15 Carbon Black Jobs

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of yourself. And EY is counting on your unique voice and perspective to help the organization become even better. Join us and build an exceptional experience for yourself, and contribute to creating a better working world for all. As a CMS-TDR Staff at EY, you will be part of the cyber security team and work as a SOC analyst to assist clients in detecting and responding to security incidents with the support of SIEM, EDR, and NSM solutions. **The Opportunity:** We are seeking a Security Analyst with experience in SIEM, EDR, and NSM solutions. **Your key responsibilities include:** - Providing operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. - Performing the first level of monitoring and triaging of security alerts. - Conducting initial data gathering and investigation using SIEM, EDR, NSM solutions. - Providing near real-time analysis, investigation, and reporting of security incidents for customers. **Skills and attributes for success:** - Customer Service oriented with a commitment to meeting customer needs and seeking feedback for improvement. - Hands-on knowledge of SIEM technologies like Splunk, Azure Sentinel, CrowdStrike Falcon LogScale from a Security analyst's perspective. - Exposure to IOT/OT monitoring tools like Claroty, Nozomi Networks is a plus. - Good knowledge and experience in Security Monitoring and Cyber Incident Response. - Familiarity with Network monitoring platforms like Fidelis XPS, ExtraHop and endpoint protection tools such as Carbon Black, Tanium, CrowdStrike, Defender ATP, etc. **To qualify for the role, you must have:** - B. Tech./ B.E. with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English language. - Technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Hands-on experience in SIEM, EDR, and NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certification such as CEH, ECSA, ECIH, Splunk Power User. **What working at EY offers:** At EY, you will work on inspiring and meaningful projects with a focus on education, coaching, and personal development. You will have opportunities for skill development, career progression, and the freedom to handle your role in a way that suits you best. EY offers support, coaching, and feedback from engaging colleagues, along with an environment that emphasizes high quality and knowledge exchange. EY is dedicated to building a better working world, creating value for clients, people, and society, and building trust in the capital markets. With diverse teams in over 150 countries, EY provides trust through assurance and helps clients grow, transform, and operate across various domains.,

Ensure that all SOC (Security Operations Center) tickets are handled and resolved within SLAs (Service Level Agreements). Perform detailed analysis of threats and security events, using sound analytical skills, knowledge, and experience, with a clear narrative to support conclusions. Maintain records of security events investigated, detailed notes of security incident resolution, and incident response activities, utilizing ticketing systems. Make situational incident response recommendations based on best practice security policies that address the clients business need. Research and stay up to date with current security vulnerabilities, attacks, threat actors, security advisories and the MITRE Attack Framework. Manage, maintain, and monitor security alerting systems from remote communications sites to ensure company compliance. Create and run search queries in SIEM tool to help with identifying and troubleshooting security issues. Utilize tools (e.g., Wireshark, Nmap, PCap, etc.) to identify and map devices on the network. Open, track and close trouble tickets. Answer incoming hot line calls and monitor various e-mail accounts and act according to SOC procedures and processes. Interface with client through email, phone calls, and meetings or Aspire field personnel to mitigate security incidents. Assist with the preparation of SOC reports, research papers, and blog posts. Investigate and provide technical analysis of various security incidents and possible compromise of systems. Works as Tier I/L1 support and will work directly with Tier II/L2 and TIER III/L3 and NOC Engineers for issue resolution. Provide direct communication to affected users and companies on security incidents and maintenance activities. Maintain customer technical information within defined documentation standards. Obtain/maintain technical/professional certifications applicable to position or as directed. Communicate with customers, peers, team, and managers regarding incident and change management. Provide emergency on-call support on a rotating schedule. Perform other duties as assigned. Technical Skills Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support. Nice-to-have skills Qualifications Bachelors degree in computer science, Information Technology, or a related field. Experience of 2 to 3 years relevant experience. 1+ year of professional work experience in cyber security field 1+ year of experience with Security Event / Alert Management, Incident Response, and Change Management Processes 1+ year of experience handling security events related to Malware Detection and Analysis, Indicators of Compromise (IOC), Email Phishing, Endpoint Detection and Response (EDR) Knowledge of Runbooks, Playbooks and following Standard Operating Procedures Possession of an Industry Certification (Security+, CySA+, Cisco Cyber-Ops Associate, NSE4, or similar) 1+ years of experience in Security Management. SIEM and Log Management (MS Sentinel , IBM QRadar ,Splunk, OSSIM, FortiSIEM, LogRhythm, etc.) Experience with Firewalls (Palo Alto Networks, Cisco Firepower Manager) Experience with Endpoint Security (Cisco Secure Endpoint, CrowdStrike Falcon, Carbon Black, Microsoft Advanced Threat Protection) Experience with Network Traffic Analytics (Cisco Stealthwatch Cloud, Darktrace) Experience with DNS Security (Cisco Umbrella, Forcepoint) 2+ years of experience with Ticket Management Tools (e.g., ConnectWise, ServiceNow)

Company Overview Incedo is a US-based consulting, data science and technology services firm with over 3000 people helping clients from our six offices across US, Mexico and India. We help our clients achieve competitive advantage through end-to-end digital transformation. Our uniqueness lies in bringing together strong engineering, data science, and design capabilities coupled with deep domain understanding. We combine services and products to maximize business impact for our clients in telecom, Banking, Wealth Management, product engineering and life science & healthcare industries. Working at Incedo will provide you an opportunity to work with industry leading client organizations, deep technology and domain experts, and global teams. Incedo University, our learning platform, provides ample learning opportunities starting with a structured onboarding program and carrying throughout various stages of your career. A variety of fun activities is also an integral part of our friendly work environment. Our flexible career paths allow you to grow into a program manager, a technical architect or a domain expert based on your skills and interests. Our Mission is to enable our clients to maximize business impact from technology by Harnessing the transformational impact of emerging technologies Bridging the gap between business and technology Role Description Position Description: Incedo is seeking a SOC Analyst (L3/Tier 3/Threat Hunter) to join our rapidly growing cybersecurity team! Role and responsibilities: Participate in a rotating SOC on-call; rotation is based on the number of team members. Provide first-line SOC support with timely triage, routing and analysis of SOC tasks. Researches, develops, and monitors custom visualizations. Researches, analyzes, and writes documents such as cybersecurity briefings for all levels of stakeholders from Tier 1-3 SOC, security engineering, and executives. Tunes and develops SIEM correlation logic for threat detection. Ensures documentation is accurate and complete, meets editorial and government specifications, and adheres to standards for quality, graphics, coverage, format, and style. Develop scripts using Python to automate IR functions, including (but not limited to) IOC ingestion and SIEM integration via REST APIs to minimize repetition of duties and automate tasks. Produce and review aggregated performance metrics. Perform Cyber Threat Assessment and Remediation Analysis Processing, organizing, and analyzing incident indicators retrieved from the client environment and correlating said indicators to various intelligence data. Assisting in the coordination with internal teams as well as in the creation of engagement deliverables for a multitude of activities, including but not limited to Insider Threats, Rule of Engagement (ROE), Threat Hunting, After Action Reports, and other artifacts to support testing, monitoring and protecting the enterprise. Investigate network and host detection and monitoring systems to advise engagement processes.Develop and Execute bash and python scripts to process discrete log files and extract specific incident indicators; develop tools to aid in Tier 1 and Tier 2 functions. Participate in on-call rotation for after-hours security and/or engineering issues. Participate in the increase of effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions. Think critically and creatively while analyzing security events, network traffic, and logs to engineer new detection methods. Work directly with Security and SOC leadership on cyber threat intelligence reports to convert intelligence into useful detection. Technical Skills Required Experience / Skills: Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 1+ years of Incident response Deep understanding of Cyber Threat TTPs, Threat Hunt, and the application of the MITRE Attack Framework Knowledge of security operations and attacker tactics Ability to identify cyber-attacks and develop monitoring logic Experience supporting 24x7x365 SOC operations including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Support alert and notification triage, review/analysis through resolution / close Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) Nice-to-have skills In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Experience and solid understanding of Malware analysis Understanding of security incident response processes Qualifications Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support. Company Value

Overview We are looking for a Security Engineer III to join the Critical Start Technologies Private Ltd. team, operating under the Critical Start umbrella, supporting our India operations. This is an exciting opportunity for a skilled security professional with 5–8 years of hands-on experience in security engineering, threat detection, and investigation. We are looking for a curious, technically adept individual who thrives in a fast-paced, high-impact environment. You bring deep technical expertise, a proactive mindset, and a passion for solving complex security challenges using industry-leading tools and frameworks. The ideal candidate is a driven and resourceful security professional who thrives on diving deep into threat activity—whether it’s analyzing port scans or crafting custom detection queries. With a strong understanding of the MITRE ATT&CK framework, you’re capable of building your own detection content and conducting investigations independently, without relying solely on predefined rules. You take initiative, enjoy improving processes, and excel in autonomous, project-based environments. Your analytical mindset, technical curiosity, and collaborative spirit enable you to contribute meaningfully to both team goals and larger security objectives. Responsibilities Investigate and validate alerts generated by industry-standard EDR and SIEM platforms, ensuring data quality and investigative clarity for our Security Operations Center (SOC). Proactively identify opportunities to improve alert fidelity through detection tuning, custom rule development, and the creation of IOCs and IOAs. Author and maintain clear, user-centric investigation procedures to guide SOC analysts and drive consistency in alert handling. Collaborate cross-functionally with Engineering and Product teams to enhance security tools and improve platform efficacy. Conduct periodic quality assurance checks on alerts—especially during platform updates or vendor API changes—to maintain actionable fidelity. Design, write, and translate threat detection content across tools including but not limited to Splunk, Microsoft Sentinel, Devo, Microsoft 365 Defender, Palo Alto Cortex XDR, CrowdStrike, and SentinelOne. Lead internal knowledge-sharing sessions and mentor junior team members to foster a culture of collaboration and continuous learning. Operate effectively in a global, agile team spanning multiple time zones, balancing independence with team collaboration. Qualifications Required Qualifications: 5+ years of experience in cybersecurity with a focus on threat detection, security engineering, or incident investigation. Hands-on experience with multiple EDR and SIEM tools such as Splunk, Microsoft Sentinel, Devo, Microsoft 365 Defender, Palo Alto Cortex XDR, CrowdStrike, SentinelOne, Carbon Black, or Cylance. Proficiency in one or more query languages (e.g., SPL, KQL, Sumo Logic). Experience building use cases for SIEM platforms and a solid grasp of log source types including firewalls, operating systems, and proxies. Strong verbal and written communication skills with the ability to convey complex concepts to both technical and non-technical stakeholders. Ability to work independently while effectively collaborating with distributed teams. Familiarity with tools like GitHub, Jira, and Confluence. Preferred Qualifications: Professional certifications such as OSCP, CISSP, or equivalent. Experience creating parsers or custom log processing logic. Exposure to agile development environments and DevSecOps culture.

experience in cyber security Information security with security posture. Assessment. advance threat detection, Incident response and responding to critical security incident endpoint security capabilities with Carbon black EDR tools.

Planning, implementation, documentation of research work for EHS quality & profitability. Assist production dept in optimizing existing process & troubleshooting. Help employees in bness dev, sales, technical ,cust service, production, analysis dept. Required Candidate profile Dyes/inks/pigments-formulation Textile, inkjets, sublimation application Knowledge of rheology, surface chemistry with any industrial applications (Carbon black, dyes, pigments, inks, agglomerations)

Role & responsibilities Please find the Job Description for EDR : 1. -Good working knowledge of EDR solutions such as MDATP, FireEye, CrowdStrike Falcon, Carbon Black. 2. -Must be well-versed with Operating System concepts i.e. Windows/Linux/MacOS 3. -Ability to distinguish between False Positives and False Negatives detections with respect to logs available. 4. -Good Exposure to OSINT tools, sandboxing, encoding-decoding techniques for independent investigation. 5. -Must be able to Investigate and Triage EDR related alerts with an ability to share detailed investigation reports to clients within SLA. 6. -Knowledge of Cyber kill chain and MITRE ATT&CK techniques and tactics used by adversary to evade detection. 7. -Awareness of various stages of Incident Response which involves in-depth analysis and RCA submission on security incidents. 8. -Good understanding of Malware Analysis i.e. static and dynamic and its variants. 9. -Exposure to adversary simulation and red teaming tools such as Caldera, PowerShell Empire, Cactus Torch 10. -Understanding of Database language i.e. KQL is a Plus. 11. -Understanding of Network Security concepts and popular encryption standards. 12. -Excellent communication skills for cross-group and interpersonal skills with ability to articulate business need for detection improvements. 13. -Exposure to reverse engineering of malware samples is a plus. 14. -Certification in OSCP, OSCE, GREM, GCIH, GCFA will be highly preferred.

LTIMindtree Hiring for EDR Researcher. Notice period-immediate to 15 days. Exp-3 to 5 yrs. Location- Hyderabad, Pune Note-Willing to work in rotational shift timings. if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview- Are you okay with Rotational shift- Please find the Job Description for EDR : 1. -Good working knowledge of EDR solutions such as MDATP, FireEye, CrowdStrike Falcon, Carbon Black. 2. -Must be well-versed with Operating System concepts i.e. Windows/Linux/MacOS 3. -Ability to distinguish between False Positives and False Negatives detections with respect to logs available. 4. -Good Exposure to OSINT tools, sandboxing, encoding-decoding techniques for independent investigation. 5. -Must be able to Investigate and Triage EDR related alerts with an ability to share detailed investigation reports to clients within SLA. 6. -Knowledge of Cyber kill chain and MITRE ATT&CK techniques and tactics used by adversary to evade detection. 7. -Awareness of various stages of Incident Response which involves in-depth analysis and RCA submission on security incidents. 8. -Good understanding of Malware Analysis i.e. static and dynamic and its variants. 9. -Exposure to adversary simulation and red teaming tools such as Caldera, PowerShell Empire, Cactus Torch 10. -Understanding of Database language i.e. KQL is a Plus. 11. -Understanding of Network Security concepts and popular encryption standards. 12. -Excellent communication skills for cross-group and interpersonal skills with ability to articulate business need for detection improvements. 13. -Exposure to reverse engineering of malware samples is a plus. 14. -Certification in OSCP, OSCE, GREM, GCIH, GCFA will be highly preferred.

Responsible for implementing and managing endpoint security solutions to protect enterprise networks. Tasks include malware analysis, intrusion detection, policy enforcement, and security incident response. Experience with EDR solutions and cybersecurity frameworks is required.

Plant Operation: Operate Plant through DCS and field control, quality control, handling of emergency arising in plant operation & ensures environmental compliance. Assisting Shift In-charge in plant operation. Monitors all process parameters and equipment condition. Monitoring and logs plant operating data.Data analysis for efficient operation of plant. Adjust process parameter as per quality setup. Adhere SOPs. Preparation of MIS and system document. SAP data entry and report generation. Continuous improvement projects and presentation. Ensure zero emission. Ensure safe material handling. Ensure safety in workplace

Hi , We are hiring for the ITES Company for Carbon Black Role. Overview The Carbon Black Specialist is responsible for supporting and managing Carbon Black security products, with experience and certification in one or more Carbon Black solutions. This role involves independently working with customers through virtual platforms like Webex, providing expert training, mentoring, and exceptional customer service. The Carbon Black Cyber Security professional specializes in deploying, managing, and optimizing Carbon Black endpoint security solutions to protect organizations from cyber threats. Their responsibilities include monitoring security alerts, analyzing threats, and responding to incidents to ensure robust endpoint protection. Attention to detail, professionalism, and adaptability are key, with analysis, debugging, and programming in the enterprise security domain. Key Skills : Any Graduate Minimum 2 years of experience working with all Carbon Black products. Deeper knowledge with at least one of the Carbon Black products Familiarity with analysis and debugging skill a plus Programming experience a plus To Apply, WhatsApp 'Hi' @ 9151555419 Follow the Steps Below: >Click on Start option to Apply and fill the details >Select the location as Other ( to get multiple location option ) a) To Apply for above Job Role ( Chennai ) Type : Job Code # 274 Job description: Minimum 2 years of experience working with all Carbon Black products. Deeper knowledge with at least one of the Carbon Black products Certification obtained on the product(s) of expertise Ability and motivation to work with customers independently via Webex Excellent training and mentoring skills Team motivator who currently serves as an example for their team mates Consistently exceeds personal goal expectations Certification in the enterprise security space Good time management skills and ability to multi task Adaptable, professional, courteous, motivated and works well on their own or as a member of a team Excellent Customer Service skills and a demonstrated success exceeding customer expectations Strong communication (verbal and written) and customer handling skills Strong attention to detail and focus on producing quality work products and results Familiarity with analysis and debugging skill a plus Programming experience a plus

Senior Cybersecurity Analyst with a minimum of 6+ years of experience in thefield of Operation technology, particularly focusing on Endpoint Detection andResponse (EDR) and Intrusion Detection System #40;IDS#41; monitoringtools. The ideal candidate will have demonstrated expertise in Carbon Black AppControl. Carbon Black, MS Defender for Endpoints (EDR/ATP),Data Network Security - IDS, Unix Administration, Windows, Carbon Black, MS Defender for Endpoints (EDR/ATP), Data Network Security - IDS, Unix Administration, Windows. Senior Cybersecurity Analyst with a minimum of 6+ years of experience in the field of Operation technology, particularly focusing on Endpoint Detection and Response (EDR) and Intrusion Detection System (IDS) monitoring tools. The ideal candidate will have demonstrated expertise in Carbon Black App Control.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you ready to embark on a technical adventure and become a hero to our external and internal users? As Technical Support at Kyndryl, you'll be part of an elite team that provides exceptional technical assistance, enabling our clients to achieve their desired business outcomes. You'll be a troubleshooter extraordinaire, diagnosing and repairing complex equipment, software, and systems with ease. Nothing will be too challenging for you to solve as you respond to escalated issues, report critical design flaws, reliability and maintenance problems, and bugs. You'll be the go-to person for our customers who require assistance with highly technical or sophisticated products, as well as for customer installations and training. With your passion for technology, you'll provide world-class support that exceeds customer expectations. As Technical Support, you'll perform varying degrees of problem determination and resolution of desktop hardware and software issues using your technical expertise and available resources to ensure that our customers' issues are resolved efficiently and effectively. You'll also have the opportunity to perform installs, moves, adds, and changes (IMAC) activities, as well as data backup and restore on certain accounts for clients, ensuring that all related administrative duties are completed within Service Level Agreement objectives. You will develop a deep understanding of the local and regional infrastructure, as well as key contacts in other competencies, which will enable you to ensure that the proper team is aware of – and taking action on the problem. If you're a technical wizard, a customer service superstar, and have an unquenchable thirst for knowledge, we want you to join our team. Key Responsibilities: Design, implement, and manage endpoint management and security tools. Ensure effective deployment, monitoring, and maintenance of endpoint protection software (e.g., anti-virus, anti-malware, encryption, etc.). Automate the deployment and configuration of endpoint security tools across the organization. Develop and maintain endpoint management processes for patching, updates, and configuration changes. Work with IT and security teams to ensure compliance with security policies, industry regulations, and best practices. Analyze endpoint security events and alerts, and provide recommendations for remediation. Troubleshoot and resolve endpoint security and performance issues. Maintain inventory and tracking of all endpoints in the environment. Assist in the development and enforcement of endpoint security policies and procedures. Collaborate with cross-functional teams (e.g., network, IT, security, operations) to ensure the seamless integration of endpoint tools. Stay up to date with the latest trends and best practices in endpoint security and management. Conduct regular assessments of endpoint health, configuration, and security posture. Create and maintain documentation related to endpoint tools, processes, and configurations. Provide support for endpoint-related incidents and requests from end-users and other IT teams. Your Future at Kyndryl Imagine being part of a dynamic team that values your growth and development. As Technical Support at Kyndryl, you'll receive an extensive and diverse set of technical trainings, including cloud technology, and free certifications to enhance your skills and expertise. You'll have the opportunity to pursue a career in advanced technical roles and beyond – taking your future to the next level. With Kyndryl, the sky's the limit. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise Bachelor’s degree in Computer Science, Information Technology, Engineering, or a related field. Minimun 5+ Years of experience in anakage tool. Proven experience as an Endpoint Tool Engineer, Systems Engineer, or in a similar role with a focus on endpoint security and management, mainly Anakage Automation Tool Strong experience with endpoint security tools such as Symantec, McAfee, CrowdStrike, Carbon Black, or similar. Familiarity with endpoint management systems such as Microsoft Endpoint Configuration Manager (SCCM), Intune, Jamf, or other similar tools. Experience with patch management, system imaging, and software deployment. Knowledge of endpoint security policies and industry regulations (e.g., GDPR, HIPAA). Experience working with Windows, macOS, and mobile operating systems (Android, iOS). Experience with scripting and automation (e.g., PowerShell, Bash, Python). Strong understanding of network security and endpoint threat prevention strategies. Familiarity with Active Directory and Group Policy for endpoint configuration management. Experience with monitoring and reporting tools to track endpoint performance and security status Preferred Technical and Professional Experience Certifications such as CompTIA Security+, CISSP, CEH, or other relevant security certifications. Experience with endpoint detection and response (EDR) tools. Knowledge of cloud-based endpoint management solutions. Familiarity with endpoint backup and recovery strategies. Experience with SIEM systems (e.g., Splunk, ArcSight) for security monitoring. Excellent problem-solving skills and the ability to troubleshoot complex endpoint issues. Strong attention to detail, ensuring that endpoint security and configurations are consistently monitored and optimized. Ability to work effectively in a team environment and collaborate with other departments. Strong written and verbal communication skills for documenting processes and interacting with other teams. Ability to prioritize tasks effectively and manage multiple projects simultaneously. Proactive and self-motivated approach to learning and applying new technologies Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Designation: EndPoint Security Engineer Experience: 2-10 Years years Education: Any Graduate Location: Bengaluru Description: Trend Micro Antivirus, EDR (Endpoint Detection & Response)MDM (Mobile Device Management), DLP (Data Loss Prevention)Anti-Spam, Anti-APT (Advanced Persistent Threats)Vulnerability Management & PatchingKnowledge of ITIL Processes If you're passionate about securing endpoints and making a difference in cybersecurity, were looking for YOU!

Job Description We are seeking a skilled Azure Sentinel Logic App and Analytic Rules Engineer to join our cybersecurity team. The ideal candidate will be responsible for designing, implementing, and managing automated workflows using Azure Logic Apps and developing analytic rules within Azure Sentinel to enhance our security posture and incident response capabilities. Responsibilities Design and Develop Logic Apps: Create and manage Azure Logic Apps to automate responses to security incidents detected by Azure Sentinel. This includes configuring triggers, actions, and conditions based on specific security events. Implement Analytic Rules: Develop and optimize analytic rules in Azure Sentinel to detect potential threats and anomalies within the environment. This involves leveraging Kusto Query Language (KQL) to create effective queries that generate actionable alerts. Integrate Security Logs: Streamline the integration of security logs and data sources into Azure Sentinel using Logic Apps, ensuring that all relevant security data is captured and analyzed efficiently. Automate Incident Response: Build automated workflows that respond to alerts generated by Azure Sentinel, including actions such as sending notifications, creating tickets, or executing remediation scripts. Monitor and Optimize: Continuously monitor the performance of Logic Apps and analytic rules, making adjustments as necessary to improve detection rates and reduce false positives. Essential Skills Certifications in Azure, cybersecurity or related fields. Experience with additional security tools and technologies (e.g., firewalls, intrusion detection systems). This role is crucial for enhancing our security operations and ensuring a proactive approach to threat detection and response. If you are passionate about cybersecurity and have the required skills, we encourage you to apply. Proficiency in Kusto Query Language (KQL) for creating and optimizing analytic queries. Experience with Azure Logic Apps, including triggers, actions, and connectors. Familiarity with security frameworks and best practices, including incident response and threat hunting. 3+ years of experience in cybersecurity, with a focus on security operations, incident response, and SIEM platforms. 2+ years of hands-on experience with Azure Sentinel, including the development of analytic rules and Logic Apps. Additional Desired Skills Strong verbal and written English communication Strong interpersonal and presentation skills Ability to work with minimal levels of supervision Willingness to work in a job that involves 24/7 operations Education Requirements & Experience Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree Minimum of 2-6 years of experience in the IT security industry, preferably working in a SOC environment Certifications: GCIH, CCNA, CCSP, CEH