points if you have experience working in highly regulated sectorslike BFSI, Healthcare, Government, or Telecomwhere cybersecurity truly matters. Solid Academic Grounding: You hold a Bachelors degree in Information Security, Cybersecurity, Computer Science Engineering, or related fields (a Masters degree makes you shine even brighter). Note: Preference will be given to candidates with current experience at Tier-1 SOC providers, who are locally available and can join immediately. This role requires international travel as and when needed. Show more Show less

As an Information Security Analyst at R Systems, you will play a crucial role in our Security Operations team, contributing to the overall Global Information Security function. With a focus on Security Operation, Incident Response/Management, DLP, Forensic/Reverse engineering, Cloud Security & IAM, you will bring your expertise to oversee multiple security solutions like XDR, IAM, Firewall, Email Gateway, SIEM, CASB, etc. Your responsibilities will include working as an InfoSec Analyst in our ASOC, performing incident response and threat hunting tasks in collaboration with our Managed Security Services Provider (MSSP). With 9 to 12 years of experience in SOC, Incident Response, IAM, DLP, SIEM, Email Gateway, and Firewall, you will leverage your minimum of 7 - 9 years of practical information security experience to enhance our security posture. You will utilize your expertise in Security Information Event Management (SIEM), Continuous Monitoring, Intrusion Detection/Prevention Systems (ID/PS), Network Traffic Analysis, Incident Response, Endpoint Security Systems, Digital Forensics, WLAN Monitoring, and Threat Modeling to ensure a robust security environment. Your in-depth knowledge of information security technologies, networking, systems, authentication, and directory services will be instrumental in managing complex troubleshooting issues effectively. Moreover, your proven ability to handle competing priorities, work under pressure, and contribute to strategic organizational thinking will be highly valued. Preferred certifications such as CEH, CISM, CHFI, Security+, Network+ will further enhance your profile and demonstrate your commitment to continuous professional development. Join us at R Systems, a Great Place to Work Certified company in multiple countries, and be part of a dynamic global team that fosters continuous learning, collaboration, and innovation. Your contributions will be celebrated, and your growth, development, and well-being will be prioritized in everything we do. If you are an experienced Information Security Analyst looking to make a significant impact in a leading technology company, we invite you to apply and be a part of our exciting journey towards shaping the future of technology.,

Work with MCX to enhance your career growth and excel in the field of Information Security. MCX values its employees" domain expertise and commitment, which have been pivotal in the company's success. If you are an ambitious and result-oriented professional, MCX offers exciting career opportunities for you to realize your potential in the cybersecurity domain. As a Manager - Information Security at MCX based in Mumbai, you will play a crucial role in ensuring the optimal performance of security technologies through operational oversight. With a Bachelor's degree in Cybersecurity, Information Technology, or related fields, along with 8-10 years of experience in cybersecurity (including 3+ years in managerial roles), you will be responsible for managing L2 activities and listed technologies hands-on. Your key responsibilities will include overseeing L2 activities, incident response, audits, and reviews of security operations. You will also be involved in developing and maintaining comprehensive documentation and SOPs for security technologies and processes, ensuring compliance and standardization. Additionally, you will configure, optimize, and maintain various security tools while evaluating their effectiveness and ensuring integration with the organization's IT infrastructure. In this role, you will lead threat hunting efforts, collaborate with stakeholders for risk mitigation, and manage security incidents promptly. You will generate security reports, communicate with stakeholders, and mentor junior team members to enhance their skills in security tools and best practices. If you are ready to climb the career ladder with MCX and have the necessary qualifications and experience in cybersecurity, this role offers you a platform to grow and excel in the dynamic field of Information Security. For further assistance or inquiries about this opportunity, please contact us at 022-67318888 / 66494000 or careers@mcxindia.com.,

Job Description Manage all aspects of cloud computing (including networking, compute, storage, and services), ensuring that the appropriate technology and methodologies are applied when translating business requirements into technical and functional solutions. Collaborating internally and across the organization in driving cloud adoption of security technologies. Stay current with industry trends, best practices, and emerging technologies related to DevOps and cloud computing. Extensive collaboration with technical and business facing stakeholders to engineer solutions which exceed customer expectations and drive significant business value. Implement and monitor security standards across development, testing, and production environments. Design solutions and processes to monitor, test for, and strategically deploy product updates. Identify opportunities for automation and efficiency improvements, implement from end-end. Utilize futuristic tools, technology, and frameworks for enhancing business experience. Participate in the development of a healthy product backlog, ensuring agile practices are followed. Proactively identify opportunities to improve and automate existing technologies. Support strategic vision for new infrastructure and systems by providing input on roadmaps/value maps in partnership with business stakeholders that aligns with the overall corporate strategy. Support organizational wide Disaster Recovery and Business Continuity plans and strategy so the organization is prepared for potential events. Support 24x7 security operations as needed. Responsibilities Basic Qualifications: Bachelors degree in Computer Science, Cyber Security, or Information Systems. 2+ years of proven hands-on experience with IT security and Devops cloud engineering. Microsoft Azure certifications such as: AZ-104, AZ-305, or AZ-400 Strong knowledge of Azure DevOps tools and services, including Azure Pipelines, Repos, Artifacts, and Boards. 2+ years with engineering expertise with Full stack, hands-on expertise with infrastructure including IaC such as Terraform or ARM templates. 2+ years of experience developing end-end using APIs and/or scripting languages such as Powershell, Python, YAML, JSON, NodeJS, etc. 1+ years leading projects and implementations. Preferred Qualifications: Technical Skills: Understanding, with hands-on experience, of IT Security and Security Engineering technologies such as CASB, CSPM, Email Security Gateways, SIEM/SOAR, Endpoint Protection, EDR/XDR, DLP, etc. Strong technical backgrounds (ideally building highly scalable platforms, products, or services) with the ability to proactively identify and mitigate technical risks throughout delivery life-cycle Hands-on experience solving security technical challenges. Deep technical knowledge of cloud platforms: Azure is strongly preferred. Experience engineering reusable tools and self-service capabilities with automated infrastructure operations Experience in creating frontend components that support accessibility Proven experience in engineering solutions that improve the developer or user experience and productivity. Hands-on experience setting up CI/CD pipelines. OpenShift Tekton, or GitHub Actions, or alike Knowledge of secure coding practices Experience setting up serverless functions using GCP Cloud Run or Cloud functions, and configuring the respective cloud provider for scaling Robust knowledge of system design principles including reliability, availability, and scalability Understanding of security frameworks Experience setting up logging and monitoring services (Dynatrace, GCP Ops Suites) Proven ability to implement and prove out POCs with speed, vision and quality Strong consulting and analytical skills and a risk management mindset. Qualifications Other Skills: Demonstrates the ability to be highly collaborative with peers across the organization. Possess a high tolerance for ambiguity and ever-changing technology environment. Possess a strong bias for action. Naturally curious and stays on top of emerging trends and threats. interpersonal skills, with the ability to communicate effectively at all levels of the organization. Familiarization with agile concepts. Ability to thrive in working in a fast-paced, technologically forward-leaning environment and are not afraid to push the boundaries of security capabilities. A sense of intellectual curiosity and a burning desire to learn. You may not check every box, or your experience may look a little different from what we&aposve outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! Show more Show less

We are seeking a Cloud Engineer to design, implement, and maintain cloud infrastructure (AWS, Azure, GCP). Key responsibilities include cloud architecture, system administration, automation, security, cost management, and documentation. Experience with migrating Exchange and SharePoint to cloud solutions is required. Collaborate with, cross-functional teams to design, implement, and maintain cloud infrastructure solutions. Provide technical guidance and support to resolve complex issues related to cloud services, Cyber Security, Networks. Perform regular assessments and audits to ensure the security, reliability, and efficiency of cloud environments. Participate in planning and executing cloud migration projects, including workload assessments, resource provisioning, and data migration strategies. Work as a Technical Consultant for Various Microsoft Technologies and its Security products. Hosted Exchange and Online Exchange Migration SharePoint and OneDrive Migration Teams, Enterprise Roaming Profile and Intune Deployment Spam Filters and Endpoint Security, EDR, XDR, NDR, MDR Work with Pass-through, Federated auth, SSO, Hybrid access, Cloud Sync, Delegation, Self Service. MFA, Conditional Policies, PIM, Vulnerabilities and risk assessment. Encryption, Risk Asses, Incidence management, VA, Penetration test, IDS/IPS, compliance

Job Description: As an L2 DLP Resource, you will be an integral part of our cybersecurity team located at a client site in BKC, Mumbai. Your primary responsibility will be to oversee and provide support for DLP, XDR, and EDR platforms, manage incident escalations at L2 level, and ensure the implementation of robust data protection measures. Your duties will include managing and troubleshooting DLP, XDR, and EDR security platforms, conducting root cause analysis for escalated incidents, and maintaining comprehensive technical documentation and incident reports. You will collaborate closely with compliance and IT teams to uphold data protection policies and may also be involved in operating and administering Forcepoint DLP solutions. The ideal candidate for this role should possess hands-on experience with DLP, XDR, and EDR technologies, demonstrate proficiency in incident handling and security operations at L2 level, and exhibit excellent documentation, communication, and analytical skills. Prior experience with Forcepoint or other enterprise-grade DLP tools would be advantageous. Additionally, flexibility for occasional travel to deployment locations such as Chennai, Hyderabad, or Lucknow is required for this full-time, onsite position based at the client's office in BKC, Mumbai. The job entails day and morning shifts, and the work location is in person. This is an excellent opportunity for a skilled professional to contribute to a dynamic cybersecurity environment and play a crucial role in ensuring effective data protection practices. Job Types: Full-time, Permanent,

The Security Operations Centre (SOC) department is seeking a candidate with strong oral and written communication skills. Experience in managing global customers, particularly in the US and Canada, is an advantage. The ideal candidate should be proficient in Incident Management and Response, with in-depth knowledge of security concepts such as cyber-attacks, threat vectors, risk management, and incident management. Strong familiarity with EDR and XDR is preferred. A strong understanding of various security solutions including EDR, XDR, NDR, EPP, Web Security, Firewalls, Email Security, O365, SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset Web Security, AV, UBEA, and Advanced SOC is required. The role involves working in a 24x7 Security Operation Centre (SOC) environment and includes creating, performing, reviewing, and delivering Incident Response playbooks and procedures. The responsibilities also include providing analysis and trending of security log data, threat and vulnerability analysis, security advisory services, and experience with Security Information Event Management (SIEM) tools. Hands-on experience in creating advanced correlation rules and conducting Vulnerability Assessments is a must. The candidate should have experience in threat hunting and forensic investigations. Other tasks and responsibilities may be assigned, including creating and fine-tuning rules, playbooks, etc. Strong knowledge of various operating systems such as Windows, Linux, and Unix, as well as TCP/IP Protocols, network analysis, and common Internet protocols and applications, is essential. Effective communication skills are required for contributing to the development and delivery of various written and visual documents for diverse audiences. Location: Ahmedabad Experience: 3-6 yrs Essential Skills/Certifications: GCFA, GCFE, CISP, CISSP, CCNP, CCIE Security, CEH; CSA If you meet the requirements and possess the essential skills/certifications, please send your CV to careers@eventussecurity.com.,

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Grow your career at Qualys where innovation and talent thrive! About Qualys: Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance, and IT solutions with over 10,000 subscription customers worldwide, including most of the Forbes Global 100 and Fortune 100. We help organizations streamline and automate security and compliance workflows onto a single platform, delivering greater agility, stronger security outcomes, and substantial cost savings. As part of the evolving Qualys Enterprise TruRisk Platform, we are expanding into Cloud Detection and Response (CDR) helping organizations detect active threats, manage cloud risk, and respond quickly in cloud-native, multi-cloud, and hybrid environments. We are building deep capabilities around cloud log analysis, eBPF-based runtime security, network security, and Zero Trust enforcement integrating technologies such as Sysdig Falco, Tetragon, and advanced runtime behavioral analytics. We are seeking a dynamic and experienced Senior Product Manager to join our growing Cloud Detection and Response (CDR) team at Qualys. In this role, you will drive the strategy and execution for key areas of our CDR product line focused on cloud threat detection, investigation, and automated response capabilities. You will bring a strong background in cloud security, detection and response technologies, and a can-do attitude to help global enterprise customers secure their cloud infrastructure and containerized workloads. You will collaborate closely with engineering, product design, product marketing, sales, and solution engineering teams, and interface with product leadership in a globally distributed environment. This is an exciting opportunity to have a high-impact role at a company known for innovation and trusted by the worlds leading enterprises. Qualifications: - Bachelors degree in Computer Science, Engineering, Cybersecurity, or a related technical field (MBA or equivalent experience preferred). - 5+ years of experience in product management, or 8+ years in a technical leadership, security engineering, or solution architecture role in cybersecurity or cloud security. - Deep understanding of cloud security, cloud-native environments (AWS, Azure, GCP), Kubernetes, and containerized workloads. - Familiarity with Cloud Detection and Response (CDR), CNAPP, or adjacent technologies such as SIEM, XDR, EDR, or threat hunting platforms. - Hands-on experience or strong working knowledge of cloud telemetry (e.g., AWS CloudTrail, Azure Activity Logs), cloud audit logging, and event-based threat detection. - Knowledge of modern runtime security technologies, including eBPF-based monitoring, Sysdig Falco, Tetragon, and cloud-native network security techniques. - Understanding of Zero Trust architectures and least-privilege enforcement in cloud environments. - Experience working with cybersecurity concepts such as malware detection, file integrity monitoring, secure configuration management, and policy compliance. - Strong analytical, organizational, and technical writing skills, with a data-driven approach to decision-making. - Exceptional communication skills, both technical and non-technical, across geographically distributed teams and customer environments. - Experience collaborating across multiple time zones and managing complex projects in a fast-paced environment. Role and Responsibilities: - Define and execute product strategy and roadmap for cloud detection and response capabilities within the Qualys platform. - Gather and prioritize requirements based on customer feedback, industry trends, and competitive analysis. - Develop clear product themes, epics, and user stories as input to engineering and design teams. - Work closely with engineering teams to deliver high-quality product features on time and within scope. - Drive key initiatives in cloud log ingestion and analysis, runtime threat detection using eBPF/Falco/Tetragon, network security analytics, and Zero Trust policy enforcement. - Actively engage with enterprise customers to understand needs, gather feedback, and validate product direction. - Track product success through metrics and KPIs, iterating based on customer impact and business outcomes. - Support product marketing with positioning, messaging, launch readiness, and field enablement. - Collaborate with sales teams to support key customer opportunities and strategic accounts. Join Us: This is a highly visible and impactful role where you will be part of a passionate and collaborative product team shaping the future of cloud security. If you're excited about building next-generation security solutions, helping customers stay ahead of modern threats, and growing your career at a company known for excellence and innovation - we would love to hear from you.,

As a Manager, Information Security Incident Response at NTT DATA, you will be responsible for leading the Information Security Incident Response Management team. Your role will involve ensuring that your team is well-equipped to detect and monitor threats and suspicious activities affecting the organization's technology domain. You will serve as the escalation point for incident workflows and actively participate in delivering security measures through analytics and threat hunting processes. Your primary responsibilities will include managing a team of security professionals while fostering a collaborative and innovative team culture focused on operational excellence. You will be expected to have at least 10 years of experience in SOC, with a minimum of 4 years as a SOC Manager. Additionally, you should have 4+ years of experience in SIEM (Splunk) and hold a CISM/CISSP certification. Your role will also involve troubleshooting technical issues to ensure project success, implementing changes to align with client demands, and providing guidance to the team to achieve specific objectives. You will be responsible for developing and executing a timeline for the team to achieve its goals, monitoring incident detection and closure, and presenting regular metrics and reports. Furthermore, you will be required to conduct periodic DR drills, design SIEM solutions to enhance security value, and conduct root-cause analysis for security incidents. It will be vital for you to ensure that the SIEM system is optimized for efficient performance, align reports SIEM rules and alerts with security policies, and compliance reports requirements. You will also collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. To qualify for this role, you should have a Bachelor's degree or equivalent in Information Technology, Computer Science, or a related field, along with industry certifications such as CISSP or CISM. You should possess advanced experience in the Technology Information Security industry, prior experience working in a SOC/CSIR, and advanced knowledge of tools, techniques, and processes used by threat actors. Additionally, you should have practical knowledge of indicators of compromise (IOCs), end-point protection, enterprise detention, response software, SIEM, and IPS technologies. This is an on-site working position at NTT DATA, where diversity and inclusion are embraced, and you will have the opportunity to continue growing, belonging, and thriving in a collaborative environment. NTT DATA is an Equal Opportunity Employer, and your career progression here will involve seizing new opportunities, expanding your skills, and preparing for future advancements within the global team.,

Tower Research Capital, a leading quantitative trading firm established in 1998, has earned a stellar reputation for its high-performance platform and independent trading teams. With over 25 years of innovation, the firm is renowned for its ability to identify unique market opportunities. Home to exceptional systematic trading and engineering talent, Tower empowers portfolio managers to develop their teams and strategies independently, while benefiting from the advantages of being part of a large, global organization. Engineers at Tower excel in developing electronic trading infrastructure at a world-class level, tackling complex challenges in low-latency programming, FPGA technology, hardware acceleration, and machine learning. The firm's continuous investment in top engineering talent and cutting-edge technology ensures that its platform remains unparalleled in terms of functionality, scalability, and performance. Every employee at Tower contributes to its success. The Business Support teams play a crucial role in constructing and maintaining the platform that drives the firm's operations, combining market access, data, compute, and research infrastructure with risk management, compliance, and a range of business services. These teams enable the trading and engineering teams to achieve their best performance. At Tower, employees thrive in a stimulating, results-driven environment where highly intelligent and motivated colleagues inspire each other to reach their full potential. As a member of the Global Cybersecurity team, you will work to enhance the security posture and services by monitoring, identifying, and addressing security gaps and countermeasures. Location: Gurgaon, India Team: Global Security Operations Shift Timing: 6:00 AM IST 3:00 PM IST with rotational weekend support as part of 24x7 operations Responsibilities: - Monitoring alerts for potential security incidents and information requests, utilizing real-time channels, tools, dashboards, reports, chat sessions, and tickets. - Following incident-specific procedures to conduct basic triage of potential security incidents, determining their nature, priority, and eliminating false positives. - Investigating and validating alerts to identify scope, impact, and root cause using available telemetry and threat intelligence. - Escalating confirmed incidents with comprehensive evidence, impact assessment, and recommended containment/remediation actions. - Collaborating with stakeholders and third-party security service providers to triage alerts, events, or incidents. - Monitoring and analyzing Security Information and Event Management (SIEM) to identify security issues for remediation. - Developing detection content, correlation rules, and queries in SIEM platforms to enhance threat detection capabilities. - Contributing to incident response playbooks, runbooks, and process enhancements. - Participating in threat hunting activities, adversary emulation exercises, and purple teaming efforts. - Maintaining accurate documentation of investigations, incidents, and actions in ticketing systems. - Staying informed of the current threat landscape, attacker tactics, and vulnerabilities relevant to Tower's environment. - Interacting with customers/users in a professional and positive manner. Requirements: - Bachelor's Degree in Computer Science, Information Security, or Information Technology. - 3+ years of hands-on experience in a Security Operations Center (SOC) or threat detection/incident response role in a mid to large-scale organization. - Proven track record in performing triage of potential security incidents and experience with various technologies including SIEM, EDR/NDR/XDR, web proxies, vulnerability assessment tools, IDS/IPS, firewalls, and data leakage prevention. - Strong understanding of various operating systems, network protocols, malware behavior, attacker techniques, and common attack vectors. - Willingness to work in early shifts and provide round-the-clock support, including weekend shifts. Soft Skills & Work Traits: - Strong analytical, investigative, and troubleshooting skills. - Effective written and verbal communication skills, with the ability to simplify complex security issues. - Organized, detail-oriented, and capable of managing multiple priorities under pressure. - Passion for security, continuous learning, and operational excellence. - Comfortable working in a rotating shift model, including weekend support. - Strong desire to understand security incidents thoroughly. Benefits: - Tower's headquarters are located in the historic Equitable Building in NYC's Financial District, with a global impact and offices worldwide. - The firm fosters a culture where smart, driven individuals thrive in a collaborative environment without egos. - Benefits include generous paid time off, financial wellness tools, hybrid working opportunities, daily meals and snacks, wellness experiences, volunteer opportunities, social events, continuous learning opportunities, and more. At Tower, you will find a welcoming and collaborative culture, a diverse team, and a workplace that values both performance and enjoyment. Join a team of great people doing great work together. Tower Research Capital is an equal opportunity employer.,

Job Responsibilities: Provide Technical Support to customers and partners Provide technical services include writing scripts, troubleshooting and best practices to customers Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed in a timely manner Provide fault isolation and root cause analysis for technical issues Publish Technical Support Bulletins and other technical documentation in the Knowledge Base Review of technical documentation for training materials, technical marketing collateral, manuals, troubleshooting guides, etc. Travel to customer sites in the event of a critical situation to expedite resolution as required Provide on-call support 24x7 on an as needed basis Provide configurations, troubleshooting and best practices to customers. Work with our Engineering team and influence the operability of the product. Participate in regular weekend on-call rotation and provide after-hours support on an as-needed basis. Able to effectively communicate to all levels and stakeholders - internally and externally on complex technical issues Desired Skills 3+ years of related experience. Provide configurations, troubleshooting and best practices to customers. Required experience with supporting EndPoint software products. Required strong experience with Windows OS, Linux OS and macOS based applications (Installation, troubleshooting, Debugging). Experience with Android OS based applications (Installation, troubleshooting, Debugging). Strong experience with MS environment (SCCM, GPO, AD, MSSQL, IIS). Experience with EndPoint security software is a plus (Antivirus, DLP, IPS, NAC). Knowledge of SIEM, vulnerability management tools and firewalls. Experience understanding malware, exploits, operating system structure and behavior. Experience with batch scripting and Python is a plus Strong ability to independently troubleshoot, reproduce issues and identify feasible workarounds in broad, complex, and unique environments with mixed applications and protocols required. Knowledge of Cloud infrastructure a plus Knowledge of VDI (VMWare Horizon, Citrix XenApp and XenDesktop) is a plus BS/MS or equivalent experience require Role & responsibilities Preferred candidate profile

You will be responsible for administering and maintaining Deep security systems to ensure the security of IT Infrastructure. This includes monitoring and analyzing security alerts to identify potential threats, ensuring proper integration with existing systems, troubleshooting and debugging problems related to TrendMicro Deep Security Manager and Agent, as well as managing TrendMicro Deep Security Agent (installation, reconciliation, troubleshooting, etc.). Additionally, you will be involved in fine-tuning policies in Deep security features such as FIM, Log Inspection, IPS, Firewall, Anti-malware module, and developing/updating security policies and procedures related to Deep security. Your role will also involve log monitoring, incident investigation, maintaining, generating, and analyzing all deep security related reports, manager version upgradation, and capacity management. You will be required to engage with OEM in case of any Deep security related issues reported and ensure compliance with industry standards, regulations, and best practices. Mandatory Skills required for this position include expertise in Antivirus, Microsoft EDR, and XDR. The ideal candidate should have 5-8 years of relevant experience in this field. Wipro is undergoing a transformation towards a modern approach, and as part of this journey, we are seeking individuals who are inspired by reinvention. We are looking for people who are willing to evolve constantly - in terms of themselves, their careers, and their skills. We strive for continuous improvement and adaptability as the world around us changes. Join us at Wipro, a place where you can realize your ambitions and be empowered to design your own reinvention. We welcome applications from individuals with disabilities.,

As a seasoned Technology Leader specializing in cybersecurity solutions, you will be responsible for developing and executing a comprehensive technology roadmap that aligns with business objectives and industry standards. Your role will involve designing and managing enterprise-grade cybersecurity platforms such as Splunk and QRadar to ensure seamless integration across diverse OT and IT environments. Innovation will be a key aspect of your responsibilities, as you lead the design and development of advanced cybersecurity tools including SIEM, XDR, next-gen firewalls, and secure networking solutions. Your focus will be on driving innovation to address the unique challenges of OT/IT environments, emphasizing threat detection, incident response, and compliance while ensuring scalability, efficiency, and future-readiness of the technology strategy. Building partnerships and fostering collaborations with technology providers, OEMs, and stakeholders will be essential to enhance the company's offerings and ensure interoperability and seamless integration of solutions across different platforms and ecosystems. You will play a vital role in establishing and maintaining technology standards and best practices for OT/IT cybersecurity, monitoring the adoption of emerging technologies to maintain a competitive advantage and address evolving threats. Additionally, your expertise will be crucial in providing technical oversight for cybersecurity frameworks to protect critical infrastructure and collaborating with delivery and operations teams to implement cutting-edge security measures. To excel in this role, you should hold a Bachelors or Masters degree in Engineering, Technology, or a related field, coupled with over 15 years of experience in technology leadership roles with a strong focus on cybersecurity solutions. Your proficiency in platform development, particularly with systems like Splunk and QRadar, as well as industrial control systems, will be highly valued. Strong leadership, innovation, and strategic thinking abilities are key qualifications that will contribute to your success in this dynamic and challenging position.,

Hi All, Movate ( Formerly known as CSSCorp ) is hiring for Senior Endpoint Security Engineer Role. Job Responsibilities: Provide Technical Support to customers and partners Provide technical services include writing scripts, troubleshooting and best practices to customers Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed in a timely manner Provide fault isolation and root cause analysis for technical issues Publish Technical Support Bulletins and other technical documentation in the Knowledge Base Review of technical documentation for training materials, technical marketing collateral, manuals, troubleshooting guides, etc. Travel to customer sites in the event of a critical situation to expedite resolution as required Provide on-call support 24x7 on an as needed basis Provide configurations, troubleshooting and best practices to customers. Work with our Engineering team and influence the operability of the product. Participate in regular weekend on-call rotation and provide after-hours support on an as-needed basis. Able to effectively communicate to all levels and stakeholders - internally and externally on complex technical issues Desired Skills 3+ years of related experience. Provide configurations, troubleshooting and best practices to customers. Required experience with supporting EndPoint software products. Required strong experience with Windows OS, Linux OS and macOS based applications (Installation, troubleshooting, Debugging). Experience with Android OS based applications (Installation, troubleshooting, Debugging). Strong experience with MS environment (SCCM, GPO, AD, MSSQL, IIS). Experience with EndPoint security software is a plus (Antivirus, DLP, IPS, NAC). Knowledge of SIEM, vulnerability management tools and firewalls. Experience understanding malware, exploits, operating system structure and behavior. Experience with batch scripting and Python is a plus Strong ability to independently troubleshoot, reproduce issues and identify feasible workarounds in broad, complex, and unique environments with mixed applications and protocols required. Knowledge of Cloud infrastructure a plus Knowledge of VDI (VMWare Horizon, Citrix XenApp and XenDesktop) is a plus BS/MS or equivalent experience require

As a member of the Cyber Incident Response Team (CIRT) at Ingka Group, you will play a crucial role in developing and operating threat detection, investigation, and response capabilities to ensure a secure environment for the organization. Based in Malm, Helsingborg, or Amsterdam, you will lead the response to complex, major, or recurring cyber security incidents across the global organization. Your responsibilities will include reporting on the overall performance of incident response, writing comprehensive documentation such as plans, playbooks, and runbooks, and developing automated incident response playbooks using SOAR. Additionally, you will engineer threat detections using SIEM and XDR technology. The ideal candidate for this role should have over 5 years of experience in a security operations role and be familiar with tools like XDR, SIEM, and SOAR. You should also have knowledge of endpoint systems like Windows, macOS, and Linux, cloud platforms such as Azure and Google Cloud, and Entra ID. A strong curiosity, a willingness to learn, and the ability to work in an on-call rotation for major incident response are essential qualities we are looking for in potential candidates. We believe that you are passionate about exploring and understanding the intricacies of cybersecurity, combining theoretical knowledge with practical skills to address challenges effectively. Your analytical capabilities, structured problem-solving approach, and pragmatic mindset will contribute to the success of our team in enabling the business to thrive today and in the future. If you are someone who thrives in open-ended situations, values collaboration, and seeks continuous growth, we encourage you to apply for the position of Senior Cyber Engineer with us. We understand the importance of diversity and inclusion, and we welcome applicants from all backgrounds and experiences. Your application, submitted in English, will be a step towards joining our team dedicated to creating a better everyday life for the many people. Please note that we expect the majority of your time to be spent in the office, aligning with our value of togetherness and fostering a collaborative work environment. Interviews will be conducted on an ongoing basis, and we are excited to review your application submitted through our recruitment program.,

As an Infrastructure Security Architect at our organization, you will be responsible for designing and maintaining secure infrastructure systems to uphold the highest cybersecurity standards. Your role will be crucial in safeguarding systems and data against emerging threats, ensuring regulatory compliance, and maintaining operational resilience. You will play a key role in protecting digital assets from unauthorized access, disruptions, or misuse to maintain confidentiality, integrity, and availability. Developing and managing Data Loss Prevention (DLP) strategies will be essential to safeguard sensitive data both in motion and at rest. Additionally, you will be required to detect, analyze, and mitigate threats using tools such as XDR, Dark Web Hunting, and other threat intelligence solutions. Leading security incident response processes including investigation, containment, remediation, and post-mortem analysis will be part of your responsibilities. Regular risk assessments and security audits will also be conducted to ensure compliance with established standards like NIST, ISO 27001, or GDPR. Your role will involve evaluating existing and planned infrastructure to identify vulnerabilities and recommend architectural enhancements, along with collaborating across teams to integrate security by design principles into systems architecture. To qualify for this position, you should hold an M.Tech/B.Tech degree in Computer Science, Information Security, Information Technology, or a related field, and have at least 4 years of professional experience in infrastructure or cybersecurity roles. A deep understanding of network security, cloud security (AWS/Azure), firewalls, VPNs, IDS/IPS, and encryption protocols is necessary. Hands-on experience with SIEM, XDR, DLP, vulnerability scanners, and incident response tools will be beneficial. A strong grasp of compliance, governance, and regulatory frameworks such as ISO, NIST, and PCI DSS is also required. Preferred certifications for this role include CISSP, CISM, CEH, or related certifications, as well as Cloud Security Certifications like AWS Security Specialty or Azure Security Engineer Associate. Join our team and contribute to enhancing our organization's cybersecurity posture while ensuring the integrity of our infrastructure and data.,

The Associate Technical Security Specialist plays a critical role in supporting cybersecurity operations by implementing technical security controls, monitoring security events, and ensuring compliance with company contractual and regulatory obligations. This role focuses on operational information security tasks, responding to information security incidents, and continuously improving information security processes to protect the managed information and technical assets. Key Responsibilities Information Security Operations & Incident Response: Monitor information security alerts and logs using XDR and other security tools. Investigate potential information security incidents, escalate critical issues, and support information security incident response processes. Endpoint, Cloud, and Network Security: Assist in managing security controls for endpoints, cloud services, and network environments. Support security hardening initiatives to reduce risks. Email Security Gateway & Anti-Phishing: Manage and optimize email security solutions to prevent phishing, malware, and spam attacks. Work on email filtering policies, domain security (DMARC, DKIM, SPF), and respond to email-based threats. Vulnerability & Patch Management: Perform routine security assessments to identify vulnerabilities and misconfigurations. Work with IT teams to prioritize and implement security patches and updates. Threat Intelligence & Risk Mitigation: Analyze emerging threats and recommend proactive security measures. Assist in conducting risk assessments and security reviews of new technologies and processes. Compliance & Security Governance: Assist in maintaining security policies and ensuring compliance with contractual regulatory requirements (ISO 27001, GDPR, HIPAA, etc.). Support audits and security assessments. Security Awareness & Training: Promote cybersecurity awareness by assisting with security training sessions and phishing simulations. Support internal teams with security best practices. Functional Competencies (Technical knowledge/Skills) - Strong understanding of cybersecurity frameworks (ISO 27001, NIST, CIS Controls). - Experience with XDR, firewalls, endpoint security, and cloud security solutions. - Familiarity with Email Security Gateways (Proofpoint, Mimecast, etc.) and anti-phishing technologies. - Basic knowledge of penetration testing and vulnerability scanning tools. - Hands-on experience with IAM and access control mechanisms. - Understanding of regulatory and compliance requirements in cybersecurity. - Strong analytical skills with attention to detail. - Good communication and collaboration skills to work across teams. Experience, Education, and Certifications - 3-5 years of experience in cybersecurity operations or security administration. - Bachelors degree in Cybersecurity, Information Technology, or a related field. - Certifications such as CompTIA Security+, CEH, or equivalent preferred. - Experience working with email security solutions and incident response processes. - Knowledge of cloud security in AWS, Azure, or GCP is an advantage. Note: This role has working shifts from 02:00 PM IST - 11:00 PM IST.,

As a Junior Security Engineer, you will work closely with senior engineers to ensure the security of an organization's systems and data. Your responsibilities will include monitoring networks, identifying vulnerabilities, and implementing security measures with guidance. You will be involved in various areas such as Vulnerability Management, XDR, EDR, Zero Trust, and DLP technologies. In the realm of Vulnerability Management, you will assist in identifying and assessing vulnerabilities in systems and applications. You will also support the remediation process for these vulnerabilities by utilizing vulnerability scanning tools and reporting on findings. For XDR/EDR, you will be tasked with monitoring security alerts from these platforms and aiding in the investigation of security incidents that are identified. Additionally, you will contribute to the tuning and optimization of XDR/EDR solutions. In the domain of Zero Trust, your role will involve supporting the implementation of Zero Trust principles, including least privilege access, and helping in the configuration of network segmentation and access controls. Regarding DLP, you will monitor data loss prevention alerts and incidents, participate in the development and implementation of DLP policies, and assist in identifying and protecting sensitive data. Your day-to-day responsibilities will encompass monitoring security systems and alerts, analyzing security data to detect potential threats, responding to security incidents, maintaining accurate records of security events, generating reports on security posture, vulnerabilities, and incidents, implementing security solutions and controls, collaborating with other teams to ensure security best practices, and continuously learning about new threats and security technologies. Overall, as a Junior Security Engineer, you will play a crucial role in supporting the overall security posture of the organization and contributing to the ongoing protection of systems and data.,

Role & responsibilities This position is responsible for supervising all aspects of IT security, which includes: * Designing and developing security measures * Implementing security protocols * Managing incident response * Overseeing product selection * Ensuring adherence to relevant regulations This role is a mandatory work-from-office position based in our Gurgaon location, and the person in this role must be willing to work in 24/7 rotational shifts. Key responsibilities include: 1. Cybersecurity defense for endpoints and servers. 2. Investigation of alerts through SIEM, EPP, and XDR. 3. Vulnerability assessment and patch management. 4. Authorization of third-party software. 5. Collaboration with various departments to reduce risk. 6. Awareness of potential harm from new threats to network infrastructure and existing security procedures. 7. Providing security training to employees. 8. Facilitation of system and software configuration through Endpoint Management. 9. Willingness to work in a 24/7 SOC environment. Preferred candidate profile Perks and benefits

As the Cybersecurity Program Delivery Director, you will play a pivotal role in coordinating the planning, execution, and delivery of key cybersecurity projects and programs on a global scale. You will work closely with technical teams, security experts, and various stakeholders to ensure that critical security initiatives are implemented effectively and in alignment with corporate strategies. Your responsibilities will span across program portfolio management, global delivery and execution, governance, risk, and compliance (GRC), team coordination, budget control, and technical strategy support. You will be tasked with managing a diverse portfolio of cybersecurity projects, encompassing new technology deployments, risk mitigation, policy updates, and compliance enhancements. It will be your responsibility to establish project goals, timelines, and budgets, while also overseeing cross-regional resource integration and priority management. Additionally, you will ensure the quality and timely delivery of key security projects, manage external suppliers and service providers, and establish standardized delivery processes to drive global project replication capabilities. Collaboration with compliance, legal, and audit teams will be essential to ensure that all projects adhere to relevant regulations and standards such as GDPR, ISO 27001, and NIST. You will lead a global team of project managers, security architects, and business analysts, fostering open communication with senior management, IT, Security Operations Center (SOC), and regional heads. Regular reporting on project progress and key risks to the CISO and senior management will be a key aspect of your role. Your background should include a Bachelor's degree or above in information security, computer science, engineering, or related fields, with a preference for a Master's/MBA. You should possess more than 10 years of experience in information security or project delivery, including over 5 years in cross-border security project management. Proficiency in project management frameworks such as PMP, PRINCE2, and agile delivery methods like Scrum/SAFe is required. Familiarity with information security frameworks and technologies such as NIST, CIS Controls, SOC, IAM, SIEM, XDR, and SASE is crucial, along with certifications like CISSP, CISM, and PMP being preferred. Your leadership skills, cross-cultural communication abilities, and global vision will be essential for this role. You should be comfortable with remote management across different time zones and occasional international travel. Keeping abreast of security technology trends and providing strategic investment recommendations will also be part of your responsibilities. Your contribution to cybersecurity budget formulation, resource allocation, and technology roadmap adjustments will ensure the maximum safety benefits of project investments.,

You should have a minimum of 12 years of experience in Sales, Consulting, or Presales in the cybersecurity domain. A consultative problem-solving services-oriented, solution-led approach and experience are preferred. Your demonstrated ability for consultative sales in the cybersecurity domain should be targeting CISO/CXOs. Skills in areas of risk advisory and various cybersecurity frameworks, along with an understanding of the cybersecurity OEM ecosystem and dexterity in crafting winning services proposals are critical. Expertise in any core security element of Device Management, Network Security, Zero Trust Frameworks, and Managed Detection and Response (MDR) Services is required. Knowledge in Data Security and Privacy, various Industry compliance Frameworks from SEBI, RBI, IRDA, DPDP, Security Assurance, and Cloud Security areas is essential. You should have proven expertise and experience in crafting complex managed security services (MSS) proposals which include multiple cybersecurity domains like network security, device management, security operations, SOC services, etc. Reviewing technology designs with technology architects and engineers while considering local and regional regulatory requirements is part of the role. Experience with assessment of a comprehensive and broad set of security technologies and processes, data protection, identity and access management (IAM), network security within SaaS, IaaS, PaaS, and other cloud environments is necessary. Additionally, expertise in Infra security architecture and any subject matter expertise within network infrastructures and perimeter security technologies such as firewalls, load balancers, WAF, CASB, proxies, SDN, DNS, and DDOS solutions is expected. A solid grasp of private/hybrid/public clouds and legacy IT infrastructures is required. You should be highly familiar with public and private cloud technologies (e.g., AWS, Azure, GCP, VMWare, etc.) and their Security offerings, preferably based on certifications and some hands-on experience. Maintaining in-depth knowledge of the competition's offerings and strategies is important. You will lead the development of integrated solutions, including terms and conditions, to create a final customer proposal. An understanding of emerging technologies & trends like XDR, MDR, CASB, SASE, Microservices, Kubernetes, containers, Intelligent Automation, DevSecOps, Zero Touch, etc., is preferred. A Bachelor's degree or Master's degree is also desirable for this role.,

As a seasoned Technology Leader specializing in Cybersecurity, you will be responsible for developing and executing a comprehensive technology roadmap for both Operational Technology (OT) and Information Technology (IT) cybersecurity solutions. Your role will involve aligning technology initiatives with business goals, industry standards, and market opportunities. You will lead the design and management of enterprise-grade cybersecurity platforms such as Splunk, QRadar, and similar systems, ensuring seamless integration across diverse OT and IT environments. Innovation is at the core of this role, where you will drive the design and development of advanced cybersecurity platforms and tools including Security Information and Event Management (SIEM), Extended Detection and Response (XDR), next-gen firewalls, and secure networking solutions. Your focus will be on addressing the unique challenges of OT/IT environments, encompassing threat detection, incident response, and compliance. You will define technology strategies for cybersecurity solutions, emphasizing scalability, efficiency, and future-readiness to support high-performance security operations globally. Building partnerships and collaborations will be key, as you foster relationships with technology providers, Original Equipment Manufacturers (OEMs), and other stakeholders to enhance the company's offerings. You will ensure seamless interoperability and integration of solutions across various platforms and ecosystems. Your role will also involve establishing and maintaining technology standards and best practices for OT/IT cybersecurity, along with monitoring and managing the adoption of emerging technologies to maintain a competitive edge and address evolving threats. Providing technical oversight for cybersecurity frameworks to ensure the protection of critical infrastructure will be crucial. Collaboration with delivery and operations teams will be essential to implement cutting-edge security measures effectively. To excel in this role, you should hold a Bachelor's or Master's degree in Engineering, Technology, or a related field, coupled with over 15 years of experience in technology leadership roles, particularly focusing on cybersecurity solutions. Expertise in platform development, such as Splunk, QRadar, and industrial control systems, is required. Strong leadership skills, innovative thinking, and a strategic mindset are essential to drive success in this dynamic and challenging environment.,

Agoda is an online travel booking platform that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, as well as flights, activities, and more. As part of Booking Holdings and based in Asia, Agoda has a diverse team of 7,100+ employees from 95+ nationalities across 27 markets. The work environment at Agoda is characterized by diversity, creativity, and collaboration, fostering a culture of experimentation and ownership to enhance the travel experience for customers. The Security Department at Agoda oversees security, compliance, GRC, and security operations to ensure the safety and protection of the company and its employees. As a member of the Security Operations (SecOps) Team, you will be at the forefront of designing, implementing, and maintaining cutting-edge security solutions to safeguard Agoda's large-scale global environment. This role offers the opportunity to work with advanced security tools, collaborate across multiple teams, and contribute directly to Agoda's mission of secure, seamless travel for millions of users worldwide. Key responsibilities in this role include implementing and managing secure cloud deployments across AWS, Azure, and GCP using Infrastructure-as-Code (IaC) tools like Terraform, identifying and remediating misconfigurations in cloud resources, providing expert guidance on cloud architecture and deployment strategies, and utilizing advanced tools for monitoring, detecting, and mitigating security threats. Additionally, you will be expected to develop scalable solutions using programming languages like Python and Go, design automated workflows to enhance threat detection capabilities, and establish secure practices for Kubernetes environments and CI/CD pipelines. To succeed in this role, you should have a minimum of 4 years of experience in a hands-on information security role, expertise in IDP/IAM solutions, familiarity with Microsoft security tools, proficiency in programming languages for automation tasks, and experience in managing cloud environments such as AWS, Google Cloud, or Azure. Effective communication skills are essential for conveying complex security concepts clearly to various stakeholders. Agoda offers a relocation package for those interested in moving to Bangkok, Thailand, along with a range of benefits including a hybrid working model, WFH set up allowance, remote working opportunities, employee accommodation discounts, a diverse global team, annual CSR/volunteer time off, and access to various subscription services and support programs. Agoda is an Equal Opportunity Employer and keeps applications on file for future vacancies. Please note that Agoda does not accept third-party resumes and is not responsible for any fees related to unsolicited resumes. For more details, please refer to the privacy policy.,

Experience with Network Architecture Review and Firewall Rule-base Audit. Strong understanding of OWASP top 10 and SANS top 25 programming errors.Threat Hunting, attack identification, investigation, correlation and suggesting mitigation measures. Required Candidate profile Experience on Vulnerability Assessment and Penetration Testing for Infrastructure / network / web application / databases.Propose, plan, & execute Red Team operations based on threats to organization.