278 Edr Jobs - Page 10

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Engineering Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your role involves ensuring the security of critical assets and data. Roles & Responsibilities:Work as part of Security Engineering handling tunings, customer requests, escalations, reporting, trainings, etc.Administration of the Accenture proprietary SIEM (Log Collection Platform) to gather security logs from customer environment.Life cycle management of the SIEM (Onboarding, Break-fix, Patching, Live update )Adhering to SOPs and notify customers on log flow/log format issuesDocument best practices and writing KB articlesIdentify opportunities for process improvements Professional & Technical Skills: Experience in SOC OperationsKnowledge on networking, Linux and security concepts Experience in configuring/managing security controls such as Firewall, DS/IPS,EDR,UTM,ProxyKnowledge on log collection mechanism such as Syslog, Log file, DB & API and build collector Knowledge in device onboarding and integrationPassion for cyber security, learning, and knowledge sharing Strong Verbal & written communication skills Proven customer service skills, problem solving and interpersonal skills Ability to handle high pressure situationsConsistently exhibit high levels of teamworkFollowing certifications is added advantage:Network+,Linux+, Security and CCNAPrior experience in information security or SOC operations Additional Information:Work as part of a global technical services team that works 24/7 on rotational shiftBachelors degree in computer science, The candidate should have minimum 2 years of experience This position is based at our Chennai office. A 15 years full time education is required. Qualification 15 years full time education

Company Description POSITION Title Information Security Analyst-L2 Reporting To Manager Work Location Bangalore SUMMARY OF POSITION AND OBJECTIVES: Eurofins is ramping up the Security Operations Center and has a need to extend the L2 incident resolvers team. The person working in L2 SOC team receives incidents escalated from L1 SOC, gets to manage the findings and work towards remediation of the incidents found. He/she continuously operates the Security Incident process, driving the resolution of identified issues, as part of the team, bringing the necessary experience and expertise above the L1 SOC level. The role requires working in shift mode (24/7), after the initial ramp up period. POSITION & OBJECTIVES :(maximum 1000 characters (not including spaces) for posting on Eurofins website and career portals): : Monitoring and analysis of cyber security events with use of SIEM, IDS, EDR, antivirus, Internet Footprint tools, proxy solutions. Security Event Correlation as received from L1 SOC or Incident Response staff or relevant sources to determine increased risk to the business. Recognize potential, successful, and unsuccessful intrusion attempts/compromises thorough review and analysis of relevant event detail and summary information. Development and execution of SOC procedures. Educating and coaching the L1 colleagues. Triage security events and incidents, detect anomalies, and report/direct remediation actions. Ensure confidentiality and protection of sensitive data. Analysis of phishing emails reported by internal end users for cases going above L1. Working with remediation (IT Infra & Ops) teams on events and incident mitigation. Follow up on remediation activities. Support the SOC Manager in his duties (e.g. extension of SOC services to new sites). Support L3 colleagues as required. Technical Knowledge : Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.). Experience and keen understanding of cybersecurity tools, including SIEM, IDS/IPS, antivirus and endpoint detection & response solutions. Experience in developing and maintaining Play/Runbooks and/or Standard Operating Procedures in a SOC environment. Strong troubleshooting, reasoning, and analytical problem-solving skills. Ability to communicate technical details effectively in writing and verbally to junior IT personnel and management. Keen on further developing oneself in the information security world and the security operations. Personal Qualities: Team player. Detail oriented. Excellent communication with technical leaders. Systems Thinking - the ability to see how parts interact with the whole (big picture thinking). Able to work under minimal supervision. EVOLUTION: The position performs in a Threat Researcher role. The Analyst will use advanced network and host based tools that will proactively search through datasets to detect and respond to imminent and potential threats that evade traditional security solutions. Candidate should be capable of clear communicating to varying audience across the organization, in addition to seeking and building consensus where it is needed to achieve a strengthened security posture. What we offer: Opportunity to grow in a demanding, fast-growing organization. Very attractive, multicultural, and friendly work environment in fast-growing international company (with more than 55 000 employees). Possibility to grow and make the next step in your professional career and self-development. A launch pad into various opportunities within many business lines of Eurofins globally. A chance to become part of a highly motivated international team of professionals Qualifications Masters degree or Bachelors degree (B.E, B.Tech) or equivalent Minimum of 2-3 years of professional experience as a SOC Analyst (L1 or L2), threat researcher or hunter or a similar comparable role dealing with incident handling, alert tracking, cybersecurity case management.

The Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty domain.

Greetings from Wysetek!! Wysetek leverage's 35 years of rich experience in providing Integrated Technology Solutions to SMEs and Large Corporations across India. We are recruiting for our Technology Solution Division Working Knowledge on Technology/ Product Knowledge (Any One is must): TrendMicro, Vision one, Apex One. Mode of Work: Onsite/Field Location: Hyderabad (Onsite) Position : 10 (L1/L2/L3) Preferably Looking for Immediate joiners Job description Implementation & Troubleshooting Implementation of TrendMicro / Endpoint Encryption at client place as per the scope work and their requirement. Troubleshooting client issues and suggesting them best and optimal solution which can secure their systems and servers from theft attack. Giving remote and onsite support to the client. Escalating case to tech team whenever require. Closely working with endpoint encryption for enterprise. Firewall Endpoint Encryption Server Installation & SQL DB Installation for Trend Micro/ Firewall Endpoint Encryption Policy Server. As well as troubleshooting on encryption affected machine and issue resolutions. Closely working with Trend Micro or other antivirus product for enterprise. Trend Micro or other Antivirus Server Installation, Agent package creation, DLP policy management for enterprise users and antivirus agent troubleshooting as per the issue persist. Core Competencies Self-starter with a high energy level Ability to work with all levels of individuals. Good with Escalation matric know how Excellent communicator, both written and verbal Ability to articulate complex technical ideas. Ability to forecast accurately. Technical Experience: Degree qualified in a relevant field (B.E, B. Tech, Computer graduate) or equivalent experience in Implementation & troubleshooting on Load balancer / Web Application Firewall is essential. Relevant Certification will be advantageous.

Tata Elxsi is a global design and technology services leader for Automotive, Media, Communications and Healthcare. The Company helps customers reimagine their products and services through design thinking and application of digital technologies such as IoT (Internet of Things), Cloud, Mobility, Virtual Reality, and Artificial Intelligence. Roles and Responsibilities: Overseeing the 24x7x365 Security Operation Centers processes, technology and people who monitor security tools, assess threats, and risks involving client infrastructure and orchestration Lead and manage the Security Operations Center (SOC) team, providing direction, guidance, and support to ensure the team's effectiveness and productivity with In-depth knowledge of security operations, incident response methodologies, and security technologies (SIEM, IDS/IPS, EDR, etc.). Responsible for ensuring that all Managed Service deliverables are produced on time and within strict SLA time frames, while maintaining an innovative growth culture within SOC team. Expected to act as the escalation point for the SOC technical team Managing priorities, providing recommendations and implementing changes to methods/processes. Handle client meetings, point of contact for client requirements, onboard new clients. Manage relationships with our customers in-house operations teams and lead operational interactions/cadence with client management. Provide direction and vision to improve SOCs effectiveness, including motivating people to perform, listening to the team, providing feedback, recognizing strengths, identifying automation opportunities, reducing alert fatigue and providing adequate challenges to staff to maintain innovative growth culture. Oversee the management of our existing Managed Security Operations managed SIEM and EDR solutions, ensuring their optimal performance and effectiveness in detecting and responding to security incidents. Collaborate with the SOC analysts and engineering team to define and implement SIEM rules, alerts, and correlation logic to improve the accuracy and efficiency of threat detection. Develop and implement SOC strategies, policies, and procedures to enhance the organization's security posture and incident response capabilities. Oversee the monitoring and analysis of security events and incidents, ensuring timely detection, investigation, and response to potential threats or vulnerabilities. Taking a proactive role in utilizing Threat Intelligence and Threat Hunting activities, ensuring the SOC is ahead of potential security threats. Establish and maintain relationships with external partners, vendors, and industry peers to stay updated on emerging threats, best practices, and industry trends. Conduct regular assessments and audits of SOC processes, systems, and controls to identify areas for improvement and ensure compliance with regulatory requirements. Develop and deliver comprehensive reports and metrics on SOC performance, including incident trends, response times, and effectiveness. Stay abreast of the evolving cybersecurity landscape, emerging threats, and industry standards, providing recommendations for proactive security measures and continuous improvement of the SOC. Proven expertise in MDR and Managed SIEM, with a strong preference for experience with Leading Market vendors. Strong networking concepts, including an in-depth understanding of TCP/IP protocols, firewall configuration, network segmentation, VPNs, etc. Strong understanding of Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks. Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products Experience with Opensource Security Information Event Management (SIEM) tools, creating advance co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessment Strong background and expertise on various security technologies including end point security, perimeter security, Advanced threat protection, Security monitoring and security Certifications: CISSP,CISM, CEH, OSCP, or equivalent are highly desirable., ITIL or equivalent

Job Title: IT Security Specialist Location: Mohali Job Type: Full- Time Key Responsibilities: • Server Hardening: Implement industry-standard server hardening practices to reduce vulnerabilities across critical servers and endpoints. • Network Hardening & Segmentation: Review firewall rules, apply secure network configurations, and implement logical segmentation to minimize the risk of lateral movement within the network. • Configuration & Patch Management: Define and maintain secure baseline configurations for IT assets. Ensure timely application of security patches and updates to mitigate known vulnerabilities. • Active Directory (AD) Hygiene: Perform regular audits to identify and remove stale user accounts, orphaned objects, and excessive privileges. Implement AD best practices to improve both security and compliance. • Endpoint Security Management: Deploy and manage antivirus software, EDR/XDR solutions, device control mechanisms, and full-disk encryption tools to safeguard endpoints across the enterprise. Qualifications: • Bachelors degree in Computer Science, Information Security, or a related field (or equivalent work experience) • 2+ years of hands-on experience in IT security, system hardening, and endpoint protection • Strong understanding of Windows and Linux server environments • Experience with Active Directory and group policy management • Familiarity with security frameworks such as NIST, CIS Controls, or ISO 27001 • Working knowledge of EDR/XDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender) • Excellent problem-solving skills and attention to detail

SOC Analyst - L3 Experience Range : 8 - 15 Years Position : Permanent Location : Chennai (Taramani) Project : Banking Shift : Rotational Notice : Immediate Joiners, Serving Notice Key Responsibilities: Incident Detection & Response: Monitor security alerts and events through SIEM tools to identify potential threats. Investigate security incidents and respond in a timely and effective manner. Leverage EDR (Endpoint Detection and Response) solutions for threat detection and incident analysis. Threat Analysis & Mitigation: Conduct thorough threat and malware analysis to identify and mitigate risks. Work closely with internal teams to investigate malware, viruses, and ransomware threats. Use CrowdStrike , Defender , and other endpoint security tools to prevent attacks. Email Security Management: Monitor and manage email security systems to prevent phishing, spam, and other malicious email threats. Respond to suspicious email alerts and work with other teams to resolve them. Continuous Monitoring & Alerting: Actively monitor systems, networks, and applications for any signs of suspicious activities. Utilize Endpoint Security solutions to continuously track and protect endpoints across the network. Collaboration & Reporting: Work closely with the IT and security teams to assess, analyze, and resolve security incidents. Maintain detailed documentation of incidents, findings, and responses for future reference. Regularly report on the status of ongoing security incidents and trends to senior management. Research & Knowledge Enhancement: Stay updated with the latest security threats, vulnerabilities, and trends. Participate in security training and development to improve skills in SIEM , EDR , and other security tools. Required Skills and Qualifications: Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills. Preferred Qualifications: Security certifications like CompTIA Security+ , CISSP , CEH , or GIAC are a plus. Experience with incident response and forensic investigation. Familiarity with cloud security in AWS, Azure, or Google Cloud.

Overview Experience:3-5 Years Location Hyderabad Analyst, Security Operations About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Security Operations at our Hyderabad office. This role is responsible for maintaining the confidentiality, integrity, and availability of personal information and company assets, ensuring compliance with Omnicom’s internal policies and standards. The Analyst will support the tools, technologies, and operational architecture that monitor and protect Omnicom’s physical and digital environments. This role plays a vital part in defending the organization’s infrastructure and data by executing daily operational security tasks and contributing to long-term strategic security initiatives. Key Responsibilities Manage and support cybersecurity tools and software that protect Omnicom’s digital and physical environments. Operate and maintain controls such as Web Access Firewall (WAF), Zero Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), Cloud Firewall (CFW), Endpoint Detection & Response (EDR), and Security Information and Event Management (SIEM) systems. Deploy and maintain software agents and intermediate nodes to facilitate secure operations across cloud and on-premises environments. Collaborate across internal Omnicom teams as well as with external support, accounting, and engineering teams from trusted security partners. Monitor environments for security threats and respond in accordance with incident response protocols. Support ongoing security posture improvement initiatives and assist in risk mitigation efforts. Qualifications Required Qualifications 3–5 years of experience in security operations, cybersecurity, or IT infrastructure. Working knowledge of security platforms such as WAF, CASB, ZTNA, CFW, EDR, and SIEM tools. Familiarity with incident detection, triage, and response processes. Experience in agent deployment and system integration for enterprise-wide security tools. Strong analytical and problem-solving skills with a proactive security mindset. Ability to coordinate across teams and manage third-party security service providers. Excellent communication skills and a detail-oriented approach to operational tasks. Preferred Qualifications Security certifications such as CompTIA Security+, GIAC, or equivalent. Experience with cloud security frameworks and zero trust architecture. Exposure to regulatory compliance environments (e.g., GDPR, HIPAA, ISO 27001).

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- SOC Operations:Lead and manage day-to-day operations of the SOC, including Tier 13 security analysts.Oversee security monitoring, threat detection, incident response, and threat intelligence activities.Ensure continuous tuning and enhancement of SIEM and EDR tools.Create and maintain incident response playbooks and workflows.Collaborate with infrastructure and application teams during security events.Security Governance, Risk & Compliance:Develop and enforce cybersecurity policies, standards, and procedures aligned with business objectives and regulatory requirements.Coordinate risk assessments, audits, and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA).Lead security awareness and training initiatives across the organization.Track and report on cybersecurity risks, mitigation plans, and audit findings.Partner with legal, audit, and compliance teams to ensure alignment with industry and legal frameworks.Strategic Leadership:Provide executive-level reporting on threat posture, key risks, and SOC performance.Guide long-term planning and roadmap development for security operations and governance initiatives.Mentor and develop SOC staff and GRC team members.Stay current with industry trends, threat landscape changes, and evolving compliance standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.-Reccomend use case fine tuning-Regularly review use cases and suggest enhancements. -Run internal Table top exercises to help train the team-Maintain IR quality as per industry standards Additional Information:- The candidate should have minimum 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Minimum 3 years’ experience working in a large-scale IT environment with focus on Cyber / Information Security. Areas of expertise should include Pre-Sales support, Service & Solution delivery, part of program management (Transition & Transformation) Required Candidate profile Knowledge in SIEM, SOAR, Threat Hunting, EDR, Deception, NTA, NBAD, UEBA. Handson experience on leading analytical platforms like Splunk, IBM QRadar, Hunters, Sumo Logic, Sentinel. Certification:CISSP

Job Summary: We are seeking a highly experienced SOC SME to lead complex incident response, design advanced detective controls, and perform proactive threat hunting across multi-platform environments. This role demands strong technical expertise in security operations and a proactive approach to threat mitigation. Work from Office - Bangalore location [Brookfield] Rotational and Night Shift applicable Mandatory Skill Set: 8+ years in Security Operations/Incident Response Hands-on with SIEM, SOAR, XDR platforms (e.g., Cortex XSIAM, Torq) Expertise in threat hunting and event analysis Knowledge of cyber frameworks: MITRE ATT&CK, NIST, Kill Chain Experience with EDR tools , network forensics , and log analysis Strong understanding of incident lifecycle and post-incident reporting Excellent analytical and communication skills Bachelor's degree in Computer Science or related field Key Responsibilities: Lead incident response (IR) and analyze complex security events Design and improve detective controls and alert use cases Conduct proactive threat hunting and trend analysis Stay updated on cyber threat landscape and threat actor TTPs Contribute to security innovation , tool enhancement, and process maturity Deliver detailed incident reports and post-mortem reviews Preferred Skills: Scripting: Python, PowerShell Cloud Security: AWS, Azure, GCP Certifications: CISSP, GIAC, CEH Strong grasp of defense-in-depth and layered security strategies

Apply on company website- https://zrec.in/hIRJh?source=CareerSite

Scope: We are looking for a dynamic and strategic Vice President of Cyber Defense to lead our global cyber defense and incident response capabilities. This executive leader will own the detection, response, and mitigation of cyber threats, ensuring our organization is resilient in the face of a rapidly evolving threat landscape. The ideal candidate brings deep expertise in threat detection, SOC operations, incident response, and threat intelligence. This leader will partner across the business to build and maintain a world-class cyber defense program that proactively protects the company's assets, data, and reputation. Key Responsibilities: Cyber Defense Strategy & Operations: Develop and execute the company's cyber defense strategy, aligning with enterprise risk, compliance, and business objectives. Work with key stakeholders and business lines to ensure detection and response meet NIST CSF minimum baselines for global security operations and response. Lead 24/7/365 operations based on business need partner with Global Command and Site Reliability Teams to ensure baseline for all customer facing incidents, and internal company wide incidents are coordinated in a centralized operation center follow the sun model. Lead the global Security Operations Center (SOC), including 24/7 monitoring, detection, analysis, and response to cyber threats. Build out capabilities for detection and response for Tier 1, Tier 2, and Tier 3 security incidents and events. Implement and mature threat hunting, security analytics, and detection engineering programs. Ensure and validate Customer Incident Response and capabilities for onboarding mergers & acquisitions, new customers, and new environments as we grow and scale. Security Assessment and Continuous Threat Exposure Management:Identifying and fixing weaknesses in systems and networks including establish MTTD, MTTR, and MTTA for exposures, vulnerabilities, and potential threats. Incident Response:Investigating and responding to security breaches, including analyzing incidents and escalating them when necessary. Threat Detection and Prevention:Monitoring network traffic, system logs, and other data sources to identify potential threats and malicious activity. Security System Administration and Maintenance:Installing, configuring, and maintaining security tools like firewalls, antivirus software, and intrusion detection systems. Security Policy and Procedure Development:Creating and enforcing security policies and procedures to protect sensitive information. Security Training and Awareness:Educating employees about cybersecurity risks and best practices. Staying Up-to-Date:Keeping abreast of the latest security threats, vulnerabilities, and technologies. Threat Intelligence & Response: Build and manage a comprehensive threat intelligence function to anticipate and defend against advanced persistent threats (APTs) and zero-day vulnerabilities. Lead cyber incident response efforts, including containment, eradication, and post-incident reviews. Serve as a key escalation point during major security events and coordinate cross-functional response. Security Engineering & Automation: Oversee the development and deployment of tools and technologies that support threat detection, log aggregation, SIEM, SOAR, EDR, and XDR platforms. Drive automation and orchestration to increase efficiency and reduce time to detection/response. Hold QBRs with key security operations vendors to ensure compliance and SLAs are met with all contracts. Team Leadership & Development: Build, lead, and inspire a high-performing cyber defense team, including SOC analysts, incident responders, threat hunters, and detection engineers. Foster a culture of accountability, continuous learning, and proactive defense. Establish Career Development Plans and Growth for analysts, engineers, managers, and directors as the business grows and scales. Collaboration & Executive Engagement: Partner with IT, Infrastructure, Risk, Compliance, and Legal teams to align cyber defense practices with business needs. Provide executive-level reporting on threat landscape, risk posture, and incident metrics. Act as a thought leader and spokesperson on cyber defense strategy internally and externally. Qualifications: Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field. 15+ years of experience in cybersecurity, with at least 5 to 8 years in a senior leadership role overseeing SOC, incident response, or threat intelligence. Deep knowledge of security operations, threat detection techniques, MITRE ATT&CK, and NIST/ISO frameworks. Proven track record managing large-scale incident response, threat intelligence operations, and blue team functions. Experience with cloud security (AWS, Azure, GCP) and hybrid infrastructure defense. Strong executive presence and ability to communicate effectively with C-level stakeholders. Relevant certifications such as CISSP, GIAC, GCIA, GCIH, or equivalent are highly desirable. Our Values If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours Find out here: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

A Sr Information Security Engineer will be a part of the operations wing of Cybersecurity team at BMC. The Cybersecurity team at BMC is responsible for securing BMC IT infrastructure and assets from unauthorized access and to ensure countermeasures are in place against any cyber-attacks. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Security Engineering Participate in vendor identification and implement Cybersecurity tools for the team. Manage & maintain security tools & systems used for incident response. Create & maintain playbooks for responding to different types of security incidents. Security Monitoring Respond to escalations from the SOC on security alerts, eliminate false positives, triage significant security events based on impact and nature of the security incident, and escalate according to the established procedures. Continuously monitor and analyse security events & newly reported threats to proactively identify any opportunities for process enhancement. Review automated daily security reports of key security controls, identify anomalies and, escalate critical security events to the appropriate stakeholders and follow-up as required. Participate in internal & external security audits. Security Incident Response Conduct thorough investigative actions based on security events and remediate as dictated by standard operating procedures. Participate in all the phases of security incident response process, including detection, containment, eradication, root cause analysis and post-incident reporting. Collaborate with cross-functional teams as well as external vendors/customers/partners for incident response as required. Record detailed Security Incident Response activities in the Case Management System. To ensure youre set up for success, you will bring the following skillset & experience: Bachelors Degree or equivalent in IT or Computer Science. Security Trainings/Certifications (e.g. SANS, CDAC-DITISS). 3+ years of relevant SOC IR experience. Should be ready to work in 24x7 rotating shifts. Strong analytical and reasoning abilities. Motivation to identify and solve problems. Hands-on experience with SIEM & other cybersecurity tools like AV, EDR, Firewall, SOAR. System & Network Log Analysis. Whilst these are nice to have, our team can help you develop in the following skills: Good verbal and written communication skills. Familiarity with various Cloud & OS environments. Scripting, malware analysis, vulnerability & threat analysis.

Designation: EndPoint Security Engineer Experience: 2-10 Years years Education: Any Graduate Location: Bengaluru Description: Trend Micro Antivirus, EDR (Endpoint Detection & Response)MDM (Mobile Device Management), DLP (Data Loss Prevention)Anti-Spam, Anti-APT (Advanced Persistent Threats)Vulnerability Management & PatchingKnowledge of ITIL Processes If you're passionate about securing endpoints and making a difference in cybersecurity, were looking for YOU!

Job Description We are seeking a skilled Azure Sentinel Logic App and Analytic Rules Engineer to join our cybersecurity team. The ideal candidate will be responsible for designing, implementing, and managing automated workflows using Azure Logic Apps and developing analytic rules within Azure Sentinel to enhance our security posture and incident response capabilities. Responsibilities Design and Develop Logic Apps: Create and manage Azure Logic Apps to automate responses to security incidents detected by Azure Sentinel. This includes configuring triggers, actions, and conditions based on specific security events. Implement Analytic Rules: Develop and optimize analytic rules in Azure Sentinel to detect potential threats and anomalies within the environment. This involves leveraging Kusto Query Language (KQL) to create effective queries that generate actionable alerts. Integrate Security Logs: Streamline the integration of security logs and data sources into Azure Sentinel using Logic Apps, ensuring that all relevant security data is captured and analyzed efficiently. Automate Incident Response: Build automated workflows that respond to alerts generated by Azure Sentinel, including actions such as sending notifications, creating tickets, or executing remediation scripts. Monitor and Optimize: Continuously monitor the performance of Logic Apps and analytic rules, making adjustments as necessary to improve detection rates and reduce false positives. Essential Skills Certifications in Azure, cybersecurity or related fields. Experience with additional security tools and technologies (e.g., firewalls, intrusion detection systems). This role is crucial for enhancing our security operations and ensuring a proactive approach to threat detection and response. If you are passionate about cybersecurity and have the required skills, we encourage you to apply. Proficiency in Kusto Query Language (KQL) for creating and optimizing analytic queries. Experience with Azure Logic Apps, including triggers, actions, and connectors. Familiarity with security frameworks and best practices, including incident response and threat hunting. 3+ years of experience in cybersecurity, with a focus on security operations, incident response, and SIEM platforms. 2+ years of hands-on experience with Azure Sentinel, including the development of analytic rules and Logic Apps. Additional Desired Skills Strong verbal and written English communication Strong interpersonal and presentation skills Ability to work with minimal levels of supervision Willingness to work in a job that involves 24/7 operations Education Requirements & Experience Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree Minimum of 2-6 years of experience in the IT security industry, preferably working in a SOC environment Certifications: GCIH, CCNA, CCSP, CEH

Role & responsibilities Preferred candidate profile

Job Title: L2 Security Specialist Job Summary: The L2 Security Specialist will take a proactive role in threat hunting, security assessments, and improving defensive measures. This role involves deeper technical analysis, security tool management, and incident response. Key Responsibilities: Perform Data Discovery & Classification to enforce data protection policies. Manage File Upload Security Solutions to prevent malware and data leaks. Conduct Attack Surface Management (ASM) to reduce exposure to threats. Execute Breach & Attack Simulation (BAS) and assist Red Team operations. and analyze Phishing Simulation campaigns to improve security awareness. Implement and audit Active Directory (AD) Security controls. Lead IT Governance, Risk & Compliance (GRC) initiatives (e.g., ISO 27001, NIST). Deploy and analyze Decoy (Honeypot) systems to detect advanced threats. Administer Mobile Device Management (MDM) security policies. Ensure Secure Data Backup & Recovery (Ransomware Protection) effectiveness. Configure and maintain Network Access Control (NAC) solutions. Required Skills & Qualifications: 35 years of experience in cybersecurity operations. Hands-on experience with SIEM, BAS, ASM, and NAC tools. Strong knowledge of phishing, ransomware defense, and AD security. Experience in GRC frameworks (ISO 27001, NIST, GDPR). Familiarity with honeypots, incident response, and threat intelligence. Certifications like CISSP, CISM, OSCP, or CASP+ preferred.

The Endpoint Security Engineer will design, implement, and manage endpoint security solutions across the organization. This role involves collaborating with cross-functional teams to deploy effective security measures while managing project timelines and stakeholder communications. Key Responsibilities Implementation : Design and deploy endpoint security solutions (e. g. , antivirus, EDR, DLP). Conduct security assessments and risk analysis to identify vulnerabilities. Configure and maintain endpoint security tools and policies. Evaluate and recommend new security technologies to enhance endpoint protection. Collaborate with vendors for the implementation of security tools. Project Management : Lead endpoint security projects from initiation to completion. Develop project plans, status reports, and risk management strategies. Monitoring Response : Respond to security incidents and breaches, performing root cause analysis and remediation. Develop and implement incident response plans tailored to endpoint security incidents.

Cloud Security Lead/Architect(L3) Experience architecting security in cloud platforms like AWS, Azure. Experience creating High Level Designing (HLD) - Low-level Designing (LLD), reviewing the technical requirement document (TRD) for cloud security. Define data security policies through AIP,DLP,Etc Thereat hunting experiences with XRD,EDR,SIEM tools. Experience integrating cloud components with SIEM Planning, implementing, designing and reviewing security policies and other compliances. Experience leading SecOps teams. Guide the team on appropriate prioritization of qualified incidents, Notification through standard communication channel and opening of corresponding incident tickets on Ticketing platform Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams Leading IR, Escalations towards closure. Responsible for automating security controls, data and processes to provide improved metrics and operational support Mandatory certifications on Azure,AWS platforms,CCSP,etc. Secondary skillset in Google cloud is Preferred.

Security Service Operations,IT Security Technologies,CISSP, CISM, CRISC, CISA,SIEM, EDR, Email Security Gateways, Vulnerability Management Software, Firewalls,security systems, user authentication and management

We are looking for a candidate who could join our Information Technology Team. Technical Skill Set: 1. Should have a knowledge and understanding of TCP/ UDP. 2. Clean and rigid understanding on what is an AV and whats an EDR solution 3. Understanding of EDR functionalities. This knowledge is required to explore features of a solution and understand technical now how. 4. Understanding on EDR logs and log co-relation. 5. Should be able to understand and retrieve information from packet captures. 6. Should have a sane knowledge of SIEM solution. 7. Knowledge on Log parsing would be an added advantage. 8. Knowledge on Advisories, IOCs, IOAs, Adversories. What are these and how are these to be processed and why? 9. Understanding on actions to be done on receiving an advisory. 10. Should keep his/her knowledge updated and should be on the top of current Cyber exploit cases going on, so that actions can be taken proactively to safeguard the environment. Techno-Management Skill set: 1. Should be able to prioritize tasks while processing advisories, incidents, problems and events. 2. How an incident should be tackled, should have a first-hand expertise on deriving a solution and take incident to closure. 3. Prepare dashboard and reports depicting an at-a-glance view of incidents, events, advisories and remedial actions. 4. Work with the 3rd party solution provider for integration purpose. 5. Prepare documentation related to process and Knowledge base for future easy-reference. 6. Be a bridge between the technical and the management team and make sure updates are regularly submitted to higher management and review to the technical team. 7. Vendor management skills. 8. Any earlier experience in crisis situation handling would be an added advantage.

Job Title: Lead SOC Analyst (Microsoft Sentinel Specialist) Location: Bangalore (Work from Office) Department: Security Operations Center (SOC) Reports To: SOC Manager / Head of Security Operations Job Summary: We are seeking a highly skilled and experienced Lead SOC Analyst with deep expertise in Microsoft Sentinel to join our Security Operations Center. The ideal candidate will be responsible for leading threat detection, incident response, and proactive threat hunting activities, with a primary focus on leveraging Microsoft Sentinel and its associated Microsoft Defender XDR ecosystem. Key Responsibilities: Lead day-to-day SOC operations, ensuring timely detection, triage, analysis, and response to security incidents. Design, develop, and fine-tune Microsoft Sentinel analytics rules (KQL) , workbooks, playbooks (Logic Apps), and automation rules. Oversee and improve threat detection use cases , MITRE ATT&CK coverage, and alert tuning in Microsoft Sentinel. Correlate events from Microsoft Defender for Endpoint, Defender for Identity, Defender for Office 365, and Defender for Cloud to drive enriched detections. Perform proactive threat hunting using Sentinel and other available tools. Guide and mentor SOC Analysts (L1/L2), provide technical escalation support and help develop their technical capabilities. Lead or participate in incident response efforts , including forensic investigation and root cause analysis. Maintain and update SOC documentation, playbooks, and SOPs. Collaborate with internal teams and customers to provide insights, reports, and continuous improvements. Stay updated on the latest cyber threats, vulnerabilities, and Microsoft security product enhancements. Required Skills & Experience: 5+ years of experience in cybersecurity, with at least 2 years of hands-on experience with Microsoft Sentinel . Strong command of Kusto Query Language (KQL) . Experience with Microsoft Defender suite (MDE, MDI, MDO, MDC) and integration with Sentinel. Solid understanding of SIEM/SOAR concepts , threat detection, incident response, and threat hunting. Familiarity with MITRE ATT&CK framework and NIST/ISO incident response process. Experience with Azure Logic Apps and automation in Sentinel is a plus. Hands-on experience in handling advanced persistent threats (APT) , phishing campaigns, lateral movement, and data exfiltration incidents. Preferred Certifications (one or more): Microsoft Certified: Security Operations Analyst Associate (SC-200) Certified SOC Analyst (CSA) Soft Skills: Strong communication and leadership skills. Ability to manage priorities and multitask effectively in a high-pressure environment. Analytical and detail-oriented with a proactive mindset.

Eligibility Criteria: Exp: Mini 3 years in SOC Location: Chennai Mode of Work: WFO Mode of Interview: F2F/Virtual Preferred: Immediate Joiner ( Male Candidate ) Required Skills: Work Experience in security tools like SIEM, Vulnerability and Assessment tools, EDR, Data loss prevention, Threat hunting tools. In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc. Proficient in Incident Management and Response. Expertise in cyber security, firewalls, network security, application security, cloud security. Knowledge in SOC, HITRUST, ISO certifications, and HIPAA, NIST frameworks. Certifications: Cloud Security (Microsoft) CEH CompTIA Security+ (any of these) If Interested in the above Position, please forward your Updated CV - Email: Abdulmusafir.alavudeen@corrohealth.com Mobile: 9884023362

Exp. in a SOC, incident detection and response,SIEM platform and EDR. understanding of networking principles, TCP/IP, WANs, LANs, and Internet protocols (SMTP, HTTP, FTP, POP, LDAP). cloud security concepts & platforms (e.g., AWS, Azure, GCP).