46 Azure Sentinel Jobs - Page 2

Role & responsibilities Strong background developing Azure Sentinel/DEVO analytics rules, incidents, playbooks, notebooks, workbooks, threat hunting within the Azure Cloud. Strong and demonstrated background working with Log Analytics Workspaces, Kusto Query Language (KQL), Language integrated query Dashboard\workbook development. Strong understanding of Azure PaaS services. Solid experience with Logic Apps in Azure Experience in Creation of Resource groups, Log analytics workspace for Azure Sentinel & DEVO Integration to Data sources Develop SIEM and SOAR use cases and log data collection utilizing the Azure Sentinel, DEVO and Azure Log Analytics toolsets. Highly proficient with Azure Sentinel, DEVO and Azure Log Analytics. Develop analytics rules, incidents, playbooks, notebooks, workbooks, threat hunting and KQL queries for data normalization and parsing capabilities within Log Analytics' data ingestion pipeline. Develop incident response capabilities using Logic Apps in Azure. Integrate and automate developed use cases into Azure DevOps CI/CD pipelines. Develop Jupyter notebooks in Python and integrate them with Azure Sentinel Understanding of Azure Lighthouse, Azure AD, B2B, and common Cloud authentication patterns. Ability to configure, automate, harden, and deploy Azure Sentinel Services. Possess skills on Use case Development DEVO, Sentinel, Splunk. Hands-on experience with Sentinel/Splunk SIEM use case creation and tuning. Strong understanding of Cloud Security and Networking Concepts and practices. Work with Tactical Use Case Development team to assist in processing the more intricate use case development tickets from our customer request queue. Excellent knowledge on MITRE Tactics and Techniques Work closely with our Threat Intel team to identify security alerting gaps that we can fill with our detection services. Back up Operation Use Case Development team on SIEM onboarding tasks and Security Analyst collaboration. Experience with multiple attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques Provide superior technical security expertise to ensure that the Security Operations Centre (SOC) is always delivering a professional service to its customers Conduct detailed analytical queries and investigations, identify areas that require specific attention, identify indicators of compromise (IOC) or events of interest (EOI) that need further investigation and develop use cases and rules to be developed into the SIEM platform Develop and improve Security Information and Event Management (SIEM) content and all relevant technologies used in the team, continually refining and create the rules and logic (use cases) to make the detection capabilities more efficient and effective Create and enhance internal processes and procedures Professional communications and reporting to SOC stakeholders and customers Act as a mentor and team lead to all First Level Security Analysts, support and supervise them, ensure knowledge transfer within the team Deliver qualified information about actual threats and indications, recommendations how the associated risk can be mitigated Contribute to the overall performance and success of the Security Operations Centre Build on and continuously improve SOC analytics framework Ensure effective operation of SIEM content: filters, rules, expressions and other identification mechanisms of the threat and vulnerability management technologies used within the SOC Mentor and guide the First Level Security Analysts Provides professional data analysis within the SOC processes and to SOC customers in order to drive further security measures and risk mitigation activities. Responsible for execution and maintenance of SOC related analytical processes and tasks Detailed technical security reporting to Management operating companies and appropriate stakeholders Work closely with other Information Security teams to ensure effective intrusion detection and incident response Continually maintain and improve technical capabilities through individual development activities, accreditations and certifications to remain constantly prepared to challenge the ever-evolving cyber threat Deep information security expertise Knowledge of network concepts, Windows and Unix administration Knowledge of typical security devices such as firewalls, intrusion detection systems, AV and End Point security, Web Application Firewalls, anti-spam systems, event correlation systems, etc. Understanding of security threats, attack scenarios; analysis and intrusion detection skills Analytical and Communication Skills: a. Excellent analytical skills and out-of-the box thinking b. Excellent communication capabilities c. Team player d. Fluent in English Quick learner and intuitive thinker the more you learn, the faster you’ll grow. Effective time task management skills. Confidence in independently delivering technical solution. Good problem-solving skills; ability to visualize a problem/situation and think abstractly to solve it

Job Information Job Opening ID ZR_1690_JOB Date Opened 24/01/2023 Industry Technology Job Type Work Experience 10-12 years Job Title Security Architect City Mumbai Province Maharashtra Country India Postal Code 400001 Number of Positions 4 Roles & Responsibilities: Azure Security Posture and Azure Sentinel SIEM, Azure Security Center, Azure Policy, Azure Sentinel and Azure Monitor The focus of this team is to identify security vulnerabilities, remediate and implement security controls across MCS. Excellent stakeholder management skills and should be able to manage stakeholders at senior levels. Experience in proposing technical solutions in Microsoft. Experience in application security implementation using Azure AD Knowledge of CI and CD processes and Tools like AzureDevOPs Knowledge of defining build and release pipeline. Good understanding of cloud design patterns Ability to quickly perform POC on technically challenging requirements. Suggest tool/frameworks in given problem context Excellent written and oral communication skills Self-starter with quick learning ability and efficient Implementation skills with respect to country nuances Consultative and service bent of mind while dealing with key stakeholders Multi-task and should be able to work under stringent deadlines Ability to understand and work on various internal check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

About V Group V Group Inc., an IT-based solution entity based out of New Jersey. With multiple offshore sites (Pune and Bhopal) in India. With offerings ranging from IT infrastructure to Product development, V Group Inc provides a compliant service in numerous industry sectors while maintaining structure, stability, and core values. Ranked by INC5000 in 2020 - Fastest Growing IT Co. in the USA. Current business groups include e-commerce, Digital, Professional services, IT projects, and Products. Join our team of innovative technical and business-savvy people; with a passion for creating solutions! Visit us at: https://www.vgroupinc.com (Corporate website) || https://www.webstorevgroup.net (Ecommerce Store) || https://www.vgroupdigital.com/portfolio (Digital Products). Job Details: Position Title : Security Operation Analyst (L1 SOC) Job Locatio n: Pune Job Timing: Rotational (On Call support is required) Experience : 4+ Years of relevant experience. Job functions: The security analyst, Level 1, works within the SOC (Security Operations Center) and is responsible for the monitoring of systems, investigating root causes, and coordinating with Level 2 and 3 engineers for analysis and response. SIEM Alert Investigation . Monitor alerts and notices from firm’s managed SIEM solution. Alerts may require investigation, coordination, or escalation. Monitor Microsoft Defender ATP High alerts through Azure console and email. Same as above. Web site blocks/ Exceptions. Using the Cisco Umbrella platform, manage exceptions to policies by whitelisting or otherwise allowing someone to access a site, once approved. Perform vulnerability scans on new servers and other resources prior to allowing them to be put into production. Notify stakeholders of vulnerabilities to be remediated and steps to remediate them. Assist with regularly scheduled vulnerability scans . Assist with the renewal and acquisition of certificates Communicate policies with end-users Create new ways to search for potentially suspicious events on systems Participate in projects to improve security monitoring toolkits as well as to improve defensive controls Provide different types of data to measure security and compliance Understanding of an Information Security Management program and related standards such as ISO 27001, NIST, COBIT, etc. Additional Activities: Support in incident management, build skills to grow Support in Vulnerability Assessment, Threat Intelligence, coordinating patches Assist in configuration of Azure Sentinel E5 EMS Microsoft Security migration support in future Requirement : 3+ years of experience L1 support analyst in SOC (Security Ops Groups) MUST HAVE: SIEM tool experience MUST HAVE: Azure Defender, Azure ATP (Advance Threat Protection) Experience Good to have: Azure Sentinel, E5 EMS Microsoft Security exp., Azure Security Center Perks & Benefits Health & Accident Insurance Paid Leaves and Sick Leaves Education sponsorship / Certification Reimbursement Free Training Platforms Gym membership EPF, Gratuity. Onsite Opportunities.

SOC Analyst 5+ Years of exp in SOC, and should have exp with Azure/AWS cloud. Exp in Remediation and "Defender for Cloud " is a must. About the role As a SOC Analyst L3, you will play a critical role in strengthening our organization's security posture through proactive threat detection and response. You will monitor system and network activity for any dangers or weaknesses and delve into the details of potential security incidents. Along the way, you will get to: Incident Analysis: Analyze security notifications to identify potential security issues and evaluate their impact and severity. Incident Response: Oversee the response to verified security incidents, including containment measures and investigation. Threat and Vulnerability Analysis: Investigate, document, and report on information security issues and emerging trends. Adjust Security Tools and Processes: Fine-tune security tools and processes to improve the organization's overall security posture. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. What were looking for Technical Proficiency: In-depth knowledge of security protocols, techniques, and technologies. Analytical Skills: Ability to analyze system performance and troubleshoot complex security issues. Communication: Effective communication skills to interact with team members and stakeholders. What you can expect Were legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another locationeven an international destination—for up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Today's talent leads tomorrow's success. Learn more about Insight: https://www.linkedin.com/company/insight/

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Resource would be working directly with Client driving enhancements and recommending technological enhancements. Integrating custom applications by developing custom connectors like OT and internal build applications. Perform Log Analytics Migration from different Azure regions, basically performing architectural changes recommended by audit team. Working with Cyber Threat client team to develop detection models using Sentinel Jupiter. Work with security architects to recommend and build DR environment for Azure Sentinel. Integrate Anomaly Threat Stream with Azure Sentinel. Would be working with infrastructure architects to segment sentinel resources based on Tier architecture. Recommend and implement new upcoming Azure Sentinel features. Recommend and Architect Complex SOAR automations using Azure Logic Apps. Professional & Technical Skills: Must Have Skills: Proficiency in Azure Sentinel Build activity. Strong understanding of threat intelligence analysis Experience in designing and implementing security solutions Knowledge of security compliance standards and regulations Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in which 4 years of experience in Azure Sentinel deployments and implementation. This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Job Summary: We are looking for a skilled Microsoft Sentinel SIEM Engineer to join our Cybersecurity Operations team. The ideal candidate will be responsible for the deployment, configuration, integration, and operational support of Microsoft Sentinel as a core SIEM platform, ensuring efficient threat detection, incident response, and security monitoring. Key Responsibilities: Design, implement, and manage Microsoft Sentinel for enterprise security monitoring. Develop and maintain analytic rules (KQL-based) and detection use cases aligned with MITRE ATT&CK. Integrate various log sources (on-prem and cloud) including Microsoft 365, Azure, AWS, endpoints, firewalls, etc. Create and manage playbooks using Azure Logic Apps for automated incident response. Monitor data connectors and ensure log ingestion health and optimization. Conduct threat hunting and deep dive analysis using Kusto Query Language (KQL). Optimize performance, cost, and retention policies in Sentinel and Log Analytics workspace. Collaborate with SOC analysts, incident responders, and threat intelligence teams. Participate in use case development, testing, and fine-tuning of alert rules to reduce false positives. Support compliance and audit requirements by producing relevant reports and documentation. Required Skills & Qualifications: 3+ years of experience working with Microsoft Sentinel SIEM. Strong hands-on experience with KQL (Kusto Query Language) . Solid understanding of log ingestion from different sources including Azure, O365, Defender, firewalls, and servers. Experience with Azure Logic Apps for playbook creation and automation. Familiarity with incident response workflows and threat detection methodologies. Knowledge of security frameworks such as MITRE ATT&CK, NIST, or ISO 27001 . Microsoft certifications such as SC-200 (Microsoft Security Operations Analyst) or AZ-500 are preferred. Good to Have: Experience with Defender for Endpoint, Defender for Cloud, Microsoft Purview. Knowledge of other SIEM platforms (e.g., Splunk, QRadar) for hybrid environments. Scripting experience (PowerShell, Python) for automation and integration. Certifications (Preferred but not mandatory): SC-200 : Microsoft Security Operations Analyst AZ-500 : Microsoft Azure Security Technologies CEH , CompTIA Security+ , or equivalent

We are seeking a highly skilled SOC Security Engineer with expertise in Azure DevOps and Azure Sentinel to join our Security Operations Centre (SOC). The ideal candidate will have a strong technical security background and a deep understanding of cloud environments, particularly Azure. This role requires the ability to develop and implement security use cases and rules within the Azure Sentinel platform, ensuring the SOC delivers professional and effective services to its customers. Role & responsibilities Excellent knowledge of one of the SIEM products Azure DevOps. Proven experience in a SOC environment, with a focus on Azure Sentinel and Azure DevOps. Must have technical security expertise to ensure that the Security Operations Centre SOC is always delivering a professional service to its customers. Good knowledge of Cloud especially Azure Experience of building Azure sentinel is a must. Understanding of security threats attack scenarios analysis and intrusion detection skills. develop use cases and rules to be developed into the SIEM Azure Sentinel platform Knowledge of network technologies Windows and Unix administration Knowledge of typical security devices such as firewalls intrusion detection systems AV and End Point security Web Application Firewalls anti-spam systems event correlation systems. Primary Skills Terraform Azure DevOps. Azure Security. Education and Certification: Degree in Computer Science, Information Technology, or a related field. Certification: Good to have Azure Security Certifications AZ-900,AZ-104

Job Summary Site Reliability Engineer Responsibilities Ensure security automation across our entire platform collaborating with developers security and operations teams to ensure platform integrity Have a passion for Security Agile and DevOps and promote shiftleft and ShiftRight culture which integrates security analysis into each CI/CD stages Implement new tools and processes to enable security in Cloud environment Automatic audit and implement security control in the DevOps CI/CD pipeline ensuring processes are followed maintained reviewed and updated regularly Contribute to SRE operations (Production support incident response and Oncall rota) Pasion for observability The skills you will need Strong experience in SRE practice with knowledge of conducting security checks and mitigation (static and dynamic code analysis SAST DAST IAST vulnerability analysis / penetration tests security component analysis) Hands on Experience with Azure DevOps is a must including Repos advanced pipelines and package management. Must have knowledge in Azure Cloud and its solutions Hands on Experience in IaC JSON/YAML Azure Bicep Azure policies Azure DevOps Open Telemetry Azure Monitoring Azure Sentinel Azure Defender Grafana Kusto queries Kubernetes AKS Azure ARC BICEP Azure function apps Azure Synapse PowerBI Azure Data Factory Dynamics 365 AzureML and MLflow Programming skills on PowerShell Knowledge on building and testing .NET and C# application and APIs Experience onCloud Networking Skills (TCP/IP SSL SMTP HTTP FTP DNS) WAF IPS/IDS Azure FrontDoor Experience working on large scale distributed systems with deep understanding of design impacts on performance reliability operations and security Working Experience in Monitoring tools and their implementation preferably with Azure Monitoring Suit. Knowledge of securing APIs and security in microservices is beneficial Should have demonstrated ability to work in an Agile environment Strong communication and teamwork skills Certifications Required Azure DevOps

Security Engineer: ( Microsoft Subject Matter Expert) : Fulltime Remote About the Role: Do you want to be on the frontline fighting for safe use within the digital frontier? Does describing your job to your family and friends as being a cyberwarrior or threat hunter sound awesome or awe inspiring? Then join us as part of our Security Operations Center (SOC) Engineering team as a Microsoft Services Subject Matter Expert (SME) supporting our frontline Threat Hunters. In addition, given the rapid changes within the Microsoft ecosystem you will also be working cross-functionally with Product Management and R&D Engineering to drive differentiation within our service as well with our Business Development team to help maintain the relationship with Microsoft. While this role will have business responsibilities that will help you expand your career options, the primary day to day role is as a Security Engineer. As a Security Engineer, you will serve as a critical support system for the SOC. You will create, enhance, and tune alerts and detections so that the SOC can best defend our client's networks. Your goal will be to continually improve the detection and alerting that the SOC receives. In some cases, you will work directly with clients to ensure that they send us the most beneficial and important data. You will leverage our tech stack, elements of Microsoft and provide ongoing support both internally and externally. In short, you will be a critical member of the team using Microsoft Defender, Microsoft Sentinel, Microsoft Suite including Purview, Entra, Intune tools, the Pondurance SIEM and SOAR as well as other products and services to protect our clients in the ever-changing threat landscape. Responsibilities: Stay on the forefront of the Microsoft ecosystem Drive security detection improvements Tune existing alerts and client data in our SIEM tooling for optimal performance. Identify workflow improvements and curate new automations through our SOAR platform Assist in continuous improvement efforts to evaluate detection and response capabilities Develop methods to detect potential threats Maintain the SOAR platform in support of day-to-day SOC activities Work with cross-functional teams to enhance detection capabilities Qualifications: Strong understanding of tuning alerts and pertinent logs to aid in detecting threats Expert knowledge of Microsoft including, but not limited to Defender, Sentinel, Purview, Entra, and Intune Experience building data retrieval from the Microsoft security ecosystem Leveraging detection mechanisms within SIEMs and SOAR A strong understanding of cyber-attacks, MITRE ATT&CK framework, emerging threats and threat modelling as well as security research techniques Intermediate experience with Python, PowerShell, Bash or Go Intermediate experience with IDS/IPS systems Talents: Ability to adjust and adapt in a fast pace and dynamic environment, including changes in responsibilities as the business evolves. Capacity for Synthesis: bring together disparate elements to create a coherent entity or a big-picture overview in order to gain a new perspective Applied Technical Thinking: apply specialized, theoretical knowledge to efficient operational uses Demonstrate strong composure with a balance of urgency and intensity, as well as focus

Job Description: Were searching for Senior Security Engineer to assist our 247 managed security operations center. This role is in Integration Department, responsible for the strategic, technical, and operational direction of the Integration Team Responsibilities: • IBM QRadar/ Sentinel / Datadog , Integration and content management, Event Collector deployment/upgradation. • Troubleshooting skills at all layers of OSI Model. • Onboard all standard devices to QRadar, such as Windows Security Events, Firewalls, Antivirus, Proxy etc. • Onboard non-standard devices by researching the product and coordinating with different teams. Such as application onboarding or onboarding new security products. • Developing and Deploying connectors and scripts for log collection for cloud-based solutions. • Detailed validation of parsing and normalization of logs before handing over to SOC team will be day to day Job. • Coordinate between customer and internal teams for issues related to log collection. • The engineer needs to make sure that various team have completed their tasks, such as log validation, Log Source Not Reporting (LSNR Automation), Content Management before the Log Source is in production. • Troubleshooting API based log sources. • Documentation of integrations and versioning Essential Skills: • Prior SIEM administration and integration experience ( QRadar , Splunk , Datadog , Azure Sentinel) • Network and Endpoint Device integration and administration . • Knowledge of Device Integration : Log , Flows collection • Knowledge of Regular Expression and scripting language (ex: Bash , Python , PowerShell ), API implementation and development. • Knowledge of Parser creation and maintenance . • Knowledge of Cloud technologies and implementation . • Excellent in verbal and written communication . • Hands on experience in Networking , Security Solutions and Endpoint Administration and operations. Additional Desired Skills: • Excel, formulation • Documentation and presentation • Quick response on issues and mail with prioritization • Ready to work in 24x7 environment Education Requirements & Experience: • BE/B.Tech, BCA • Experience Level: 3+Year

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Microsoft Azure Sentinel Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will be responsible for designing, building, and configuring applications to meet business process and application requirements. You will play a crucial role in developing innovative solutions to enhance business operations and efficiency. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement software solutions to meet business requirements.- Collaborate with team members to design and optimize applications.- Troubleshoot and resolve technical issues in application development.- Stay updated with the latest technologies and trends in application development.- Provide technical guidance and support to junior team members. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Azure Sentinel.- Strong understanding of cloud computing principles.- Experience with Azure services like Azure Functions, Azure Logic Apps.- Knowledge of DevOps practices and tools.- Hands-on experience in developing and deploying applications on Azure.- Good To Have Skills: Experience with Azure Security Center. Additional Information:- The candidate should have a minimum of 3 years of experience in Microsoft Azure Sentinel.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Microsoft Azure Sentinel Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will be responsible for designing, building, and configuring applications to meet business process and application requirements. You will play a crucial role in developing solutions to enhance business operations and efficiency. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Collaborate with cross-functional teams to analyze business requirements and translate them into technical solutions.- Develop and implement software solutions to meet business needs.- Conduct code reviews and ensure code quality and best practices are followed.- Troubleshoot and debug applications to resolve issues in a timely manner.- Stay updated on emerging technologies and trends to suggest improvements and innovative solutions. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Azure Sentinel.- Strong understanding of cloud computing principles and experience with Azure services.- Experience in designing and implementing scalable and secure applications on Azure cloud.- Knowledge of DevOps practices and tools for continuous integration and deployment.- Hands-on experience with monitoring, logging, and alerting tools for cloud-based applications. Additional Information:- The candidate should have a minimum of 3 years of experience in Microsoft Azure Sentinel.- This position is based at our Pune office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Microsoft Azure Sentinel Good to have skills : DevOpsMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will design, build, and configure applications to meet business process and application requirements. You will collaborate with teams to ensure seamless integration and functionality of applications. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work-related problems.- Develop and implement software solutions to meet business requirements.- Collaborate with cross-functional teams to ensure application functionality.- Conduct code reviews and provide feedback for continuous improvement.- Stay updated with industry trends and technologies for enhancing applications.- Assist in troubleshooting and resolving application issues. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Azure Sentinel.- Good To Have Skills: Experience with DevOps.- Strong understanding of cloud computing principles and practices.- Knowledge of software development lifecycle and methodologies.- Experience in designing and implementing scalable applications.- Familiarity with security protocols and best practices. Additional Information:- The candidate should have a minimum of 3 years of experience in Microsoft Azure Sentinel.- This position is based at our Bengaluru office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : Microsoft Azure Sentinel, No Function Specialty Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a key player in ensuring the security of the organization's digital assets and infrastructure. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Implement security measures to protect systems, networks, and data. Conduct security assessments and audits to identify vulnerabilities and risks. Develop and implement security policies, procedures, and best practices. Stay updated on the latest security trends, threats, and technologies. Professional & Technical Skills: Must To Have Skills:Proficiency in Splunk Security Information and Event Management (SIEM). Good To Have Skills:Experience with Microsoft Azure Sentinel. Strong understanding of security principles and practices. Knowledge of network security protocols and technologies. Experience in incident response and threat hunting. Ability to analyze and interpret security data for actionable insights. Additional Information: The candidate should have a minimum of 5 years of experience in Splunk Security Information and Event Management (SIEM). This position is based at our Bengaluru office. A 15 years full time education is required. Qualifications 15 years full time education

We are looking for an experienced Cybersecurity Engineer with 5+ years of experience, including a minimum of 3 years working in an Azure cloud environment, to join our team. The ideal candidate will have expertise in designing, implementing, and maintaining cloud security solutions to protect our infrastructure, applications, and data. As part of the cybersecurity team, you will work to ensure the confidentiality, integrity, and availability of our systems and data within Microsoft Azure. You will be responsible for leveraging a range of Azure security tools, maintaining best practices, and ensuring the organization is protected from emerging security threats. Key Responsibilities : - Lead and implement security solutions in the Azure cloud environment using tools such as Azure Security Center, Azure Sentinel, Azure AD, and Key Vault. - Configure, monitor, and optimize Azure Security Center and Microsoft Defender for Cloud to ensure the highest level of security. - Implement and enforce identity and access management (IAM) policies using Azure Active Directory (Azure AD), ensuring secure user authentication, authorization, and access control. - Use SIEM (Security Information and Event Management) tools like Azure Sentinel to monitor and respond to security events, conducting proactive threat hunting and incident response. - Investigate security breaches and potential threats, providing detailed incident reports and recommending corrective actions. - Conduct vulnerability assessments and coordinate with other teams to address and resolve security issues. - Work closely with cloud-native security tools like Azure Sentinel, Microsoft Defender for Identity, and Azure Key Vault to ensure seamless encryption and secure key management. - Collaborate with DevOps and development teams to embed security practices into the CI/CD pipeline (DevSecOps) within Azure DevOps, securing applications from development through deployment. - Review and analyze cloud logs, vulnerabilities, and risk factors to implement appropriate remediation measures in the Azure cloud environment. - Ensure the security architecture complies with established security frameworks and standards such as NIST, CIS, SOC 2, GDPR, and ISO 27001. - Conduct risk assessments and ensure compliance with industry regulations and internal policies, maintaining comprehensive documentation for audits and assessments. - Implement controls to meet organizational compliance goals while ensuring data privacy and security. - Automate security tasks and monitoring using tools such as PowerShell, Azure CLI, or Terraform for Infrastructure as Code (IaC). - Create and maintain automation scripts to enforce security policies, automate response actions, and integrate security measures into Azure environments. - Secure containerized applications and microservices deployed on Azure Kubernetes Service (AKS). - Implement best practices to secure Docker containers and ensure security in AKS environments, including image scanning, vulnerability management, and runtime protection. - Collaborate with IT teams, development teams, and security architects to define and implement security policies, protocols, and standards. - Participate in regular security audits and ensure that all security policies are enforced and maintained across the organization's Azure environment. - Provide cybersecurity training and guidance to employees to foster a security-aware culture within the organization. - 5+ years of experience in cybersecurity, with at least 3 years of experience working within an Azure cloud environment. - Expertise in Azure cloud security services, including Azure Security Center, Azure Sentinel, Azure AD, and Azure Key Vault. - Hands-on experience in managing cloud security policies, configuring role-based access control (RBAC), and enforcing encryption techniques across Azure resources - Proficiency in using SIEM tools such as Azure Sentinel to monitor, analyze, and respond to security incidents. - Experience with cloud security best practices, including encryption, identity management, vulnerability scanning, and incident response. - Strong knowledge of security frameworks and standards such as NIST, CIS, SOC 2, GDPR, and ISO 27001. - Proficient with scripting and automation tools like PowerShell, Azure CLI, and Terraform for automating security tasks and cloud infrastructure. - Familiarity with container security in Azure Kubernetes Service (AKS) and microservices environments.

Position Summary Seeking a skilled Cloud Security Engineer to design and implement secure AWS/Azure architectures, ensuring compliance with GDPR, ISO 27001 The role involves risk assessment, cloud security optimization, IAM, and container security (Kubernetes, Docker) Proficiency in Terraform, CloudFormation, and cloud security tools like AWS GuardDuty, Azure Security Center is required Strong communication, leadership, and problem-solving skills are essential, Key Responsibilities Design and implement secure cloud architectures for AWS/Azure environments, Azure Sentinel, Azure Active Directory, Zero Trust Security, Microsoft 365 Defender AWS Security Hub, AWS IAM, Cloud Firewalls Optimize cloud infrastructure for cost, performance, and security, Ensure security compliance & audits with industry standards (GDPR, ISO 27001), Conduct risk assessments and develop mitigation strategies, Collaborate with CloudOps and engineering teams to embed security, Basic Qualifications And Required Skills Education: Bachelors or masters degree in computer science, or a related field, Expertise in cloud security tools (AWS GuardDuty, Azure Security Center), Proficiency in IaC (Terraform, CloudFormation), Experience with container security (Kubernetes, Docker), Knowledge of network security, IAM, and encryption protocols, Soft Skills Excellent communication and leadership skills, Strong analytical and problem-solving abilities, Ability to manage and mentor teams effectively, ?

Job Title: Security Operations Center (SOC) Analyst (Positios-02) Experience: 5 to 8 Years Location: Hyderabad Department: Cybersecurity / Security Operations Industry: IT Services / MSSP / Software / FinTech / Healthcare IT Job Summary: We are seeking an experienced and detail-oriented SOC Analyst (58 years) to join our cybersecurity team. The ideal candidate will be responsible for monitoring, detecting, investigating, and responding to cyber threats across the organization. The SOC Analyst will play a critical role in defending systems, applications, and data from security breaches and supporting incident response efforts, threat hunting, and continuous improvement of SOC processes. Key Responsibilities: Security Monitoring & Incident Response: Continuously monitor SIEM dashboards, threat intelligence feeds, and security alerts. Investigate and respond to security incidents, phishing attacks, malware infections, and anomalous activities. Triage alerts based on severity, business impact, and threat intelligence context. Perform root cause analysis and prepare incident reports with actionable recommendations. Escalate critical incidents to Tier 3/IR teams and collaborate during major security events. Threat Detection & Hunting: Conduct proactive threat hunting based on IOCs, TTPs, and threat intelligence reports. Analyse logs from endpoints, firewalls, IDS/IPS, cloud workloads, and third-party security solutions. Develop and fine-tune detection rules and correlation logic in SIEM (e.g., Splunk, Sumo Logic, Sentinel). Tool & Infrastructure Management: Work with EDR, NDR, DLP, SIEM, SOAR, and vulnerability management platforms. Support integration of new log sources and ensure completeness of logging for critical systems. Maintain threat detection playbooks and contribute to process automation via SOAR tools. Compliance & Reporting: Ensure security operations align with frameworks like NIST, ISO 27001, SOC 2, or HIPAA. Support security audit requirements by providing incident logs and response documentation. Generate periodic reports on incident trends, SOC performance, and threat landscape. Required Skills & Experience: 5–8 years of experience in a SOC environment or cybersecurity operations role. Strong knowledge of attack vectors, MITRE ATT&CK framework, and incident response lifecycle. Hands-on experience with SIEM (e.g., Splunk, Microsoft Sentinel, QRadar, LogRhythm). Familiarity with endpoint protection (CrowdStrike, SentinelOne, Defender ATP, etc.). Knowledge of Windows/Linux log analysis, firewall rules, and cloud security controls (Azure/AWS). Strong analytical thinking, attention to detail, and ability to work under pressure. Preferred Qualifications: Bachelor’s degree in Cybersecurity, Computer Science, or related field. Certifications such as CEH, GCIA, GCIH, CySA+, AZ-500, or Security+ are highly desirable. Experience working in a 24x7 SOC or with MSSP environments is a plus. Exposure to compliance-driven industries (finance, healthcare, SaaS) preferred. Soft Skills: Strong communication and documentation skills. Ability to collaborate across IT, DevOps, and security teams. Risk-aware mindset with a proactive approach to security operations. Work Mode: On-site / Hybrid / 24x7 Rotational Shifts if applicable Reporting To: SOC Manager / Head of Security Operations

Cloud Security Lead/Architect(L3) Experience architecting security in cloud platforms like AWS, Azure. Experience creating High Level Designing (HLD) - Low-level Designing (LLD), reviewing the technical requirement document (TRD) for cloud security. Define data security policies through AIP,DLP,Etc Thereat hunting experiences with XRD,EDR,SIEM tools. Experience integrating cloud components with SIEM Planning, implementing, designing and reviewing security policies and other compliances. Experience leading SecOps teams. Guide the team on appropriate prioritization of qualified incidents, Notification through standard communication channel and opening of corresponding incident tickets on Ticketing platform Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams Leading IR, Escalations towards closure. Responsible for automating security controls, data and processes to provide improved metrics and operational support Mandatory certifications on Azure,AWS platforms,CCSP,etc. Secondary skillset in Google cloud is Preferred.

Job Description: Azure Security Engineer Skillset : Shadow IT scanning, thread modelling, security related stuff and DevOps Tasks and Responsibilities : Design , implement and maintain scalable data infrastructure solutions in Azure that support efficient data processing storage and retrieval Develop and implement solutions to ensure privacy policies are correctly implemented The implementations should advance compliance with legal forms of data use as well as support business use of data Work to align advanced technologies and Privacy by Design principles from the first stages of development and ensure that the data use meets established regulatory compliance needs Interacting with internal privacy program managers product development teams legal compliance governance and data protection teams Responsible for assisting with the management of the data privacy data protection data usability performance and the integrity of the privacy solution Interface with other developers and architects in implementing big data solutions that enable the business to be data driven while protecting the data assets Communication Able to drive written and oral communications Create newsletters presentations for reviews Good to have Knowledge on: CI CD Azure DevOps Release management Delivery pipelines Artifacts Version control ADO Build basic dashboards Access management GCDP CCPA Basics Access control audits Azure Defender Sentinel

Role & responsibilities Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred. Lead and mentor the SOC team, fostering a culture of continuous improvement and collaboration. Oversee the day-to-day operations of the SOC, ensuring efficient incident detection, response, and recovery processes Collaborate with IT and business units to integrate cybersecurity measures into existing and new technology deployments Manage cybersecurity projects, including the selection and implementation of state-of-the-art security tools and technologies. Conduct regular security assessments, penetration testing, and proactive threat hunting to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC. At least 5 years of experience in cybersecurity, with a minimum of 3 years in a leadership role within an SOC environment. Extensive knowledge of and experience with cybersecurity regulations and standards. Proficient in managing and configuring security technologies (e.g., SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools). Demonstrated ability to lead and develop high-performing teams. Excellent problem-solving, communication, and presentation skills. Must be a flexible to work in US Shift

Req ID: 313359 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a AD - Systems Engineering Specialist to join our team in Noida, Uttar Pradesh (IN-UP), India (IN). Role Responsibilities Incidents response of Active Directory, Azure AD, and OS/server tickets Group policy administration and implementation Reporting and review of all connectivity, synchronization, replication within Active Directory DNS health and performance Sites and services - Missing or incorrectly assigned subnets NTP Reporting, configuration and accuracy Monitoring/reporting/reviewing all metrics and changes around netlogon, NTDS Database partitions, DNS settings, SRV records, Trust relationships Review of domain controllers, application, and security events to find any issues or trends Work with security teams to respond to emergency or critical vulnerabilities, patching or changes as required Response to NON-AD or believed to be AD related issues such as 3rd party application authentication issues, windows/RDP login issues, LDAP query issues, Kerberos errors, NTP errors. Windows Server OS maintenance, Patching, Upgrades, Hardware tickets, troubleshooting On-call rotation Required to have flexibility in schedules - First, Second, Third shifts available Required Qualifications 5+ years of relevant experience Strong knowledge of Active Directory, Window Server OS, Network, Firewall Basic understanding of Azure AD, Azure SSO, Azure MFA Strong knowledge of Group Policy VMware Basic understanding Strong troubleshooting skills Basic PowerShell Commands/scripting Preferences Ideally certifications from one of the followingSecurity+, Microsoft, AWS Strong Azure AD, Azure SSO, Azure MFA skills Advanced PowerShell scripting Undergraduate degree Strong understanding of networking technologies Advanced knowledge of network security that pertains to communications, computer system environments and related infrastructures About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies.Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us atus.nttdata.com NTT DATA endeavors to make https://us.nttdata.comaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here. Job Segment System Administrator, Consulting, Database, Technology