29 Xdr Jobs

Your day at NTT DATA The Manager, Information Security Incident Response is a management role, responsible for managing the Information Security Incident Response Management team. This role ensures their team is equipped and enabled to detect and monitor threats and suspicious activity affecting the organization's technology domain. This role serves as the escalation point for incidents workflows and participates in the delivery of security measures through analytics and threat hunting processes. The Senior Manager, Information Security Incident Response manages a team of security professionals whilst fostering a collaborative and innovative team culture focused on operational excellence. What youll be doing Key Responsibilities: 10+ Years of experience in SOC. 4+ Years of experience as a SOC Manager. 4+ Years of experience in SIEM (Splunk) CISM/CISSP Certification is must. Good understanding about SOAR/UEBA/NBAD/XDR. Strong Exp in EDR and email fishing, Ransomware alerts. Troubleshooting technical issues to ensure project success. End-end integration of all soc solutions health check as per the signoff Implementing changes to align with Client demands and specifications. Providing guidance, direction, and instructions to the team to achieve specific objectives. Developing and executing a timeline for the team to achieve its goals. Monitoring incident detection and closure. Presenting regular metrics and reports. Identifying new alert requirements. Ensuring services meet SLA parameters. Conducting periodic DR drills. Following up with departments to close various reports/incidents and escalating long outstanding issues. Designing SIEM solutions to enhance security value, service management, and scalability. Identify, resolve, and conduct root-cause analysis for security incidents which is essential for maintaining a proactive and responsive security posture. Develop and document incident response procedures. Ensuring the SIEM system is optimized for efficient performance is vital. This includes handling data volume effectively and maintaining responsiveness for timely threat detection and response. Align reports SIEM rules and alerts with security policies and compliance reports requirements ensures that the system contributes to overall security and regulatory adherence. Developing customized and dashboards provides meaningful insights into the LICs security posture, aiding in decision-making and monitoring. Integration with other solutions/devices (including security solutions) to enhance overall security monitoring and incident response capabilities, creating a more comprehensive security infrastructure. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the systems reliability and effectiveness. Academic Qualifications and Certifications: Bachelors degree or equivalent in Information Technology, Computer Science or related field. Industry Certifications such as CISSP, CISM preferred. Required Experience: Advanced experience in a Technology Information Security Industry. Advanced prior experience working in a SOC/CSIR. Comprehension and practical knowledge of the Cyber Threat Kill Chains. Advanced knowledge of Tools, Techniques and Processes (TTP) used by threat actors. Advanced practical knowledge of indicators of compromise (IOCs). Advanced experience with End Point Protection and Enterprise Detention and Response Software. Advanced experience or knowledge of SIEM and IPS technologies. Advanced experience with Wireshark, tcpdump, Remnux, decoders for conducting payload analysis. Knowledge of malware analysis, hacking techniques, latest vulnerabilities, and security trends. Preferably an interest, or knowledge of, or experience with SIEM and IPS technologies. Advanced knowledge of network technologies including routers, switches, firewalls Advanced prior demonstrated experience managing and leading a team in a related field. Workplace type On-site Working

We are hiring a DLP Specialist with 3 to 6 years of experience in managing endpoint security technologies. The ideal candidate will play a critical role in deploying, maintaining, and optimizing Data Loss Prevention. Forecepoint DLP is Compulsory Required Candidate profile Implement and manage endpoint security tools, including DLP, XDR, and encryption solutions. Investigate and analyze DLP alerts and incidents, ensuring swift and effective response.

Endpoint & Network Security: Leverage CrowdStrike, XDR, and Zscaler for endpoint and network protection. Email & API Security: Manage and secure email platforms using Proofpoint and safeguard API security with WAF solutions.

JD- SOC lead/Manager Manage and mentor a team of SOC analysts and engineers. must have good understanding on EDR,XDR tools. Develop training programs and provide ongoing support to enhance team skills and performance. Coordinate shift schedules to ensure 24/7 SOC coverage. Oversee the identication, assessment, and response to security incidents. Ensure timely and eective resolution of security incidents and escalation when necessary. Conduct post-incident reviews and coordinate with other departments to address root causes and improve security posture. Supervise the monitoring of security alerts, events, and logs from various sources including SIEM, IDS/IPS, and other security tools. Ensure the SOC team eectively analyses and correlates security data to detect potential threats. Optimize and tune SOC tools and processes to improve detection capabilities and response times. Develop and maintain SOC policies, procedures, and best practices. Ensure compliance with organizational security policies and relevant regulatory requirements. Update and rene incident response plans and playbooks. Prepare and deliver regular reports on SOC performance, incident trends, and threat landscape to senior management. Communicate eectively with internal stakeholders and external partners as needed. Coordinate with other teams to ensure alignment and integration of security initiatives. Stay current with industry trends, emerging threats, and new technologies. Implement continuous improvement processes to enhance SOC eiciency and eectiveness. Evaluate and recommend new tools and technologies to enhance the SOCs capabilities.

Job Title: MDR Analyst Duration: Full time role Location: Remote (Bengaluru) This position is a Shift Position (Sunday - Friday Evening & Saturday Evening) Job Description: Duties: Join a new emerging team who is going to be part of clients Unit 42, Working closely with global customers providing the best security in the market Own an incident lifecycle from outbreak to full remediation Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire clients customer base Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats Required Skills: 3+ years of experience in a multi-tiered SOC/IR is a must Experienced with Technologies such as EDR, SIEM, SOAR, FW A well-established familiarity with attack trends and vectors Excellent written and oral communication skills in English Some degree of Malware Analysis - An advantage CEH / CompTIA CYSA+ certifications - An advantage Hands-on experience with Cortex XSOAR or Cortex XDR - An advantage.

Hi All, Greetings from Movate Technologies ( Formerly known as CSSCORP ), We are hiring for L2 Endpoint Security Engineer Role, Job Responsibilities: Provide Technical Support to customers and partners Provide technical services include writing scripts, troubleshooting and best practices to customers Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed in a timely manner Provide fault isolation and root cause analysis for technical issues Publish Technical Support Bulletins and other technical documentation in the Knowledge Base Review of technical documentation for training materials, technical marketing collateral, manuals, troubleshooting guides, etc. Travel to customer sites in the event of a critical situation to expedite resolution as required Provide on-call support 24x7 on an as needed basis Provide configurations, troubleshooting and best practices to customers. Work with our Engineering team and influence the operability of the product. Participate in regular weekend on-call rotation and provide after-hours support on an as-needed basis. Able to effectively communicate to all levels and stakeholders - internally and externally on complex technical issues Desired Skills: 3+ years of related experience. Provide configurations, troubleshooting and best practices to customers. Required experience with supporting EndPoint software products. Required strong experience with Windows OS, Linux OS and macOS based applications (Installation, troubleshooting, Debugging). Experience with Android OS based applications (Installation, troubleshooting, Debugging). Strong experience with MS environment (SCCM, GPO, AD, MSSQL, IIS). Experience with EndPoint security software is a plus (Antivirus, DLP, IPS, NAC). Knowledge of SIEM, vulnerability management tools and firewalls. Experience understanding malware, exploits, operating system structure and behavior. Experience with batch scripting and Python is a plus Strong ability to independently troubleshoot, reproduce issues and identify feasible workarounds in broad, complex, and unique environments with mixed applications and protocols required. Knowledge of Cloud infrastructure a plus Knowledge of VDI (VMWare Horizon, Citrix XenApp and XenDesktop) is a plus BS/MS or equivalent experience require

Job Summary: We are seeking a highly experienced SOC SME to lead complex incident response, design advanced detective controls, and perform proactive threat hunting across multi-platform environments. This role demands strong technical expertise in security operations and a proactive approach to threat mitigation. Work from Office - Bangalore location [Brookfield] Rotational and Night Shift applicable Mandatory Skill Set: 8+ years in Security Operations/Incident Response Hands-on with SIEM, SOAR, XDR platforms (e.g., Cortex XSIAM, Torq) Expertise in threat hunting and event analysis Knowledge of cyber frameworks: MITRE ATT&CK, NIST, Kill Chain Experience with EDR tools , network forensics , and log analysis Strong understanding of incident lifecycle and post-incident reporting Excellent analytical and communication skills Bachelor's degree in Computer Science or related field Key Responsibilities: Lead incident response (IR) and analyze complex security events Design and improve detective controls and alert use cases Conduct proactive threat hunting and trend analysis Stay updated on cyber threat landscape and threat actor TTPs Contribute to security innovation , tool enhancement, and process maturity Deliver detailed incident reports and post-mortem reviews Preferred Skills: Scripting: Python, PowerShell Cloud Security: AWS, Azure, GCP Certifications: CISSP, GIAC, CEH Strong grasp of defense-in-depth and layered security strategies

Scope: We are looking for a dynamic and strategic Vice President of Cyber Defense to lead our global cyber defense and incident response capabilities. This executive leader will own the detection, response, and mitigation of cyber threats, ensuring our organization is resilient in the face of a rapidly evolving threat landscape. The ideal candidate brings deep expertise in threat detection, SOC operations, incident response, and threat intelligence. This leader will partner across the business to build and maintain a world-class cyber defense program that proactively protects the company's assets, data, and reputation. Key Responsibilities: Cyber Defense Strategy & Operations: Develop and execute the company's cyber defense strategy, aligning with enterprise risk, compliance, and business objectives. Work with key stakeholders and business lines to ensure detection and response meet NIST CSF minimum baselines for global security operations and response. Lead 24/7/365 operations based on business need partner with Global Command and Site Reliability Teams to ensure baseline for all customer facing incidents, and internal company wide incidents are coordinated in a centralized operation center follow the sun model. Lead the global Security Operations Center (SOC), including 24/7 monitoring, detection, analysis, and response to cyber threats. Build out capabilities for detection and response for Tier 1, Tier 2, and Tier 3 security incidents and events. Implement and mature threat hunting, security analytics, and detection engineering programs. Ensure and validate Customer Incident Response and capabilities for onboarding mergers & acquisitions, new customers, and new environments as we grow and scale. Security Assessment and Continuous Threat Exposure Management:Identifying and fixing weaknesses in systems and networks including establish MTTD, MTTR, and MTTA for exposures, vulnerabilities, and potential threats. Incident Response:Investigating and responding to security breaches, including analyzing incidents and escalating them when necessary. Threat Detection and Prevention:Monitoring network traffic, system logs, and other data sources to identify potential threats and malicious activity. Security System Administration and Maintenance:Installing, configuring, and maintaining security tools like firewalls, antivirus software, and intrusion detection systems. Security Policy and Procedure Development:Creating and enforcing security policies and procedures to protect sensitive information. Security Training and Awareness:Educating employees about cybersecurity risks and best practices. Staying Up-to-Date:Keeping abreast of the latest security threats, vulnerabilities, and technologies. Threat Intelligence & Response: Build and manage a comprehensive threat intelligence function to anticipate and defend against advanced persistent threats (APTs) and zero-day vulnerabilities. Lead cyber incident response efforts, including containment, eradication, and post-incident reviews. Serve as a key escalation point during major security events and coordinate cross-functional response. Security Engineering & Automation: Oversee the development and deployment of tools and technologies that support threat detection, log aggregation, SIEM, SOAR, EDR, and XDR platforms. Drive automation and orchestration to increase efficiency and reduce time to detection/response. Hold QBRs with key security operations vendors to ensure compliance and SLAs are met with all contracts. Team Leadership & Development: Build, lead, and inspire a high-performing cyber defense team, including SOC analysts, incident responders, threat hunters, and detection engineers. Foster a culture of accountability, continuous learning, and proactive defense. Establish Career Development Plans and Growth for analysts, engineers, managers, and directors as the business grows and scales. Collaboration & Executive Engagement: Partner with IT, Infrastructure, Risk, Compliance, and Legal teams to align cyber defense practices with business needs. Provide executive-level reporting on threat landscape, risk posture, and incident metrics. Act as a thought leader and spokesperson on cyber defense strategy internally and externally. Qualifications: Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field. 15+ years of experience in cybersecurity, with at least 5 to 8 years in a senior leadership role overseeing SOC, incident response, or threat intelligence. Deep knowledge of security operations, threat detection techniques, MITRE ATT&CK, and NIST/ISO frameworks. Proven track record managing large-scale incident response, threat intelligence operations, and blue team functions. Experience with cloud security (AWS, Azure, GCP) and hybrid infrastructure defense. Strong executive presence and ability to communicate effectively with C-level stakeholders. Relevant certifications such as CISSP, GIAC, GCIA, GCIH, or equivalent are highly desirable. Our Values If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours Find out here: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Product Manager-AI for Security - J49049 Core Requirements 47 years of product management experience, with at least 2+ years in cybersecurity platforms (e.g., SIEM, SOAR, XDR, or TIP) Experience working with GenAI/LLM use cases in security contexts Strong communication and market-facing presence Deep understanding of: SOC operations and detection engineering Telemetry sources: PCAP, NetFlow, EDR logs, UEBA signals Adversary tactics (MITRE ATT&CK) and incident response flows Required Candidate profile Candidate Experience Should Be : 4 To 7 Candidate Degree Should Be : BE-Comp/IT,BEd

Role & responsibilities Preferred candidate profile

Summary Lead Endpoint Security and Management, shall be responsible for ensuring the day-to-day operations and maintenance of the organization's Endpoint security. Strengthen security posture and ensure the control effectiveness of security systems within an organization. Collaborate with diverse teams to ensure the seamless functioning of the Solutions, optimization of the security infrastructure and controls. Role & responsibilities 1. Ensure the day-to-day operations and maintenance of the organization's cyber security infrastructure and controls to protect systems, networks, and data. 2. Configuration, Monitoring & Troubleshooting of Antivirus, EDR, XDR, DLP, APT, Sandboxing, Secure Proxy, Endpoint Security, PIM,HIPS, FIM, Laptop/Desktop Encryption etc. 3.Provide resolution of issues escalated from L1 and L2. Handling Shift Operations across 24x7 4.Prepare HLD & LLD, generate configuration template etc for changes. 5. Ensure coverage and effectiveness of Security Solution, Report and Review incidents. 6. Ensure optimum security, availability, performance, and capacity of security solutions under management 7. Ensure & maintain up-to-date documentation - SOPs, Architecture digrams etc. to remove dependency on people 8. Manage configuration changes and deployments according to established change management processes, ensuring minimal disruption and adherence to best practices. 9. Ensure hardening, latest stable version and security patches of security devices and solutions 10. Track EOL/EOS and ensre that there no technology obsolescence. 11. Ensure resolution of incidents and outages, coordinating with internal teams and external vendors to restore service within agreed-upon SLAs. 12. Manage escalations and run the smooth operations of security solutions. 13. Ensure relevant processes are followed for change, incident & daily operations 14. Identify & analyse pain areas in existing security operations & implement improvements 15. Manage operational issues which require design/technical inputs. 16. Ensure compliance with regulatory requirements, security policies, and security frameworks such as ISO 27001, NIST, or CIS 17. Publish the relevant dashboards and status updates. 18. Escalate deviations and violations in a timely manner. 19. Remain current with organizations security policies, latest security advisories/threats, industry best-practices and developments in cyber security, and recommend and implement best practices and technologies to mitigate emerging threats. Knowledge 1. Sound experience in managing Endpoint security technologies and operations in a large and complex environment. 2. Should have sound understanding & knowledge of various Operating system, security technologies & techniques like Anti-malware,APT, Sandboxing, Secure Proxy, Endpoint Security, PIM, NAC,HIPS, FIM, Laptop/Desktop Encryption etc. 3. Should have hands on experience on Antivirus, EDR, XDR, DLP and incident response techniques and technologies. 4. Should have knowledge & understanding of Cloud Technologies, IT infrastructure & networking technologies, operations and security principles. 5. Should have sound understanding about Threat Hunting, Mitigation and Response. 6. Strong understanding of Regulatory security guildelines & master directions and security frameworks such as ISO 27001, NIST, or CIS. 7. Should be well versed with ITIL and ITSM practices. Preferred candidate profile 1. Exceptional analytical, conceptual thinking, Troubleshooting and problem-solving skills. 2. Strong leadership, negotiation, and conflict resolution skills. 3. Detail-oriented with a focus on quality and accuracy in project/service deliverables 4. Should have strong written, verbal and presentation skills. 5. Ability to perform under pressure, influence stakeholders and work closely with them to determine acceptable solutions.

Role & responsibilities Mini. 2 years of experience implementation & operations. The resource should have implemented at least 4-5 projects in customer environment. Should be able to create HLD & LLD documents and should be able to draw architecture as per customer need Working Knowledge of SOC/ SIEM tools and operational understanding Must have lead team of Security Cons ultants/ Analysts Should have sound knowledge of products & should be able to carry out the POCs, Implementation and Operations support Should lead the delivery of multiple projects at customer locations Should have knowledge of following products (with Operations and Implementation) DLP/ Proxy Forcepoint, Symantec, Cisco, McAfee , Zscaler Email Security – Symantec, Forcepoint, Cisco NAC Solutions – Cisco ISE, Forcescout EDR/ XDR Solution – Trend Micro, Crowdstrike SOC SIEM Solution (Arcsight, Qradar, RSA or Seceon) ( Must have hands-on experience from any two of above) Excellent English communication skills mandatory Excellent documentation skills mandatory Understand reporting capabilities Preferred candidate profile Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT Good to have industry certifications on SIEM Platform, CCNA, CEH, MCSE & Others Bachelor’s Degree in Computer Science or equivalent required 5-10 years’ experience in IT security Good communication skills Strong level of customer service required

Job Summary: We are looking for an experienced SOC Security Analyst SME to join our cybersecurity team. This role involves real-time monitoring, threat hunting, incident response, and implementing modern detective controls to proactively defend against evolving cyber threats. Need Immediate Joiners or with a notice Period of a Month would be preferrable. Work From Office and will have Rotational Shifts. Key Responsibilities: Analyze and respond to security alerts and incidents. Perform deep-dive investigations to identify root causes and suggest mitigations. Design modern detective controls and continuously improve detection capabilities. Conduct proactive threat hunting and improve alerting use cases. Participate in 24/7 incident response rotation and document IR activities. Stay informed on threat actor tactics and industry trends to enhance security posture. Mandatory Skills & Qualifications: Bachelors degree in Computer Science, InfoSec, or related field 57+ years of experience in a Security Operations Center (SOC) or similar role Strong background in threat hunting and security incident analysis Experience with SIEM, SOAR, and XDR tools (e.g., Cortex XSIAM, Torq) Familiarity with cybersecurity frameworks like NIST , MITRE ATT&CK , and kill chain methodology Excellent analytical skills and attention to detail Preferred (Good-to-Have) Skills: Cloud security (Azure, AWS, GCP) Incident response experience in complex environments Endpoint and network forensic analysis Certifications: CISSP, GIAC, CEH Scripting in Python, PowerShell

Role & responsibilities 9+ years of experience in cybersecurity, specializing in Managed Security Services (MSS) and advanced operational environments. Familiarity with a wide range of cybersecurity solutions, including Threat Detection and Response technologies (e.g., SIEM, SOAR, EDR, XDR), Identity Management systems (e.g., IGA, PAM, SSO), and Data Protection tools. Strong understanding of the technology landscape and the cybersecurity challenges faced by organizations. Proven ability to build and maintain relationships with decision-makers, including C-suite stakeholders, to drive business growth. Skilled in managing the sales pipeline from lead generation to deal closure, ensuring accurate forecasting and alignment with client objectives. Excellent communication and presentation abilities to articulate complex security solutions effectively. Capable of independently driving sales opportunities through the full cycle, including product demonstrations and collaboration with internal teams (e.g., solution architects, delivery managers). Experienced in working with GCCs in India is highly preferred. Proficient in CRM tools, Microsoft Office, and industry best practices. Continuously monitors industry trends, competitor strategies, and market developments to identify and seize new opportunities. Willingness to travel to meet business needs.

Key Responsibilities: • Design, implement, and manage Palo Alto Networks solutions including: • Next-Gen Firewall (NGFW) • EDR/XDR (Cortex XDR) • SIEM/SOAR (Cortex XSIAM) • Lead and support migration projects from legacy platforms (e.g., Splunk, Sentinel, QRadar) to Palo Alto Cortex XSIAM • Work with clients to understand business requirements and deliver tailored cybersecurity solutions • Perform threat hunting, alert tuning, policy configuration, and use case development • Collaborate with global teams (onshore/offshore model) for delivery in sectors like Telecom, Finance, Retail, and Public Sector Support security assessments, integrations, and continuous improvement initiatives Required Skills & Qualifications: • Strong hands-on experience in Palo Alto technologies (NGFW, Cortex XDR/XSIAM) • Proven knowledge of cybersecurity operations , SOC processes, and incident response • Experience with SIEM migration and integrations • Understanding of threat intelligence, detection engineering, and automation • Good knowledge of scripting (Python, PowerShell) and log analysis Excellent communication and client-facing skills Preferred Certifications: • Palo Alto Networks Certifications such as: • PCNSE (Network Security Engineer) • Cortex XDR/XSIAM certifications (if available) • Additional certifications like CEH, CISSP, or relevant SIEM/EDR vendor certifications are a plus Why Join Us? • Opportunity to work on cutting-edge XSIAM and XDR deployments • Part of a growing global team delivering high-impact security projects • Exposure to federal and enterprise-grade environments • Flexible work culture with opportunities for on-site (Australia/US) engagements

Job Role: IT Infrastructure Security Engineer . Location: Bangalore. Notice Period: Immediate to 30 days. Responsible for designing, implementing, and maintaining security measures to protect an organizations IT infrastructure. This role involves securing networks, servers, cloud environments, and other critical IT systems against cyber threats. The engineer works closely with IT, security, and compliance teams to ensure a robust security posture and adherence to industry standards. Key Responsibilities Infrastructure Security & Compliance Design and implement security controls to protect IT infrastructure, including servers, networks, databases, and cloud environments. Conduct security assessments, vulnerability scans, and penetration tests to identify weaknesses and recommend mitigation strategies. Ensure compliance with industry standards such as ISO 27001, NIST, CIS, GDPR, HIPAA, PCI-DSS, and SOC 2 . Develop and enforce security policies, procedures, and best practices for IT infrastructure. Monitor system logs, network traffic, and security alerts to detect and respond to threats in real-time. Network & Cloud Security Secure on-premises and cloud environments (AWS, Azure, Google Cloud) using security best practices. Implement firewalls, IDS/IPS, VPNs, and Zero Trust architectures to safeguard enterprise networks. Configure and manage endpoint security solutions, SIEM, EDR, XDR , and other security tools. Implement identity and access management (IAM) solutions, including privileged access management (PAM). Incident Response & Threat Management Investigate and respond to security incidents, breaches, and anomalies in coordination with SOC teams. Develop incident response plans (IRP) and lead forensic analysis for security events. Work closely with security operations teams to automate threat detection and response processes. Security Automation & Infrastructure Hardening Use Infrastructure as Code (IaC) to automate security configurations (e.g., Terraform, Ansible). Implement patch management, vulnerability management, and endpoint security policies . Secure containers and Kubernetes environments in DevOps pipelines. Harden operating systems (Windows, Linux) and cloud environments against cyber threats. Collaboration & Continuous Improvement Provide security training and awareness to IT teams. Collaborate with DevOps, IT, and compliance teams to integrate security in CI/CD pipelines. Stay up to date with emerging cyber threats and recommend new security technologies. Qualifications & Skills Technical Skills Strong knowledge of network security, cloud security, and endpoint security . Experience with firewalls, IDS/IPS, SIEM, EDR/XDR, and encryption . Hands-on experience with AWS Security, Azure Security Center, Google Cloud Security, and IAM solutions . Familiarity with scripting and automation (Python, Bash, PowerShell). Expertise in Active Directory (AD), Zero Trust security, and PKI . Knowledge of compliance frameworks like ISO 27001, NIST, CIS, GDPR, PCI-DSS . Soft Skills Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. Ability to work under pressure and manage multiple security tasks. Detail-oriented with a proactive security mindset. Certifications (Preferred but Not Mandatory) CEH (Certified Ethical Hacker) CISM (Certified Information Security Manager) CCSP (Certified Cloud Security Professional) AWS Security Specialty, Azure Security Engineer, or Google Cloud Security Certifications CISSP (Certified Information Systems Security Professional) Work Environment & Tools Security tools: Wazuh SIEM, Splunk, Palo Alto, Fortinet, CrowdStrike, SentinelOne, Qualys, Tenable, Nessus Cloud platforms: AWS, Azure, Google Cloud . Operating systems: Windows, Linux, macOS . Automation: Python, Terraform, Ansible, PowerShell.

We are excited to announce an excellent opportunity for a Senior Network Engineer - Palo Alto to join our dynamic internal IT team! Job Title: Senior Network Engineer - Palo Alto (L3) Location: Hyderabad Experience: 5+ Years Shift: Rotational Shifts (must be comfortable with shift work) Availability: Immediate joiners or candidates who can join ASAP Overview: SHI has an exciting opportunity in our internal IT department. We are looking for an experienced Sr Network Engineer to be a member our internal Network Infrastructure team. This team is responsible for managing our network and providing support for SHI. We are looking for a highly motivated lead engineer to help develop our operation, mature our processes, and drive our effort to scale the companys needs. This engineer will lead the network team in developing and implementing new secure network designs. The Sr. Network Engineer will report to the Manager of Networking Engineering. Responsibilities: Include but not limited to: Implement products, platforms, software, hardware, or appliance-based solutions related to network and network security. Solve unique or complex problems that have a broad impact on the business. Take a broad perspective to identify innovative solutions. Interface with management and vendors to develop and implement new solutions to meet business requirements. Multi-site datacenter design, migrations and buildouts with disaster recovery planning and implementation. Multi-site WAN/MAN/SDWAN design, implementation and support. Design, implementation and support of cloud environment connected to the enterprise network (direct, VPN) Design and manage the rollout of various network infrastructures with necessary capacity planning, performance tuning, and configuration optimization. Perform network maintenance and system upgrades including service packs, patches, hot fixes and security configurations. Maintain network security across the global enterprise; analyze networks for security threats. Monitor organization’s networks for security breaches and investigates violations when they occur. Use network tools for administration, maintenance, automation, and visualization reporting. Develops technical documentation describing the deployment, configuration, and management of network infrastructure. Participates in IT security audits. Responds to existing audits and ensures required controls are implemented as required. Builds strong relationships outside of IT to understand business needs. Communicates complex details in a way that people can understand. Advocates for the end user and stakeholder by becoming associated with the products, empathizing with and understanding user needs. Qualifications: 3+ years of experience with Palo Alto Prisma Cloud, Next-Generation Firewalls, Cortex XDR, Pan-OS, Panorma, and Global Protect. Technical Certifications such as CCNP, NSE4-6, PCNSE, PCNSA, PCSAE, AZ-700, etc. are highly desirable. 5+ Years of Experience in designing, implementing, and supporting data and converged network infrastructure including most of the following: 802.1x, vPC, VXLAN, Routing Protocols including OSPF and BGP, LAN/WAN/Wireless protocols, Network Management tools Load Balancers, Virtual Private Networks (VPNs), Firewalls, Web Application Firewalls, and other network related technologies in support of a corporate network. Required Skills: In-depth knowledge of Cisco IOS, NXOS, BGP, OSPF, EIGRP, MPLS, VXLAN Experience with Datacenter virtualization technologies. Experience with cloud (Azure or AWS) network/infrastructure technologies. Experience with Cisco and similar VOIP telephony infrastructure. Experience planning, designing, and deploying network architectures using templates at scale using Fortinet, Palo Alto, or Cisco technologies. Proven ability in network capacity and performance planning and monitoring. Possess a thorough understanding of 802.11 wireless principles. Strong ability with end-user device connectivity. In Depth knowledge of QoS and traffic shaping. Knowledge of 802.1X and SAML/SSO implementation strategies. Proven ability to analyze and solve tier 3 network incidents. Experience with network automation utilizing GitLab, Ansible, Python, or similar. You should possess excellent communication and client service skills, both written and oral, including a proven ability to create detailed technical documentation. You should possess strong analytical skills and a demonstrated ability to troubleshoot problems. Unique Requirements: After hours or weekend work for service impacting changes or problems On call for networking emergencies

Job Description: We are looking for an experienced Security Operations SME to join our team. This role focuses on incident response , threat hunting , and improving the security posture of the organization. You will be responsible for leading incident response activities, analyzing security alerts, designing detective controls, and conducting post-incident reviews. You will also hunt for potential threats across multiple platforms and stay up to date on the latest security trends and vulnerabilities. This role requires strong hands-on experience with SIEM/SOAR/XDR tools , as well as a deep understanding of security frameworks like NIST and Mitre ATT&CK . Key Responsibilities: Lead incident response activities by analyzing security alerts and coordinating responses. Hunt for indications of compromise across various platforms and design detective controls for emerging threats. Improve the organization's alerting use cases and the threat hunting program. Stay updated on the latest security trends and vulnerabilities. Participate in on-call rotation for 24/7 incident support. Document security incidents and provide reports to leadership. Conduct postmortem reviews of security incidents for continuous improvement. Skills Required: Bachelors degree in Computer Science or a related field. 5-7+ years of experience in Security Operations Role. Experience with threat hunting and working with SIEM/SOAR/XDR tools (e.g., Cortex XSIAM , Torq ). Familiarity with cybersecurity frameworks such as NIST and Mitre ATT&CK . Familiarity with network and endpoint security , EDR , and cloud defense . Industry certifications such as CISSP , GIAC , or CEH is a plus Scripting experience (e.g., Python , PowerShell ). Strong analytical and communication skills.

About the role Lead the strategy, design, and development of the shared data platform to meet company objectives founded on a thorough understanding of business unit strategies and objectives, the competitive landscape, and current and potential future business challenges. Use a data-focused approach to ensure each initiative on our product roadmap delivers a meaningful impact to our business and users. Voice of Customer Partner with pre and post sales teams as well as Trellix partners to understand the customer pain points and translate that into product strategy and bring clarity to engineering teams for execution of that strategy. Develop deep and trusted relationships with key customers, partners, and other key stakeholders. Drive Results - Attack everything with drive and energy with an eye on both the bottom line and customer success Create a talent plan designed to develop, motivate/coach, and retain top product management talent. Influence others, with strong attention to detail, excellent organization skills, and ability to manage multiple projects and responsibility. About you You bring 7+ years of cybersecurity experience (SIEM, XDR, EDR, NDR, SOC Analyst, Threat Research) and a track record of success at leading technology and product organizations while being both a strategist and executor. A customer-centric software product leader and domain expert with a history of developing a product strategy that aligns with the corporate strategy and delivering results in a fast-paced, dynamic environment. You bring years of product management experience in a product led company, developing, and executing against a product roadmap that delivers revenue growth. You bring experience building and evangelizing products that cater to security operations centers and clearly understands the day-to-day workflows that take place in those organizations such as event ingestion, enrichment, detection, analysis and response. You bring a high level of technical understanding in the areas of virtual infrastructure, container architecture, event processing, normalization and parsing, database architecture, detection engines, event transfer protocols and mechanisms and UX. You have highly effective communication & data presentation skills, enabling you to influence both business and technical teams, from executive leadership to the company. Ability to prioritize & handle multiple requests concurrently and consistently deliver superior results in a timely fashion. Effective change agent, can lead change, think out of the box, & make new ideas happen. Ability to communicate vision and strategy. You are collaborative, diplomatic, and humble. You have no problem rolling up your sleeves to help when needed.

(1) JD for DLP Engineer - L2: Experience: 5-10 years Qualification: Graduation (Computer Science), Endpoint Certification Location: Mumbai, Chennai Job Responsibilities: Log source integration and troubleshooting. Management/ maintenance of DLP and data classification solutions deployed by bidder. Implementation of any new policies with respect to DLP and data classification with help of bidder offsite team/OEM. Handling all incidents reported by solutions until closed. Co-ordinate with all Teams for follow-up for open tickets & activities. Daily administrative tasks, reporting (including daily system health report), and communication with the relevant departments in the organization. Coordinate with OEM team in Incident Validation, Incident Analysis, Solution Recommendation, Resolve Escalations, Escalation point for device issue resolution, Resolve user queries. Monitor quality and risk related activities on solutions under bidder. The implementation of solutions on additional agents after UAT signoff of the solution. Integration of additional third-party (Network/Security/cloud or on [1]prem solutions) solutions with Deployed solutions. Job Requirements: Minimum 5 years of total IT experience. 3 years of experience in implementation of DLP and data classification solutions. Qualification in full time B.E./ B.Tech/ MCA/ MSc (IT/CS)/ B.Sc. (IT/CS). Experience on DLP Forcepoint Certified from any reputed Endpoint Protection Platform. Preference will be given to candidates having certification on the proposed solution Willing to work for long-term. (2) JD for DLP Engineer - L1: Experience: 2-4 years Qualification: Graduation, Endpoint Certification Location: Mumbai Key Responsibilities: Implement and manage DLP policies to prevent data breaches. Deploy and optimize EDR & XDR solutions for threat detection & response. Monitor security incidents, conduct forensic analysis, and mitigate risks. Enforce endpoint security best practices and ensure compliance. Collaborate with IT/security teams to strengthen defenses. Requirements: 1-3 years of experience in DLP, EDR, XDR solutions. Strong knowledge of network security, threat detection, and incident response . Certified from any reputed Endpoint Protection Platform.

JD attached below : Mandatory Skills: Proven experience as a Project Manager in a Managed Security Services Provider (MSSP) environment, with a strong focus on SOC, MDR, and XDR services. Deep understanding of cybersecurity concepts, including threat intelligence, vulnerability management, incident response, and compliance frameworks (e.g., NIST, ISO 27001, GDPR, PCI-DSS). Proficiency in project management ( Preferred PMP certification) methodologies (e.g., Agile, Waterfall, PRINCE2). Experience in Client Onboarding & Service Transition

Role & responsibilities Mandatory Skills: Proven experience as a Project Manager in a Managed Security Services Provider (MSSP) environment, with a strong focus on SOC, MDR, and XDR services. Deep understanding of cybersecurity concepts, including threat intelligence, vulnerability management, incident response, and compliance frameworks (e.g., NIST, ISO 27001, GDPR, PCI-DSS). Proficiency in project management ( Preferred PMP certification) methodologies (e.g., Agile, Waterfall, PRINCE2). Experience in Client Onboarding & Service Transition MSSP Project Manager: Need to have Project management experience (must) carrying out duties such as Onboarding, transitions,. Project plan, budgeting and tight timelines Little relaxed on the tools listed out in JD A person with IT services background but with experience in SOC/Cyber security and with understanding of SOC terminology can be considered Good to have PMP/Prince-2 Skills YOE Self-Rating (out of 10) Managing projects in an MSSP environment Implemented SOC, MDR, or XDR services Cybersecurity frameworks like NIST, ISO 27001, GDPR, and PCI-DSS Managing threat intelligence or vulnerability management projects Preferred candidate profile Immediate Joiner Perks and benefits

Job DescriptionDescription: JOB DESCRIPTION of Endpoint Security Support Executive Job Title (Designation): Assistant Manager II Endpoint Security Support Executive Department: Information Technology Reports to: Senior Manager Experience: 2 /3 Years of work experience Required Qualification: Diploma in Engineering/Any Graduation Degree Preferred Qualification: Diploma in Engineering/Any Graduation Degree Skill, Knowledge & Trainings: Excellent command / highly proficient in spoken and written English Should have Exceptional customer service skills. Troubleshooting skills for Windows Operating Systems (OS). Should have working knowledge of softwares/tools used for management of Antivirus, Inventory, Application control, Windows Patches & Builds & Browser security. Proficient knowledge of computer systems and its peripherals. Microsoft trainings on Server / Client OS Fundamentals & Security preferred. Core Competencies: Excellent in teamwork with a strong sense of responsibility, accountability, reliability, and commitment Self-motivated & Self starter Ability to quickly adapt to new technologies Ability to thrive on challenges/pressure Ability to manage task flow and complete assigned project on time Demonstrate solid time management, communication, decision making, human relations, organizational skills and ability to set and manage priorities in a results-oriented way Have an analytical nature in order to determine the underlying reason for a particular problem. Solve non-standard issues that may require analytical and conceptual thinking Functional Competencies: Security Products Related Support for the following. Antivirus / EndPoint Detection & Response (EDR), Extended Detection & response (XDR). Endpoint Patch Management. Application Whitelisting Solution. Data Loss Prevention (DLP) Management. Performing Health-check exercises to ensure Compliance enforcement & adherence of all systems beings managed. Logging call with OEMs / Service providers for various issues and vulnerability related closure. Additional Competencies Strong technical knowledge of Microsoft product line including Windows & Client Operating Systems & MS Office IT asset tracking knowledge and related documentation. Expertise in advance level troubleshooting of incidents impacting end users. Capacity management of Servers hosted in virtualized environments. Adhere to system security practices. Support multiple users in a timely and efficient manner, following timely escalation process/procedures. Research, resolve, respond to, and document appropriate user inquiries, as requested. Escalate or re-assign issues as needed to appropriate resources for resolution. Good knowledge of Local Area Network infrastructure. Knowledge on basic handling of Virtual hosted Servers. Effective Co-ordination with various support teams/departments /vendors. Proficiency in Email and Telephonic communication. Ability to multi-task and prioritize workload Ability to make independent decisions when required for problem resolution. Job Purpose: Maintenance of Compliance of End user Windows systems by effective management of Security products of Antivirus, EDR & XDR, Windows Security Patches, Application Whitelisting solution & Data Leakage Solution. Area of Operations Key Responsibility Onsite & Remote Technical support to users & Onsite consultants Using centralized ticketing system for receiving & closing support related calls. Ensure support tickets are responded to in a timely manner and resolved in accordance to predefined company standards. Running day to day Server & Application checklists as part of Server / application management. Submission of monthly / quarterly reports for applications / servers being managed. Maintenance & Submission of various documentation & reports for Audits. Maintaining the build environments for all products and platforms. Adhere to Asset Management procedures, ensuring assets are fully tracked & information is maintained throughout its lifecycle in a timely fashion. Plan, execute and finalize procurement for technology spending across the organization. Experience in obtaining quotes from vendors and negotiations. Management of End user centralized Application Softwares used for Browser management, Asset Inventory management, Antivirus management. Patch management. Management of Voice Recording Systems (VRS). Management of onsite AMC vendor team to ensure call resolution is within agreed Service Level greement (SLA). Setup and support for hosting meeting via softwares such as Cisco Webex / Zoom. Audio / video conference systems setup such as Polycom / Blue Jeans. Vendor management. Replacement / Upgrade of hardware / software in line with organizations Asset Obsolescence policy & procedure. Assessment of VA/PT (Vulnerability Assessment / Penetration Test) reports and related work for closure of vulnerabilities. Day to Day investigation work related to SOC (Security Operation Centre) alerts & reports. Planning & Executing BCP for various applications being managed. Performing Health-check exercises to ensure Compliance enforcement & adherence of all systems beings managed. Provide technical support to onsite and remote personnel to ensure prompt restoration of service on a variety of systems and applications. Installation, configuration, maintenance and troubleshooting of existing endpoint environments including imaging and complete system setups.

Job Title: Subject Matter Expert (Palo Alto Networks) Location: Bangalore/Hyderabad Job Summary: We are seeking a highly skilled and motivated Network Security Engineer specializing in Palo Alto Networks' security solutions, including Cortex XDR and EDR. The successful candidate will be responsible for providing expert-level troubleshooting, supporting the design and development of security solutions, and ensuring the effective detection and response to cybersecurity threats. This role offers the opportunity to collaborate with internal teams and customers while mentoring junior engineers and driving security improvements. Key Responsibilities: Expert-Level Support: Provide expert-level support for Palo Alto Networks' Cortex XDR and EDR solutions, ensuring effective detection and response to cybersecurity threats. Troubleshooting: Troubleshoot and resolve complex issues related to endpoint security, including agent communication problems, detection anomalies, and other related incidents. Collaboration: Collaborate with internal teams to implement design modifications and improvements based on troubleshooting findings. Security Incident Management: Develop and execute methodologies to identify, recommend, and implement resolutions for malware and other EDR-detected incidents. Threat Awareness: Stay updated with the latest threats, vulnerabilities, and security trends to proactively address potential risks to the network infrastructure. Solution Design and Development (L4 only): Lead the design, development, and validation of customer-focused use cases on the Cortex XDR platform. End-to-End Workflow Ownership (L4 only): Own end-to-end workflows for major components of security services, from inception through release, ensuring seamless integration and functionality. Customer Engagement (L4 only): Engage directly with customers, account managers, and sales teams to gather requirements, provide technical guidance, and ensure customer satisfaction. Test Planning and Execution (L4 only): Develop and execute comprehensive test plans based on customer requirements and design specifications, ensuring the solutions meet the highest security standards. Mentorship and Coaching (L4 only): Mentor and coach junior team members, fostering a culture of continuous learning and improvement within the team. Qualifications: Education: Bachelors degree in Computer Science, Information Technology, or a related field. A Master's degree is a plus for Level 4. Experience: Minimum of 4+ years (L3) / 6+ years (L4) of experience in network security, with a focus on Palo Alto Networks solutions, including Cortex XDR and EDR. Strong background in endpoint security, threat detection, incident response, and troubleshooting. Proven experience in designing and validating security solutions and working with internal teams to implement effective security measures. Certifications: Palo Alto Networks Certified Network Security Engineer (PCNSE) or equivalent certifications preferred. Additional certifications in security or cloud technologies (e.g., AWS, Azure) are a plus. Technical Skills: Deep understanding of endpoint security principles, malware detection, and network security protocols. Proficiency in troubleshooting complex security issues and optimizing configurations. Experience with cloud technologies (AWS, Azure, GCP) and virtualization platforms. Familiarity with scripting languages (e.g., Python, Bash) for automation and tooling. Communication: Exceptional communication skills to effectively engage with technical and non-technical stakeholders. Ability to present complex technical concepts clearly and concisely to customers, team members, and leadership.

Role: Security Engineer / Senior What youll do for us Execute routine operational security tasks, ensure ongoing compliance, and conduct security assessments across a variety of technologies and third-party vendors. Serve as the primary point of contact for Endpoint Security . Oversee and report on security tool performance (e.g., SIEM, EDR/XDR, IAM ). Lead security incident triage, investigation, and response efforts, leveraging EDR solutions for enhanced detection and remediation. Proactively search for and identify potential threats within the environment. Perform in-depth analysis of malware to understand behavior, impact, and mitigation strategies. Conduct forensic analysis and manage evidence collection. Support compliance initiatives , including privileged access reviews and change monitoring. Track and report on operational metrics related to security alerts and incidents. Perform security reviews across infrastructure, applications, and third-party services. Contribute to various programs and initiatives aimed at advancing the companys information security policies and standards. Champion security best practices and raise security awareness across the organization. What youll have 5+ years of experience in security analysis, security operations, or a forensics role. In-depth knowledge of SOC operations and Endpoint Security. Proven experience with network, systems, and application security. Familiarity with industry-standard security and control frameworks such as ISO 27001/2, NIST, and CIS. Strong interpersonal skills and the ability to communicate complex security and risk concepts to both technical and non-technical audiences. High level of personal integrity and discretion in handling confidential information. Self-motivated, dependable, and able to work independently with minimal supervision. A genuine passion for security and a strong commitment to seeing projects and investigations through to completion. Enjoyment of collaborative work in a team-oriented environment What we’ll do for you: Flat organization: With a very strong entrepreneurial culture (and no corporate politics). Great people and unlimited fun at work. Possibility to really make a difference in a scale-up environment. Support network: Work with a team you can learn from every day. Diversity: We pride ourselves on our international working environment. AI is firmly on every CEO's agenda, o9 @ Davos & Reflections: https://o9solutions.com/articles/why-ai-is-topping-the-ceo-agenda/ Work-Life Balance: https://youtu.be/IHSZeUPATBA?feature=shared Feel part of A team: https://youtu.be/QbjtgaCyhes?feature=shared How the process works... We will share a link to create your profile on workday & Respond with your interest to us. We’ll contact you either via video call or phone call - whatever you prefer, with the further schedule status. During the interview phase, you will meet with the technical panel for 60 minutes. We will contact you after the interview to let you know if we’d like to progress your application. There will be 2 rounds of technical discussion followed by a Managerial round. We will let you know if you’re the successful candidate. Good luck!