179 Edr Jobs

Job Role : Cyber Security Engineer--Work From Office Experience : 4 to 8 Yrs Key Skills: Security tools integration and management, Onboarding, Log ingestion, writing rules and polices in Cloud Security/SIEM/EDR/Antivirus/XDR/Firewall/MDR/SOAR tool Notice Period : 0 to 30 days Should be willing to work in Second shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Overview: They plan, implement, and maintain security measures, respond to security incidents, and identify vulnerabilities. Their roles vary depending on the specific area of security, such as network, application, or cloud security. Here's a more detailed breakdown of their responsibilities: Security Planning and Implementation: Designing and implementing security controls: This includes firewalls, intrusion detection systems, and access control mechanisms. Developing security policies and procedures: Establishing guidelines for secure operations and data handling. Performing risk assessments: Identifying potential vulnerabilities and threats. Implementing security tools and technologies: Integrating security software and hardware into the organization's infrastructure. Analyze and recommend improvements to network, system, and application architectures to enhance security. Research, design, and implement cybersecurity solutions that protect the organizations systems and products. Collaborate with DevOps, Platform Engineering, and Architecture teams to ensure security is embedded in the design and development of applications and systems. Actively participate in the change management process, ensuring security considerations are prioritized in system upgrades and modifications. Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments. Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies. Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents. Assess and review emerging technologies to identify potential security risks and implement mitigation strategies. Design and deploy innovative security technologies to address evolving security challenges. Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture. Work closely with security architects to develop and deploy security solutions that address cloud-specific risks. Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives. Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses. Qualifications & experience: Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling. Expertise in at least one of the following security domains: Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF) , CIS Controls, HIPAA, GDPR compliance Ability to assess compliance requirements and implement security controls to ensure adherence. Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies. Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders. Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team.

Accountabilities Job Description Develop, enhance, and operationalize IT Security processes Lead, coach, and mentor a high-performing, highly engaged team, supporting initiatives covering Information Security, Incident Management, and Vulnerability Management Develop, measure, analyze, and maintain the internal and external service metrics for Security Service Operations, providing timely reports to leadership teams Lead, coordinate, and train others on effective management of security incidents and operational responses Collaborate across various business units to deliver the most Resource work in shifts 2:30AM till 10:3APM or 10:30AM to 7:30PM IST comprehensive security response Implement security and risk programs to ensure operational efficiency and auditability Understand business needs and intuitively recommend secure solutions Lead and manage IR issues and provide timely feedback to management and supervisor Provide guidance to the IT security team members Assign tasks and projects to team members based on their skills and expertise Assess and prioritize security risks and vulnerabilities and develop mitigation strategies Lead the response to security incidents, including breaches, attacks, and data breaches Conduct post-incident reviews to identify lessons learned and improve incident response processes Monitor security alerts and events, and coordinate appropriate responses Collaborate with other IT teams, departments, and business units to integrate security measures and requirements Provide regular reports to Leadership on the productivity, Team performance Maintain comprehensive documentation of security procedures, incident responses, and configurations Develops and maintains a productive work teams by hiring qualified personnel, training, and managing performance Manages teams with integrity, ethical business practices, and in accordance with Mouser policies, procedures, and practices Customarily and regularly directs the work of two or more full-time employees or their equivalent Makes suggestions and recommendation for these employees regarding performance, including hiring, transfer, advancement, and termination Manages daily operations to meet department and company objectives Works with minimum supervision and makes independent judgments Flexible to meet the changing needs of the business and willingness to take on new responsibilities and assignments Initiates, establishes and maintains highly effective relationships with internal and external business contacts of various cultures, and at all levels Extremely confidential and trustworthy Demonstrates knowledge, experience and understanding of critical job functions of the team Assists management with development of results oriented strategies Regular attendance at work is an essential part of the job Skills & Certifications Extensive knowledge of key IT Security Technologies Preferred to have an Industry respected Certification (CISSP, CISM, CRISC, CISA) Maintain current and extensive knowledge of emerging security threats Possess excellent verbal, interpersonal and written technical and non-technical communication skills Education & Experience Bachelors Degree in any field, or minimum of 3 years prior work experience that is relevant to the team you will supervise Including: Internal candidates: Minimum 1 year as a highly performing Lead/Coordinator or a total of 2 years as a highly performing Mouser employee External candidates: Minimum 2 years as a supervisor or higher-level management position 6+ years of experience working with SIEM, EDR, Email Security Gateways, Vulnerability Management Software, Firewalls, etc 6+ years of experience working with security systems, user authentication and management 3+ years of leadership and project management experience Additional Information At Tietoevry, we believe in the power of diversity, equity, and inclusion We encourage applicants of all backgrounds, genders (m/f/d), and walks of life to join our team, as we believe that this fosters an inspiring workplace and fuels innovation ?Our commitment to openness, trust, and diversity is at the heart of our mission to create digital futures that benefit businesses, societies, and humanity Diversity,?equity and?inclusion (tietoevry com)

Cloud Engineer II (Security+M365) Shift-24*7(Rotational shift) strong focus on Microsoft 365, Purview, Microsoft Entra, and Defender. About the team: Our team consists of skilled and experienced professionals who are committed to delivering high-quality work in cloud migration, DevOps, FinOps, datacenter migrations, AD migration and Infrastructure security across multi-cloud. Engage with clients to understand their business objectives and technical requirements. Strong understanding of cloud security frameworks and architectures. Collaborate with development, operations, and security teams to ensure seamless integration and deployment of cloud services. Be AmbITious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. Desired Candidate Profile Engage with clients to understand their business objectives and technical requirements. Minimum of 3-5+ years of experience in cloud engineering and consulting, with a strong focus on Security services including Microsoft Purview and Defender. Hands-on experience with Microsoft Purview for data governance, compliance, and information protection. Hands-on experience with Microsoft Defender for Endpoint for security threat detection and remediation. Strong knowledge of Microsoft Defender Suite including Defender for Office 365, Identity, and Endpoint. Expertise in Office 365 Security & Compliance Center for threat management and incident response. Experience implementing Endpoint Security solutions across hybrid environments. Ability to design and enforce security policies aligned with organizational risk and compliance goals. Strong understanding of cloud security frameworks and architectures. Collaborate with development, operations, and security teams to ensure seamless integration and deployment of cloud services. Understanding of Zero Trust security models and their application within modern workplace solutions. Monitor and optimize cloud performance, cost, and security. Stay up to date with the latest cloud services, features, and best practices. Excellent problem-solving skills and attention to detail. Knowledge and experience working with ServiceNow and the ITIL Service Management Framework. Qualifications: Bachelors degree in computer science, Information Technology, or a related field. Minimum of 3-5 years of experience in cloud engineering and consulting, with a strong focus on Microsoft 365, Purview, Microsoft Entra, and Defender. Exceptional problem-solving skills and strategic thinking abilities. Excellent communication and interpersonal skills, with the ability to articulate complex technical concepts to diverse audiences. Relevant certifications such as Microsoft Certified: Implement Information Protection in Microsoft 365 are highly desirable Behavioral Skills Email Communication, Presentation, Public Speaking Strategic Thinking, Transactions Processing, Planning Analytical Thinking, Scientific Temperament Interpersonal Skills, Nurturing Relationships Customer Service Orientation, Business Appreciation About Insight: Founded in 1988, Insight is headquartered in Chandler, Arizona, USA and has more and has more than 13000+ Teammates worldwide with global presence in Canada, United Kingdom, Germany, Australia, India, Singapore and many more. With offices in the prime location -Gurgaon, Noida and Bangalore we have 1000+ teammates operating from India. As a Fortune 500-ranked global provider of Digital Innovation, Cloud Data Center Transformation and Supply Chain Optimization solutions and services, we help clients successfully manage their IT today while transforming for tomorrow, recognized for its excellence. Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law. Today's talent leads tomorrow's success. Learn about careers at Insight: https://www.insight.com/en_US/careers/india.html

Scope of Position: The Senior Analyst for Cybersecurity will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against the company's global networks. You will be charged with part of leading the maturation and optimization of our EDR capability through the development of custom content that focuses on threat actor TTPs and reduces false positives. You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources and provide reporting and briefings to other teams and leadership to maintain appropriate levels of situational awareness. RESPONSIBILITIES: Review and build host-based detection content in EDR solutions such as Sentinel One, Microsoft Defender and other leading vendors. Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output and mentor cyber analysts. Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and evolve custom detections that mitigate highly dynamic threats to the enterprise. Proactively research advanced and emerging cyber threats, and apply analytical understanding of attacker methodologies, system vulnerabilities, and key indicators of attacks and exploits in threat hunting efforts Execute as needed in each of the six phases of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned Collaborate using information and knowledge sharing networks and professional relationships. Education and Experience: Bachelor's degree and 5+ years of threat analysis and/or incident response experience - additional years of relevant experience may be considered in lieu of Bachelor's degree Relevant certifications (CISSP, SANS GIAC, CEH, etc.) REQUIREMENTS: Threat analysis and/or incident response experience Understanding of cyber threat models, including ATT&CK, Cyber Kill Chain, Racetrack, Diamond Model, etc. Experience working with EDR tools Experience with a SIEM-type platform Experience performing analysis and correlation of log data and forensic artifacts from multiple sources. Must be proficient, verbally and in writing with the English language.

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for an experienced SOC Lead to manage security operations, lead incident investigations, and handle client interactions. The ideal candidate has hands-on expertise with Microsoft Sentinel, strong knowledge of the MITRE ATT&CK framework, and experience with EDR, SOAR, and network log analysis. Roles & Responsibilities:-Lead day-to-day SOC operations and manage a team of analysts.-Perform in-depth investigations using Sentinel SIEM, SOAR tools, and threat intel.-Analyze logs from EDR, firewalls, and network devices.-Apply MITRE ATT&CK to enhance threat detection and response.-Design and tune Sentinel analytics, playbooks, and automation workflows.Collaborate directly with clients on incident response, reporting, and recommendations.-Mentor team members and improve SOC processes. :-6+ years in SOC, 2+ in a lead role.-Strong Sentinel and SOAR hands-on experience.-Solid grasp of EDR tools, threat hunting, and log analysis.-Excellent client communication and stakeholder management skills.-Certifications like SC-200, AZ-500, GCIH, or similar are a plus. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a Lead EDR Engineer with expertise in Microsoft Defender for Endpoint (MDE) to lead its implementation, administration, and incident response. As the MDE expert, you will manage enterprise-wide deployment, optimize configurations, guide incident response efforts, and drive endpoint security strategy in collaboration with cross-functional teams. You will lead EDR strategy design, mentor security teams, and drive defense against advanced threats using MITRE ATT&CK-aligned frameworks. Roles & Responsibilities:-Lead deployment and configuration of Microsoft Defender for Endpoint across all supported platforms.-Customize and manage endpoint security policies, attack surface reduction rules, and threat protection settings.-Monitor security alerts and endpoint telemetry to detect and analyze threats.-Conduct investigations using Microsoft 365 Defender and advanced hunting (KQL) capabilities.-Respond to incidents by initiating remediation actions (e.g., isolate endpoints, remove malware, collect forensic data/Artifacts).-Collaborate with the SOC to provide timely incident resolution and root cause analysis.-Tune detection rules and policies to reduce false positives and enhance protection.-Maintain up-to-date documentation, playbooks, and response procedures.-Provide recommendations to improve the organizations endpoint security posture.-Mentor junior analysts and engineers on best practices for MDE and incident response workflows.-Provide executive-level reporting on threat trends, incident metrics, and risk posture.-Perform gap analysis on endpoint security to identify and address areas of improvement.-Build and maintain SOAR playbooks to auto-contain threats (e.g., isolate devices, revoke tokens).-Stay current on emerging threats and align defense strategies with frameworks like MITRE ATT&CK. Professional & Technical Skills: -68+ years of experience in MDE/EDR implementations and security operations.-Strong background in SOAR automation (Microsoft Logic Apps).-Deep technical knowledge of endpoint protection, threat detection, and incident response workflows.-Proficiency in Microsoft security stack:M365 Defender, Intune, Azure AD, and Sentinel. -Strong command of KQL for custom detections and threat hunting.-Experience with scripting (PowerShell), automation, and EDR tooling integrations is a plus.-Experience with Halcyon and CrowdStrike EDR is a plus and considered an added advantage.- Prefered Certifications SC-200:Microsoft Security Operations Analyst,SC-100:Microsoft Cybersecurity Architect,AZ-500:Microsoft Azure Security Technologies,MITRE ATT&CK Defender (MAD) certs,CISSP, CEH, or equivalent industry certifications Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education\ Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Sumo Logic SIEM and SOAR tools to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reducing noise from false positives Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.-SIEM Familiarity:Exposure to Sumo Logic UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Communication Skills: Clear written documentation and verbal escalation-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness Professional & Technical Skills: -Monitor real-time alerts and dashboards in Sumo Logic SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated like host info, user details, etc.-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness-SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution-Security Concepts:Basic understanding of malware, phishing, brute force-Tools:CrowdStrike EDR, Sumo Logic Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an L1 SOC Analyst you are the first line of defense in monitoring and triaging security alerts. You will work primarily with Sumo Logic SIEM and SOAR tools to identify potential security incidents, validate alerts, and escalate them according to the defined SOPs. You will ensure real-time visibility and log health while flagging suspicious activity promptly. This role is essential to ensuring timely detection and reducing noise from false positives Roles & Responsibilities:--Basic Security Knowledge:Understanding of key concepts (malware, phishing, brute force, etc.-SIEM Familiarity:Exposure to Sumo Logic UI and understanding how to read/query logs-Exposure to CrowdStrike Falcon Console:Ability to view and interpret endpoint alerts-Alert Triage:Ability to differentiate between false positives and real threats-Communication Skills: Clear written documentation and verbal escalation-Ticketing Systems:Familiarity with platforms like JIRA, ServiceNow, or similar-Basic understanding of cybersecurity fundamentals-Basic Scripting:Awareness of PowerShell or Python for log parsing-SOAR Exposure:Familiarity with automated triage workflows-Security Certifications:Security+, Microsoft SC-900, or similar certification-Operating System Basics:Windows and Linux process and file system awareness Professional & Technical Skills: -Monitor real-time alerts and dashboards in Sumo Logic SIEM-Perform initial triage on alerts and determine severity/priority-Escalate validated security incidents to L2 analysts per defined SOPs-Follow pre-defined SOAR playbooks to document or assist in response-Ensure alert enrichment fields are populated like host info, user details, etc.-Conduct basic log searches to support alert analysis-Perform daily health checks on log sources and ingestion pipelines-Maintain accurate ticket documentation for each alert handled-Participate in shift handovers and team sync-ups for awareness-SIEM:Basic log searching, correlation rule awareness-SOAR:Familiarity with playbook execution-Security Concepts:Basic understanding of malware, phishing, brute force-Tools:CrowdStrike EDR, Sumo Logic Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions. Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies. SIEM and Incident ResponseHands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Strong skills in incident response, threat hunting, and forensic investigation. Access and Identity ManagementFamiliarity with IAM concepts and tools, including MFA and SSO solutions. Experience with configuring and troubleshooting access control for network and endpoint systems. Automation and ScriptingBasic scripting abilities (e.g., Python, PowerShell) for automating security processes. Excellent analytical and problem-solving skills. Effective communication skills for interacting with team members and stakeholders. Ability to work in a fast-paced environment and handle high-stakes incidents. Certifications (Preferred) CompTIA Security+, Cisco CCNA Security, Certified Ethical Hacker (CEH), or other relevant security certifications. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 10 years of experience in security & infrastructure administration Experience on any Products for Implementation & Operations in SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Expertise of handling industry standard risk, governance and security standard methodologies and incident response processes (detection, triage, incident analysis, remediation and reporting). have shown attention to detail and interpersonal skills and expertise to oversee input and develop relevant metrics and Competence with Microsoft Office, e.g. Word, Presentation, Excel, Visio, etc Preferred technical and professional experience Ability to multitask and work independently with minimal direction and maximum accountability. One or more security certifications. (CEH, Security+, GSEC, GCIH, etc).

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively implemented and maintained. Roles & Responsibilities:-Administer a globally distributed and heterogeneous SIEM environment, preferably Securonix/Splunk-Knowledge on Automation app deployment to multiple sites, Monitoring the central infrastructure-Design and customize complex search queries, develop dashboards, data models, reports and optimize their performance-Administration of core SIEM Components (Deployment Server, Indexer)-Understanding of threat models and threat intelligence-Improve detection capabilities by building and enhancing alert rules-Work on RFPs and estimations related to SOC solutions-Good knowledge on popular EDR tools such as CrowdStrike and Microsoft Defender Professional & Technical Skills: -Experience working in SOC/SIEM-Incident handling, use case management development, risk assessment, playbook recommendation, fine-tuning -7+ years SIEM/SOC operations experience for very large enterprises-Act as a single POC for any major security incident-Knowledge on MITRE/CKC framework implementation-Security Analytical skills-Should have excellent customer handling skills-Basic understanding of Incident Response and other security technologies -User behavior/Malware Analysis, Knowledge on ServiceNow and Splunk Admin Additional Information:- The candidate should have minimum 7.5 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As the SOC L3 Analyst you will lead the technical handling of critical security incidents. Youll be responsible for deep-dive analysis, root cause investigation, forensics, and containment using tools such as CrowdStrike, Sumo Logic SIEM, and SOAR. You will be responsible for onboarding and managing log sources, building SIEM use cases (custom + in built), and developing automation in SOAR to support incident response and threat detection workflows Roles & Responsibilities:-End-to-End Incident Response Ownership:Ability to handle incident lifecycle (detect, contain, remediate)-Subject matter expert for handling the escalated critical or actual true positive incidents.-CrowdStrike Deep Dive:Using Real Time Response (RTR), Threat Graph, custom IOA rules-Strong command over Sumo Logic SIEM content engineering:Creating detection rules, dashboards, and field extractions-Threat Hunting:Behavior-based detection using TTPs-SOAR Automation:Designing playbooks, integrations with REST APIs, ServiceNow, CrowdStrike-Threat Intel Integration:Automation of IOC lookups and enrichment flows-Forensic Skills: Live host forensics, log correlation, malware behavioral analysis-Deep experience in advanced threat detection and incident response-Scripting Proficiency:Python, PowerShell, Bash for automation or ETL-Error Handling & Debugging:Identify and resolve failures in SOAR or data pipelines-Proficiency in CrowdStrike forensic and real-time response capabilities-Experience Sumo Logic SOAR for playbook optimization-Use case development in Sumo Logic SIEM Professional & Technical Skills: -Lead high-severity incident response, coordinating with stakeholders and IT teams-Perform endpoint forensic triage using CrowdStrike Real Time Response (RTR)-Conduct detailed log analysis and anomaly detection in Sumo Logic-Customize or create new detection rules and enrichments in SIEM-Develop/Tune SOAR playbooks for advanced scenarios, branching logic, and enrichment-Perform root cause analysis and support RCA documentation-Mentor L1 and L2 analysts through case walk-throughs and knowledge sharing-Generate post-incident reports and present findings to leadership-Lead investigations and coordinate response for major incidents-Perform root cause analysis and post-incident reviews-Develop advanced detection content in Sumo Logic-Optimize SOAR playbooks for complex use cases-Onboard and maintain data sources in Sumo Logic SIEM and ensure parsing accuracy-Build custom dashboards, alerts, and queries aligned with SOC use cases-Create and maintain field extractions, log normalization schemas, and alert suppression rules-Integrate external APIs into SOAR (e.g., VirusTotal, WHOIS, CrowdStrike)-Monitor log health and alert performance metrics; troubleshoot data quality issues-Collaborate with L3 IR and Threat Intel teams to translate threat use cases into detections-Participate in continuous improvement initiatives and tech upgrades-Conduct playbook testing, version control, and change documentation-CrowdStrike:Custom detections, forensic triage, threat graphs-SIEM:Rule creation, anomaly detection, ATT&CK mapping-SOAR:Playbook customization, API integrations, dynamic playbook logic-Threat Intelligence:TTP mapping, behavioral correlation-SIEM:Parser creation, field extraction, correlation rule design-Scripting:Python, regex, shell scripting for ETL workflows-Data Handling:JSON, syslog, Windows Event Logs-Tools:Sumologic SIEM, Sumo logic SOAR & Crowdstrike EDR-Exp in in SOC/IR including 4+ in L3 role (IR + SIEM Content Engineering & SOAR) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, while also addressing any emerging security challenges that may arise during the implementation process. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development of security policies and procedures to enhance the overall security posture.- Evaluate and recommend security technologies and tools to improve cloud security measures.- Communication:Strong verbal and written communication skills, with the ability to present complex security concepts to non-technical stakeholders. Professional & Technical Skills: - Incident Response:Lead and manage security incident response efforts, including investigation, containment, and remediation of security incidents.- Threat Detection:Utilize advanced security tools and techniques to detect and analyze potential threats, ensuring timely identification and mitigation.- Security Operations:Oversee the daily operations of the Security Operations Center (SOC), ensuring efficient monitoring and response to security alerts.- Playbook Development:Collaborate with the SOAR team to develop and refine playbooks for incident enrichment, integration, and testing.- Reporting:Prepare and present weekly, fortnightly, and monthly SOC reports to leadership, highlighting key metrics and incident trends.- Knowledge Transfer:Provide training and knowledge transfer to new team members, ensuring they are equipped to handle day-to-day monitoring and alert analysis.- Stakeholder Collaboration:Work closely with stakeholders to resolve escalated incidents and improve security protocols.- Continuous Improvement:Identify areas for improvement within security operations and implement strategies to enhance overall security posture.- Technical Skills: Proficiency in using security tools such as SIEM, EDR, and SOAR platforms. Experience with Google SecOps is highly desirable.- Certifications:Relevant certifications such as GCIH, or GCIA are preferred. Additional Information:- The candidate should have Minimum of 5 years of experience in security operations, incident response, and threat detection.- This position is based at our Bengaluru office.- Bachelor's/ Masters degree in Computer Science, Information Security, or a related field. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented CrowdStrike Endpoint Security Administrator to manage, maintain, and optimize our deployment of CrowdStrike Falcon. This role involves operational administration of the platform, proactive threat detection, and ensuring endpoint security across the enterprise. Roles & Responsibilities:-Administer and manage the CrowdStrike Falcon platform including configuration, tuning, and policy management.-Monitor alerts and dashboards for suspicious activity and work with incident response teams as needed.-Deploy and upgrade CrowdStrike agents across Windows, macOS, and Linux systems.-Create and maintain documentation for policies, procedures, and system configurations.-Integrate CrowdStrike with SIEMs, ticketing systems, and other security tools.-Perform regular audits and health checks to ensure endpoint coverage and compliance.-Respond to endpoint-related security incidents and assist with forensic investigations.-Collaborate with IT teams to ensure secure configuration and patch management across endpoints.-Hands-on experience with CrowdStrike Falcon (policy management, sensor deployment, event analysis).-Familiarity with EDR/XDR concepts and tools. Professional & Technical Skills: - Must To Have Skills: Proficiency in Endpoint Extended Detection and Response.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat hunting methodologies.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 5 years of experience in Endpoint Extended Detection and Response.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Job Title: Security Lead Department: IT Location: Navi Reporting To: Global IT Infra Lead Role Overview The Security Lead is responsible for managing security incident response and readiness within a 24x7 Security Operations Centre (SOC), supporting IT Infrastructure and Operations. The role includes overseeing vulnerability management, operating security tools, and ensuring rapid threat identification and remediation. Key Responsibilities Lead and coordinate security incident response and lifecycle management of on-premises and cloud-based security solutions. Manage and respond to security incidents and operational requests, ensuring swift identification, containment, and remediation. Develop and maintain incident response playbooks and procedures. Conduct regular vulnerability assessments, prioritize remediation, and collaborate with IT teams for patching and updates. Operate and monitor security tools (HIDS, NIDS, IPS, SIEM, etc.) to identify and address threats and vulnerabilities. Analyze security events, determine root causes, and recommend mitigation actions. Support audits, compliance reviews, and participate in industry forums. Monitor and communicate relevant security trends and developments. Qualifications & Experience Bachelors degree in Computer Science, Information Systems, Cyber Security, or related field. Minimum 10 years of relevant cyber security experience. Strong knowledge of IT operations (cloud, systems, infrastructure) and security assessment (audit, VAPT, pen testing). Hands-on experience with security products (EDR, WAF, DLP, SIEM, SOAR). Familiarity with frameworks such as ITIL, ISO, PCI-DSS, NIST. Relevant security certifications (e.g., CISSP, CISM, CISA, CEH) preferred. Excellent communication skills, with experience presenting to senior management. Project management certifications (e.g., PMP, PRINCE2) are an advantage. Interested candidate can share their cv at piyali.saha@parkconsultants.in

Manage Microsoft Sentinel SIEM platform to detect, investigate, and respond to security incidents. Configure alerts, monitor security events, and ensure compliance with security policies and best practices.

Responsible for implementing and managing endpoint security solutions to protect enterprise networks. Tasks include malware analysis, intrusion detection, policy enforcement, and security incident response. Experience with EDR solutions and cybersecurity frameworks is required.

Sales Executive - Cyber Security Location: Hyderabad, Bangalore, Mumbai No. of Vacancies: 5 Work Experience 2 - 7 years Roles and Responsibilities Identify and develop new business opportunities in the cyber security sector. Build and maintain relationships with prospective and existing clients. Understand client needs and propose suitable cyber security solutions. Collaborate with technical teams to tailor solutions to client requirements. Prepare and present proposals, quotes, and contracts to clients. Negotiate terms and close sales agreements. Keep abreast of industry trends, competitors, and new technologies. Requirements: Proven experience in cyber security sales or related field. Strong understanding of cyber security products, services, and solutions. Excellent communication and negotiation skills. Ability to work independently and as part of a team. Bachelors degree in Business Administration, Marketing, or a related field (preferred). Relevant certifications (e.g., CISSP, CISM) are a plus. How to Apply: Interested candidates should submit their resume to padma@blusapphire.com

Role & responsibilities Incident Management: Lead the end-to-end incident response lifecycle, including detection, analysis, containment, eradication, and recovery. Threat Investigation: Analyze and investigate a variety of attack vectors, such as: Identity attacks include credential abuse, privilege escalation, and MFA bypass. Web Attacks: SQL injection, cross-site scripting (XSS), remote code execution. Network Attacks: DDoS, lateral movement, traffic manipulation. Cloud Threats: IAM misconfigurations, exposed services, container security vulnerabilities. Collaboration & Coordination: Work closely with SOC analysts, threat intelligence teams, forensics, and engineering groups during and after security incidents. Root Cause Analysis: Conduct comprehensive investigations to determine the root cause of incidents and provide actionable remediation recommendations. Process Improvement & Documentation: Document all incident response procedures and lessons learned. Contribute to the continuous improvement of our detection and response capabilities. Proactive Security Measures: Participate in threat hunting and purple team exercises to enhance overall security preparedness. Preferred candidate profile A minimum of 5 years of hands-on experience in cybersecurity incident response or security operations. Proven expertise in investigating and mitigating incidents across one or more areas: identity, web, network, or cloud. Proficiency with SIEM, EDR, and SOAR tools (e.g., Splunk, Sentinel, CrowdStrike). Experience in hybrid or cloud-first environments (AWS, Azure, or GCP). Strong understanding of frameworks and methodologies such as MITRE ATT&CK, the cyber kill chain, and threat modeling. Excellent written and verbal communication skills, with the ability to document and convey technical details clearly to both technical and non-technical stakeholders.

: Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What well offer you , 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How well support you . . . . About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

We are looking for a Lead Cybersecurity Engineer with deep technical expertise and leadership experience to drive innovative threat detection solutions and lead a team of security engineers. The ideal candidate will bring hands-on experience in research & development (R&D) , demo environment creation , endpoint security , SIEM operations , and cloud-native tools such as Azure Sentinel and the Microsoft Defender suite . This role will play a strategic part in shaping our security detection roadmap and mentoring a high-performing team. Key Responsibilities: Technical Leadership & Strategy Lead a team of cybersecurity engineers in R&D, detection engineering, and solution design. Define detection strategies and oversee implementation of new use cases across tools. Collaborate with security architects, threat intel, and SOC teams for end-to-end threat coverage. R&D & Security Innovation Drive continuous improvement through security research, PoCs, and new technology evaluations. Analyze evolving threats and proactively build defense strategies and custom detections. Lead the development of security content aligned with frameworks like MITRE ATT&CK. Demo Environment & Simulation Lab Design and lead the creation of demo/test environments to simulate real-world threats. Automate environment deployment for testing security tools, rules, and threat scenarios. Build reusable assets and playbooks for internal enablement and customer-facing demos. Endpoint & SIEM Security Lead implementation and optimization of Microsoft Defender for Endpoint , Defender for Identity , and Defender for Cloud . Oversee the configuration and tuning of Azure Sentinel , including custom KQL queries, analytics rules, and automation via playbooks. Ensure integration of diverse log sources and enrichment for advanced threat detection. People & Process Management Mentor junior engineers and promote skill development across the security engineering team. Establish standards and documentation for security engineering best practices. Drive cross-functional collaboration with IT, Cloud, Compliance, and SOC stakeholders. Required Skills & Experience: 8+ years in cybersecurity roles, with 3+ years in a leadership or senior engineering position . Strong hands-on experience with: Azure Sentinel (KQL, workbooks, playbooks) Microsoft Defender for Endpoint, Identity, and Cloud Endpoint security, EDR, and threat detection Security lab/demo environment setup Excellent understanding of security frameworks (MITRE ATT&CK, NIST, etc.). Strong scripting and automation skills (PowerShell, Python, etc.). Experience managing or mentoring technical teams and delivering complex security projects.

Position: Security Incident Analyst- L3[SOC- L3] Company: CyberAssure www.cyberassure.one Location: @ Client site - Cyber city ,Gurgaon Experience : 5- 8 yrs + Salary range: 12-13 lacs max. Joining time: ASAP max 30 days Shift: Rotational Shifts Key Responsibilities 1. Incident Response and Management: נLead the response to high-severity security incidents such as data breaches, malware outbreaks, and targeted attacks. נRespond to incidents escalated from SOC Level 1 and Level 2 analysts, providing guidance and expertise for effective containment and remediation. 2. Advanced Threat Analysis: נPerform detailed analysis and triage of alerts from security tools such as SIEM (Security Information and Event Management), EDR (Endpoint Detection & Response), firewalls, and network traffic monitoring systems. 3. Security Tools & Monitoring: נManage and fine-tune security tools (SIEM, IDS/IPS, EDR, etc.) to optimise threat detection and response. נCreate, update, and improve security use cases, detection rules, & playbooks for automated incident handling. 4. Collaboration & Knowledge Sharing: נProvide guidance and mentorship to junior SOC analysts (L1 and L2), helping to develop their skills and improve the overall SOC capability. נLead post-incident reviews (PIR) to evaluate incident response performance , refine processes & procedures. Job Requirements: Certifications: Intermediate to advanced certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or equivalent preferred. Experience: Minimum 5 years of experience in a security operations center (SOC) or incident response role . Technical Skills: Expertise in network security, endpoint security, cloud security, and application security. Extensive experience in cybersecurity and incident response. Proficiency in using SIEM platforms and security monitoring tools such as QRadar. Hands-on experience with security tools such as SIEM (Splunk, QRadar, etc.), EDR (CrowdStrike, Carbon Black, etc.), IDS/IPS, and firewalls. Strong understanding of threat intelligence sources, including open-source intelligence (OSINT) and commercial threat feeds. Ability to translate threat intelligence into actionable security measures. Qualifications: Bachelor's degree in computer science, Cybersecurity, or a related field. Share Ur latest C.V. with details like- 1. Ctc 2. Expectation 3. Notice period Regards, Rajesh Kumar AAYAM CONSULTANTS Cell: - 9311232179/ 7011595674 Email id: - [HIDDEN TEXT]

Min 4 years of exp in pre-sales or consulting roles within the cyber security industry. Strong knowledge of cyber security technologies, frameworks, with knowledge in areas such as network security, application & cloud security and data protection.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you a tech-savvy problem-solver with a passion for ensuring optimal network performance? If so, look no further – Kyndryl is seeking a Network Support Specialist who will be the go-to expert for installing, maintaining, and troubleshooting computer networks. As our Network Support Specialist, you'll be working in a complex, multi-vendor environment, and will use your analytical skills to identify and resolve network issues, make configuration changes, and implement security policies. This role requires someone who can think on their feet, test and apply corrective actions (including emergency changes), and participate in change reviews as needed. And with the ever-changing nature of technology, you'll be constantly learning and growing in your role. You will work alongside a talented team of experts to plan and execute routine network changes, troubleshoot and solve network issues and outages, and maintain excellent communication with our end customers, project managers, and service engineers. You’ll be responsible for maintaining network components, monitoring network performance, and maintaining network security. You will also be providing user support for network-related issues, ensuring that our customers receive the highest level of support possible. If you're ready to take on a fast-paced and rewarding role in the world of network support, apply to join the Kyndryl team today! Key Responsibilities: Security Operations & Support: Handle L2-level troubleshooting and resolution of network security incidents. Manage and support firewalls, IDS/IPS, VPNs, proxies, and endpoint security solutions . Perform log analysis and security event monitoring to detect potential threats. Assist in firewall rule changes, ACL modifications, and access reviews . Work with SOC/NOC teams to escalate critical security events. Incident Management & Monitoring: Investigate and respond to malware infections, phishing attacks, and network intrusions . Assist in DDoS mitigation, security patching, and vulnerability management . Escalate complex security issues to L3 engineers or security architects . Network Security Administration: Maintain and configure firewalls (Cisco ASA/FTD, Palo Alto, Fortinet, Check Point, Juniper SRX) . Support VPN configurations, endpoint protection, and network access control (NAC) . Ensure compliance with security policies and industry standards (ISO 27001, NIST, PCI-DSS, etc.) . Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Technical Skills & Qualifications: Experience: 5+ years in network security Hands-on experience with firewalls, IDS/IPS, and endpoint security solutions. Good understanding of networking protocols (TCP/IP, VPN, VLAN, BGP, OSPF, NAT, SD-WAN). Familiarity with CrowdStrike , SIEM, DLP, WAF, EDR/XDR, and NAC tools . Experience with cloud security (AWS, Azure, GCP) is a plus. Certifications preferred: CCNA Security, Fortinet NSE 2-4, PCNSA, CEH, CompTIA Security+, or equivalent. Basic knowledge of Python, PowerShell, or Ansible for automation is a plus. Soft Skills: Strong analytical and troubleshooting skills. Ability to work in a fast-paced environment and handle escalations efficiently. Good communication and teamwork skills. Experience working in a SOC/NOC environment is an advantage. Education: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Job Description: Cyber Security Threat Analysts (Level 1 and Level 2) Our organisation is currently hiring Cyber Security Threat Analysts (Level 1 & Level 2) with zero to four (4) years experience. Cyber Security Threat Analysts Job Description (1) Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security. Respond to alerts from information security tools in accordance with defined Service Level Agreements (SLAs) for clients. (2) Perform ongoing monitoring security logs, develop SIEM content, and deployment of security tools in various environments. (3) Research security trends, new methods and techniques used in unauthorized access of data to pre-emptively eliminate the possibility of system breach. (4) Assess threat and vulnerability information from all sources (Threat Intelligent database or Feeds) and promptly apply applicable mitigation techniques initiating indications and warnings. (5) Assist in producing daily / weekly / monthly reports of security monitoring reports (6) Perform identification, remediation, and documentation of network intrusions and computer system compromises, advance malware analysis and forensic analysis of n/w activity, disks, and memory. (7) The Employee is required to work on a rotating shift of Morning Shift, Afternoon Shift and Night Shift. Requirements: 1. Level 1 Analysts : Require one year experience or more. Fresh graduates with international professional certificates are encouraged to apply. Required certificate (at least 1) : EC-Council Certified Ethical Hacker // EC-Council Certified Security Analyst // CCNA Cyber Security Operations // CompTIA Cybersecurity Analyst (CySA+) // CREST Certificates Fresh graduates with the above professional certificates are encouraged to apply. 2. Level 2 Analysts : 2 to 4 years experience required Required certificate (at least 1) : EC-Council Certified Ethical Hacker // EC-Council Computer Hacking Forensic Investigator // EC-Council Disaster Recovery Professional // Offensive Security Certified Professional (OSCP) // Certified Red Team Operator (CRTO) // CompTIA Cybersecurity Analyst (CySA+) // CREST Certificates 3. Must have knowledge in SIEM, security event analysis, EDR, networking, operating systems and enterprise integrations, firewalls, routers, VPN devices Soft-skills: Good leadership skill and team player, Independent and Decisive Excellent presentation skills Excellent written and oral communication skills in English is important. Ability to articulate technically and non-technically is an advantage. If you are interested, email joanna.woonsc@akati.com the following documents: Your most recent CV, reflecting your latest experiences and achievements Transcripts of your Bachelor's degree (if available, and Masters), including the results for each subject as individual files (Do not send google link or zipped folders). PDF copies of your Cybersecurity Professional Certificates. Please note we kindly request that you refrain from sending links and instead attach the certificates directly If you are currently employed, please provide your pay-slips from the last three months.

Job Title: SOC Manager Company: AKATI Sekurity The Role AKATI Sekurity is seeking a strategic and highly technical SOC Manager to lead our 24/7 Security Operations Center. This is a senior leadership role for an individual who can combine deep technical expertise in security operations with proven team management capabilities. You will be responsible for the overall direction, performance, and maturation of our SOC, ensuring the timely detection, analysis, and response to sophisticated cyber threats while acting as a key security partner to our clients. Key Responsibilities Leadership & Team Management Lead, mentor, and manage a 24/7/365 team of SOC analysts (Tier 1-3). Drive team performance, ensuring adherence to Service Level Agreements (SLA) and fostering a culture of continuous improvement and technical excellence. Oversee incident response activities, acting as a senior escalation point for critical security incidents involving network infrastructure, and other enterprise systems. Technical Operations & Strategy Direct the SOC's threat management program, including threat modeling, intelligence integration (e.g., MISP), and the development of advanced detection use cases. Oversee the SIEM/SOAR platform strategy, guiding the architecture, integration, and optimization of tools to enhance detection and response capabilities. Ensure the SOC's operational readiness by maturing processes based on frameworks like MITRE ATT&CK and the Cyber Kill Chain. Client Management & Reporting Act as the primary technical liaison between the SOC and client stakeholders. Develop and present clear, insightful reports, dashboards, and metrics on SOC operations, security posture, and incident trends to client leadership. Required Qualifications & Experience Experience: 5-7 years in Security Operations, with at least 2+ years in a leadership or management capacity (e.g., SOC Lead, SOC Manager). SIEM Expertise: Expert-level knowledge of SIEM technology and architecture, with hands-on experience managing at least two enterprise-grade platforms (e.g., Splunk, QRadar, Sentinel). Security Frameworks: Deep understanding of modern security frameworks and concepts, including MITRE ATT&CK, Cyber Kill Chain, SOAR, and UEBA. Technical Breadth: Strong foundational knowledge of networking, operating systems, WAF, malware detection, large enterprise platform builds, and threat intelligence platforms. Leadership: Proven ability to lead, discipline, and motivate a technical team, with experience managing performance and adhering to strict client SLAs. Communication: Exceptional written and verbal communication skills in English, with a demonstrated ability to articulate complex technical concepts to both technical teams and non-technical executive stakeholders. Preferred Security Certifications One or more of the following are highly desirable: CISSP, CISM, CISA, OSCP, OSCE, CEH. To Apply: Please send your resume and a cover letter to careers@akati.com