344 Edr Jobs - Page 11

As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources.

• Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). • Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black).

As an L1 SOC Analyst, you will be responsible for monitoring alerts and triaging basic security events from SIEM, EDR, and NDR platforms. Your role includes identifying suspicious activities, escalating incidents as per defined SOPs, and supporting the security operations team in daily monitoring tasks. Key Responsibilities: Monitor alerts from SIEM (QRadar, Microsoft Sentinel), EDR (Microsoft Defender for Endpoint), and NDR (LinkShadow/Darktrace) platforms Triage basic security events and validate incidents using established playbooks Escalate potential threats to L2 analysts based on severity and context Review and respond to AV/EDR alerts and execute predefined security queries Log incidents, document actions, and maintain ticketing system with accurate updates Enrich alerts with known threat intelligence and IOCs (IP, domain, file hashes) Support incident response efforts for phishing, malware, brute-force attacks, etc. Collaborate with team members and shift leads to ensure 24x7 monitoring coverage Tool Experience (Preferred): SIEM Tools: Basic use of QRadar and Microsoft Sentinel EDR/XDR: Microsoft Defender for Endpoint, Antivirus consoles NDR: LinkShadow or Darktrace (basic familiarity) Other Tools: Microsoft Exchange Online Protection (EOP), Azure AD Sign-In Logs (optional) Certifications (Preferred): CompTIA Security+ Microsoft SC-900 Shift Readiness: This role requires flexibility to work in 24x7 rotational shifts , including nights, weekends, and holidays. Required Skills: Understanding of basic cybersecurity concepts Familiarity with security alert triage and incident logging Basic knowledge of Indicators of Compromise (IOCs) Fast learner with strong attention to detail Effective communicator and team player

Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune . The Security Analyst position is part of the Groups Computer Emergency Response Team (CERT) , the organizations cyber defense division. The mission of this team encompasses three critical areas: Threat Prevention & Crisis Preparedness – Proactively anticipate and mitigate threats while preparing for cyber crises. Threat Detection & Analysis – Identify vulnerabilities, detect threats, and uncover attacks. Incident Response – Investigate, manage, and resolve security incidents while mitigating their impact on the IT ecosystem. Key Responsibilities: 1. Security Incident Handling: Analyze and confirm the severity of security incidents based on available data. Follow documented incident response procedures to resolve threats efficiently. Collaborate with technical experts to develop and implement remediation plans. Track and monitor corrective actions, ensuring stakeholders are informed and engaged. Write detailed incident reports, including "hot" and "cold" feedback, for major incidents. Participate in crisis management, including artifact collection, risk analysis, and first-level threat assessments. 2. Projects, Continuous Improvement, and Expertise Sharing: Stay updated on the latest incident response techniques through training and daily monitoring. Provide technical expertise for projects, including tool evaluations, risk analysis assistance, and technical audits. Propose and develop new detection scenarios, automation tools, or enhancements to improve productivity. Conduct team knowledge-sharing sessions by presenting in-depth technical topics. Contribute to the broader expertise missions within the team based on skillsets. Experience Requirements: 10–12 years of relevant experience in cyber security, with a focus on security incident handling, detection, and analysis. Qualifications and Skills: Technical Skills: Data Analysis & SIEM Tools : Proficient in SPL (Search Processing Language) for data analysis, threat hunting, and creating dashboards. Strong experience with SIEM tools like Splunk (Preferred) , Q Radar or Sentinel. Endpoint Protection (EPP) & Endpoint Detection and Response (EDR): Hands-on experience with tools such as: Trend Micro Deep Security Microsoft Defender Palo Alto Cortex Tehtris eGambit Network Security & Firewalls: Knowledge of firewalls , IDS/IPS , VPNs , and network devices such as: Cisco Palo Alto Global Protect Proficiency in analyzing firewall logs and interpreting PCAPs using tools like Wireshark . Operating Systems & Programming: Working knowledge of Windows and Linux will be an added advantage. Knowledge of PowerShell scripting and other system scripting languages. Knowledge on software programming and SDLC will be added advantage. Investigative Skills: Ability to autonomously investigate alerts from detection to resolution. Key Traits and Competencies: Strong analytical and problem-solving skills. Ability to work independently while collaborating with a global team. Excellent communication and report-writing skills. Passion for continuous learning and knowledge sharing. Flexibility to work in a fast-paced environment and support on-call rotations. Interested candidates for above position kindly share your CVs on pranita.th@peoplefy.com with below details - Experience : CTC : Expected CTC : Notice Period : Location :

Your key responsibilities Administration and management support of CrowdStrike Next-Gen SIEM/EDR Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development (Use case development) which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills and attributes for success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing and administering security solution CrowdStrike Next-Gen SIEM/EDR Hands-on expertise in Security use case development and log source integration Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security Analysts point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in ELK Stack Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender ATP or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC.

Role Description: This role is a senior position equivalent to a Level 3 SOC analyst. In this role, You are expected to manage the Cyber Defence Centre (SOC), which is a 24/7 environment. Handle security incidents and able to provide rapid response with a deep understanding of IT Network Infrastructure tools and Technologies. Primary Responsibilities: u25CF Member of a critical role in our cyber security function to ensure enterprise and client data is secure and private. You will help provide 24x7 monitoring for the organization by acting as the first line of defense against potentially malicious events. Support the Security Operations Centre with enhancing SOC tools including the design/improvement of working practices and incident responses Threat Hunting - Analyses security system logs, security tools, and available data sources on a day-to-day basis to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning. Performs research into emerging threat sources and develops threat profiles. Keep updated on the latest cybersecurity threats. Has a sound understanding of SIEM, PAM, CASB, EDR, other threat detection platforms, and Incident Response tools. Develop and execute a crisis communication plan for CXO and other stakeholders. Measures SOC performance metrics and communicates the value of security operations to business leaders.

Title: Security Analyst (SOC & EDR) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Who We Are: Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and knowledgeable Security Analyst to join our Information Security Operations (SecOps) team . This role will focus on SOC monitoring and Endpoint Detection and Response (EDR) using SentinelOne . The ideal candidate should have solid experience in threat monitoring, incident response, and SentinelOne tool handling. Key Responsibilities: Monitor and respond to SOC alerts and security incidents in real time. Analyze logs and alerts from SIEM and SentinelOne EDR platforms. Perform incident triage , escalation, and coordination with internal teams. Troubleshoot SentinelOne-related issues , including error resolution, agent communication, and performance problems. Understand and manage SentinelOne policies , ensure proper deployment, and make necessary adjustments for better coverage. Quickly identify the root cause of issues related to endpoint protection and take corrective actions. Coordinate with the IT team for issue resolution and endpoint remediation. Collaborate with teams to reduce false positives and improve alert accuracy. Maintain incident documentation , reports, and operational dashboards. Support in threat hunting , vulnerability detection, and other BAU (Business As Usual) security tasks. Required Skills & Qualification: Bachelors/Masters Degree in Computer Science, Information Systems, Engineering. 24 years of experience in SOC operations and endpoint security monitoring. Hands-on experience with SentinelOne EDR , including troubleshooting and policy management. Good knowledge of cybersecurity threats, incident response processes, and log analysis. Ability to investigate and resolve SentinelOne alerts and agent-related errors effectively. Experience working with SIEM tools (like Splunk, Qradar, etc.). Strong understanding of false positive tuning and threat detection improvement. Basic scripting knowledge (PowerShell, Python) is a plus. Good communication and analytical skills. Preferred Skills & Qualifications: CEH , CompTIA Security+ , or any other relevant security certification. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

Must-Have Skills: Minimum 3 years of experience in EDR (End point security) Minimum experience of 3 years as L1 level Only look for L1 level experienced candidates who are expert on EDR (EDR, incident response) and Trend Micro (Antivirus) Active CEH certificate Requirements: Location: Patna/Bhopal/Mumbai/Kanpur/Kolkata./Delhi Notice Period: Immediate to 30 days Salary Range: 9 LPA (Including 5% variable) Job Type: Work from Office Key Performance Indicators: Assess endpoint security infrastructure Deploy and configure EDR agents Monitor endpoints for suspicious activities Generate real-time alerts for potential security incidents Ensure compatibility with other security systems

JD- SOC lead/Manager Manage and mentor a team of SOC analysts and engineers. must have good understanding on EDR,XDR tools. Develop training programs and provide ongoing support to enhance team skills and performance. Coordinate shift schedules to ensure 24/7 SOC coverage. Oversee the identication, assessment, and response to security incidents. Ensure timely and eective resolution of security incidents and escalation when necessary. Conduct post-incident reviews and coordinate with other departments to address root causes and improve security posture. Supervise the monitoring of security alerts, events, and logs from various sources including SIEM, IDS/IPS, and other security tools. Ensure the SOC team eectively analyses and correlates security data to detect potential threats. Optimize and tune SOC tools and processes to improve detection capabilities and response times. Develop and maintain SOC policies, procedures, and best practices. Ensure compliance with organizational security policies and relevant regulatory requirements. Update and rene incident response plans and playbooks. Prepare and deliver regular reports on SOC performance, incident trends, and threat landscape to senior management. Communicate eectively with internal stakeholders and external partners as needed. Coordinate with other teams to ensure alignment and integration of security initiatives. Stay current with industry trends, emerging threats, and new technologies. Implement continuous improvement processes to enhance SOC eiciency and eectiveness. Evaluate and recommend new tools and technologies to enhance the SOCs capabilities.

Position Title: IT Security Analyst Description of the role: The Security Monitoring Analyst is responsible for manning the India SOC for our client based in the US. The key responsibilities include: Handling of all alerts - SIEM, IPS/IDS solutions, EDR the resource is expected to monitor, investigate, respond, and resolve these alerts. Resolving general support requests device control, URL whitelisting, lockouts, etc. Completion of daily checklists and preparation and sending daily reports. Monitor patching status and respond to patch failures by either redeploying the patch manually or escalating to the relevant teams. Monitor Vulnerability scans, review the reports, and parse through these to remove false alarms. • Document the response and resolution of alerts and tickets. Creating exclusions or Detection lists to reduce false alarms. Qualification: Require CompTIA / CySA+ / equivalent preferred certifications. The individual is expected to be a graduate (Engineering preferred). Candidates with professional certifications such as CompTIA Security+ would be preferred. Key requirements: Ability to think logically, understand and apply learning into practice 4 years of experience in IT security monitoring. Experience working with intrusion detection/prevention systems is a must. Experience in Darktrace would be preferred. Experience working with a SIEM tool is a must. Experience in patch management and IBM BigFix would be an advantage. Experience with vulnerability scanners and their reporting management would be beneficial. Excellent verbal and written English is mandatory. The candidates will be communicating with users based in the US and must communicate effectively. Position Location: Mumbai Andheri(E). Hours of operation: 7 am -3 pm/3 pm -11 pm/11 pm to 7am.

ABOUT THE ROLE The Senior Manager Information Security is responsible for leading the security automation product team and driving the development, integration and continuous improvement of a security automation platform. This role combines strong leadership, technical acuity, and product ownership skills to supervise a growing team responsible for automating security workflows, integrating tools, improving operational efficiency, and strengthening the overall cybersecurity posture. As the product owner of the security automation platform and service, the Senior Manager Information Security collaborates with collaborators to deliver impactful automations and maintain a scalable, secure, and resilient automation infrastructure. Key aspects of the role include aligning automation projects with organizational security goals, fostering innovation in machine learning applications, and ensuring the adoption of industry-leading practices by staying ahead of with evolving threats and trends. Roles & Responsibilities: Lead and mentor a team of security automation engineers, data engineers, and data scientists, fostering a collaborative and high-performance culture Oversee the security automation service, ensuring effective operations, prioritization, and continuous alignment with business and security goals Oversee the security automation product team to ensure adherence to SAFe/Agile methodologies and definitions of done, maintaining high-quality standards in deliverables Oversee the seamless operation, scalability, and efficiency of a cloud-based security automation solution, ensuring continuous enhancement of security controls and automation capabilities Develop strategies to streamline incident response, threat detection, and remediation processes using automation capabilities Drive and manage the seamless integration of new and existing security tools, platforms, and workflows to ensure a cohesive and optimized automation ecosystem Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST) Collaborate with collaborators to establish and supervise critical metrics related to SAFe implementation Generate and maintain security reports, metrics, and dashboards for management review Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations Build and deliver knowledge sharing presentations and documentation to educate developers and operations teams on application security standard methodologies and secure coding techniques Triage and assess findings from tools, external reports, and tests to determine real risks and prioritize remediation efforts Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues What we expect of you We are all different, yet we all use our unique contributions to serve patients. The professional we seek is a senior manager with these qualifications. Basic Qualifications: Masters degree and 8 to 10 years of Scrum teams management or related field experience OR Bachelors degree and 8 to 10 years of in Scrum teams management or related field experience OR Diploma and 12 to 14 years of in Scrum teams management or related field experience. Preferred Qualifications: Experience managing and scaling security automation platforms and tools (e.g., SOAR) Demonstrated success in leading high-performing technical teams in an agile environment Strong understanding of integrating security tools and data platforms (SIEM, EDR, IAM, etc.) In-depth knowledge of cybersecurity frameworks, technologies, and best practices Experience in risk management, incident response, and security governance Strong knowledge of security architecture frameworks and principles Strong understanding of common software and web application security vulnerabilities Excellent communication, stakeholder management, and analytical skills. Good-to-Have Skills: Experience with network security, endpoint protection, and incident response Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications: CEH (preferred) CompTIA Security+ (preferred) CISSP (preferred) TOGAF (preferred) Certified Scrum Product Owner (CSPO), or equivalent (preferred) Soft Skills: Initiative to explore alternate technology and approaches to solving problems Skilled in breaking down problems, documenting problem statements, and estimating efforts Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team-oriented, with a focus on achieving team goals

Job Description: We are seeking a dedicated Vehicle SOC Analyst to join our automotive cybersecurity operations team. This role focuses on monitoring and responding to threats targeting in-vehicle systems , connected car platforms, and vehicle-to-everything (V2X) technologies. The analyst will work with in-vehicle security tools and contribute to the development of automotive-specific detection and response strategies. Key Responsibilities: Automotive Security Monitoring & Analysis: Monitor vehicle telemetry, network traffic, and logs from ECUs, gateways, and telematics units. Identify, investigate, and respond to cyber threats affecting in-vehicle networks (CAN, LIN, FlexRay, Ethernet). Perform root cause analysis of security alerts and anomalous vehicle behavior. In-Vehicle Security Protocols & Standards: Ensure implementation of in-vehicle cybersecurity protocols such as secure boot, secure OTA, authentication, and encryption. Maintain awareness of ISO/SAE 21434, UNECE WP.29 regulations, and industry best practices. Use Case & Playbook Development: Design and maintain detection use cases tailored to automotive environments (e.g., CAN message flooding, firmware tampering). Develop and update response playbooks for in-vehicle attack scenarios. Collaborate with engineering and R&D teams to refine security detection logic. Hands-On Tools & Technology: Use in-vehicle IDS and anomaly detection tools (e.g., Argus, GuardKnox, Upstream Security, AutoCrypt). Work with automotive SIEM platforms and data aggregation tools. Apply EDR or endpoint monitoring to IVI systems, telematics control units (TCUs), and other connected components. Conduct packet analysis with automotive-specific tools (e.g., CANalyzer, Savari, Wireshark with CAN protocol plugins).

Job Description: We are seeking a skilled and proactive OT SOC Analyst to join our cybersecurity operations team. This role is focused on protecting industrial control systems (ICS) and operational technology (OT) environments through continuous monitoring, incident response, and development of OT-specific detection and response strategies. Key Responsibilities: OT Incident Response: Detect, investigate, and respond to cybersecurity incidents affecting OT systems. Coordinate with plant operations and engineering teams during security events. Conduct root cause analysis and document incident findings. OT Security Protocols & Compliance: Implement and enforce OT security best practices and standards (e.g., ISA/IEC 62443, NIST 800-82). Assist in designing secure OT network architectures based on the Purdue Model. Monitor adherence to OT-specific access controls, patching, and asset hardening. Use Case & Playbook Development: Design and implement detection use cases tailored to ICS/SCADA environments. Create and maintain incident response playbooks for OT scenarios (e.g., unauthorized PLC changes, protocol abuse). Continuously improve detection coverage and response efficiency. Hands-On Tool Usage: Monitor and analyze alerts using IDS (e.g., Snort, Zeek, Nozomi Networks, Claroty). Utilize SIEM tools (e.g., Splunk, QRadar) for log correlation, rule creation, and threat detection. Support OT endpoint monitoring using EDR solutions (e.g., CrowdStrike, Defender for Endpoint). Perform traffic analysis using tools like Wireshark for protocol inspection and anomaly detection.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled cybersecurity professional with hands-on experience in managing and optimizing CrowdStrike EDR, FIM, Host Firewall, MxDR solutions. As a CrowdStrike EDR Specialist, you will play a critical role in endpoint threat detection, incident response, and continuous monitoring of the enterprise environment to identify and remediate cyber threats. Roles & Responsibilities:-Deploy, configure, and maintain CrowdStrike Falcon EDR agents across enterprise endpoints.-Monitor CrowdStrike dashboards and alerts for suspicious activity, malware, and unauthorized behavior.-Investigate, analyze, and respond to endpoint-related security incidents.-Create and tune detection rules, indicators of compromise (IOCs), and response workflows.-Collaborate with SOC teams, IT administrators, and incident responders on security investigations.-Perform threat hunting using CrowdStrike Falcon and other tools.-Develop reports and dashboards that provide visibility into the EDR environment and incident trends.-Ensure EDR platform integration with SIEM and other cybersecurity tools.-Stay updated on emerging threats and recommend configuration or policy improvements.-Knowledge and Exposure on Service Now ticketing for Incident Management, Problem Management and Change Management. Professional & Technical Skills: -Experience in a EDR (CrowdStrike) or threat detection role.-Strong hands-on experience with CrowdStrike Falcon EDR (deployment, policy management, investigation, etc.).-Solid understanding of malware, endpoint threats, and attack vectors.-Familiarity with MITRE ATT&CK framework and threat intelligence principles.-Experience with scripting (PowerShell, Python, etc.) and automation tools is a plus.-Knowledge of SIEM platforms (Splunk, QRadar, etc.) and their integration with EDR.-Relevant certifications preferred (e.g., CrowdStrike CCFA, FIM, Azure Fundamental). Additional Information:- The candidate should have minimum 3 years of experience in Endpoint Extended Detection and Response.- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Red Teaming Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will oversee the strategic planning and execution of red team operations to emulate real-world threats and uncover security weaknesses across the organization. Your typical day will involve planning, scoping and conducting red team operations, including social engineering, network exploitation, and post-exploitation activities along with leading a team of offensive security experts, and aligning red team efforts with business risk priorities. You will work closely with incident response, and threat intelligence teams to identify detection gaps and provide actionable insights, ensuring the organization remains prepared against evolving threats, while fostering a culture of continuous learning and adversary-aware defense. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Plan, scope, and execute red team exercises simulating real-world attack scenarios.- Perform threat modeling and adversary emulation exercises based on MITRE ATT&CK framework.- Conduct internal and external penetration tests, including physical security and social engineering engagements.- Design and deliver phishing campaigns and other social engineering attacks to test human security posture.- Establish and manage command-and-control (C2) infrastructures using tools like Cobalt Strike.- Perform post-exploitation tasks including lateral movement, Active Directory (AD) exploitation, privilege escalation, and data exfiltration.- Identify gaps in detection and response capabilities and provide detailed reports and remediation recommendations.- Collaborate with Blue Team and Incident Response to enhance organizational defense.- Continuously research emerging threats, TTPs, and contribute to the development of new testing methodologies.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills.- Monitor and evaluate the effectiveness of security measures and recommend improvements. Professional & Technical Skills: - Deep understanding of red team tactics, techniques, and procedures (TTPs) align with MITRE ATT&CK framework.- Proven experience in conducting end-to-end red team engagements across different environments (on-prem, cloud, hybrid).- Proficient with red team tools such as Cobalt Strike, Mythic, Metasploit, Bloodhound, Sharp hound, PowerShell Empire, Impacket- Expertise in EDR/AV evasion techniques, custom payload development, and OPSEC-aware operations.- Skilled in Active Directory attacks, Kerberoasting, Pass-the-Hash/Ticket, and Golden/Silver ticket attacks.- Proficient in hardware-based and physical attack techniques including Rubber Ducky payload deployment, planting rogue devices such as LAN Turtle, Raspberry Pi, NAC bypass. Executing Wi-Fi attacks like Evil Twin attacks, and RFID cloning for physical access simulation and red team engagements.- Strong knowledge of data exfiltration methods and covert communication channels.- Experience with phishing toolkits and infrastructure for social engineering campaigns.- Familiarity with scripting and automation using PowerShell, Python, or Bash.- Comfortable working under strict ethical and legal boundaries, with a strong focus on operational safety. Additional Information:- The candidate should have minimum 7.5 years of experience in Red Teaming.- Certifications- OSCP, OSEP, CRTP, CRTE, CRTO.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

The SOC Analyst is responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents using a variety of tools and technologies. This role is critical in protecting the organizations digital assets and ensuring compliance with security policies and standards. Monitor SIEM systems and security tools for suspicious activity. Analyze and respond to security incidents and threats. Stay updated on threat intelligence and attack trends. Review logs from firewalls, IDS/IPS, and antivirus tools. Escalate critical incidents and document findings. Support vulnerability management and remediation tracking. Configure and tune security tools like SIEM and EDR. Ensure compliance with security policies and audits. Collaborate with IT and network teams on investigations. Contribute to process improvements and incident playbooks. Primary Skills SIEM (e.g., Splunk, QRadar, ArcSight) Incident Response Log Analysis Threat Intelligence Secondary Skills Scripting (Python, PowerShell, Bash) Cloud Security (AWS, Azure, GCP) Endpoint Detection and Response (EDR)

About the jobWe are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments It has offices in India and Singapore We are experts in information security training, cyber ranges, online labs and security assessments We have trained more than 30000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings We are looking for some amazing Security Researchers to join our India team remotely! If you would like to research on new threats and create challenges on Red Team, Windows and Active Directory this is the right opportunity!Members of our current research team have spoken multiple times at DEF CON, BlackHat and many other major conferences and maintain open source tools for red and blue teams Apply ONLY:- If you can prove your skills with your blog and GitHub - If you have spoken at respected conferences - Very good communication skills and ability to present your research in talks and training - Good knowledge of a Scripting/Programming language- Excellent work ethics and passion to make and break stuff Your job will involve:- Research and implement latest attack and red team techniques in Windows and Active Directory - Research on evasion of countermeasures like EDR - Research on opsec and use of C2 in secure environments - Writing Proof-of-Concept tools in C#, PowerShell and other languages - Creating content (courses, videos, blogs, presentations) based on researchRecommended Certifications:- CRTP and CRTE

About the jobWe are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments It has offices in India and Singapore We are experts in information security training, cyber ranges, online labs and security assessments We have trained more than 30000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings We are looking for some amazing Security Researchers to join our India team remotely! If you would like to research on new threats and create challenges on Red Team, Windows and Active Directory this is the right opportunity!Members of our current research team have spoken multiple times at DEF CON, BlackHat and many other major conferences and maintain open source tools for red and blue teams Apply ONLY:- If you can prove your skills with your blog and GitHub - If you have spoken at respected conferences - Very good communication skills and ability to present your research in talks and training - Good knowledge of a Scripting/Programming language- Excellent work ethics and passion to make and break stuff Your job will involve:- Research and implement latest attack and red team techniques in Windows and Active Directory - Research on evasion of countermeasures like EDR - Research on opsec and use of C2 in secure environments - Writing Proof-of-Concept tools in C#, PowerShell and other languages - Creating content (courses, videos, blogs, presentations) based on researchRecommended Certifications:- CRTP and CRTE

About the jobWe are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments It has offices in India and Singapore We are experts in information security training, cyber ranges, online labs and security assessments We have trained more than 30000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings We are looking for some amazing Security Researchers to join our India team remotely! If you would like to research on new threats and create challenges on Red Team, Windows and Active Directory this is the right opportunity!Members of our current research team have spoken multiple times at DEF CON, BlackHat and many other major conferences and maintain open source tools for red and blue teams Apply ONLY:- If you can prove your skills with your blog and GitHub - If you have spoken at respected conferences - Very good communication skills and ability to present your research in talks and training - Good knowledge of a Scripting/Programming language- Excellent work ethics and passion to make and break stuff Your job will involve:- Research and implement latest attack and red team techniques in Windows and Active Directory - Research on evasion of countermeasures like EDR - Research on opsec and use of C2 in secure environments - Writing Proof-of-Concept tools in C#, PowerShell and other languages - Creating content (courses, videos, blogs, presentations) based on researchRecommended Certifications:- CRTP and CRTE

About the jobWe are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments It has offices in India and Singapore We are experts in information security training, cyber ranges, online labs and security assessments We have trained more than 30000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings We are looking for some amazing Security Researchers to join our India team remotely! If you would like to research on new threats and create challenges on Red Team, Windows and Active Directory this is the right opportunity!Members of our current research team have spoken multiple times at DEF CON, BlackHat and many other major conferences and maintain open source tools for red and blue teams Apply ONLY:- If you can prove your skills with your blog and GitHub - If you have spoken at respected conferences - Very good communication skills and ability to present your research in talks and training - Good knowledge of a Scripting/Programming language- Excellent work ethics and passion to make and break stuff Your job will involve:- Research and implement latest attack and red team techniques in Windows and Active Directory - Research on evasion of countermeasures like EDR - Research on opsec and use of C2 in secure environments - Writing Proof-of-Concept tools in C#, PowerShell and other languages - Creating content (courses, videos, blogs, presentations) based on researchRecommended Certifications:- CRTP and CRTE

About the jobWe are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments It has offices in India and Singapore We are experts in information security training, cyber ranges, online labs and security assessments We have trained more than 30000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings We are looking for some amazing Security Researchers to join our India team remotely! If you would like to research on new threats and create challenges on Red Team, Windows and Active Directory this is the right opportunity!Members of our current research team have spoken multiple times at DEF CON, BlackHat and many other major conferences and maintain open source tools for red and blue teams Apply ONLY:- If you can prove your skills with your blog and GitHub - If you have spoken at respected conferences - Very good communication skills and ability to present your research in talks and training - Good knowledge of a Scripting/Programming language- Excellent work ethics and passion to make and break stuff Your job will involve:- Research and implement latest attack and red team techniques in Windows and Active Directory - Research on evasion of countermeasures like EDR - Research on opsec and use of C2 in secure environments - Writing Proof-of-Concept tools in C#, PowerShell and other languages - Creating content (courses, videos, blogs, presentations) based on researchRecommended Certifications:- CRTP and CRTE

About the jobWe are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments It has offices in India and Singapore We are experts in information security training, cyber ranges, online labs and security assessments We have trained more than 30000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings We are looking for some amazing Security Researchers to join our India team remotely! If you would like to research on new threats and create challenges on Red Team, Windows and Active Directory this is the right opportunity!Members of our current research team have spoken multiple times at DEF CON, BlackHat and many other major conferences and maintain open source tools for red and blue teams Apply ONLY:- If you can prove your skills with your blog and GitHub - If you have spoken at respected conferences - Very good communication skills and ability to present your research in talks and training - Good knowledge of a Scripting/Programming language- Excellent work ethics and passion to make and break stuff Your job will involve:- Research and implement latest attack and red team techniques in Windows and Active Directory - Research on evasion of countermeasures like EDR - Research on opsec and use of C2 in secure environments - Writing Proof-of-Concept tools in C#, PowerShell and other languages - Creating content (courses, videos, blogs, presentations) based on researchRecommended Certifications:- CRTP and CRTE

About the jobWe are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments It has offices in India and Singapore We are experts in information security training, cyber ranges, online labs and security assessments We have trained more than 30000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings We are looking for some amazing Security Researchers to join our India team remotely! If you would like to research on new threats and create challenges on Red Team, Windows and Active Directory this is the right opportunity!Members of our current research team have spoken multiple times at DEF CON, BlackHat and many other major conferences and maintain open source tools for red and blue teams Apply ONLY:- If you can prove your skills with your blog and GitHub - If you have spoken at respected conferences - Very good communication skills and ability to present your research in talks and training - Good knowledge of a Scripting/Programming language- Excellent work ethics and passion to make and break stuff Your job will involve:- Research and implement latest attack and red team techniques in Windows and Active Directory - Research on evasion of countermeasures like EDR - Research on opsec and use of C2 in secure environments - Writing Proof-of-Concept tools in C#, PowerShell and other languages - Creating content (courses, videos, blogs, presentations) based on researchRecommended Certifications:- CRTP and CRTE

About the jobWe are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments It has offices in India and Singapore We are experts in information security training, cyber ranges, online labs and security assessments We have trained more than 30000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings We are looking for some amazing Security Researchers to join our India team remotely! If you would like to research on new threats and create challenges on Red Team, Windows and Active Directory this is the right opportunity!Members of our current research team have spoken multiple times at DEF CON, BlackHat and many other major conferences and maintain open source tools for red and blue teams Apply ONLY:- If you can prove your skills with your blog and GitHub - If you have spoken at respected conferences - Very good communication skills and ability to present your research in talks and training - Good knowledge of a Scripting/Programming language- Excellent work ethics and passion to make and break stuff Your job will involve:- Research and implement latest attack and red team techniques in Windows and Active Directory - Research on evasion of countermeasures like EDR - Research on opsec and use of C2 in secure environments - Writing Proof-of-Concept tools in C#, PowerShell and other languages - Creating content (courses, videos, blogs, presentations) based on researchRecommended Certifications:- CRTP and CRTE

About the jobWe are looking for top Security Researchers (Remote) with demonstrable expertise to join our team of experts!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments It has offices in India and Singapore We are experts in information security training, cyber ranges, online labs and security assessments We have trained more than 30000+ information security professionals from more than 130+ countries across the globe through our in-person and online trainings We are looking for some amazing Security Researchers to join our India team remotely! If you would like to research on new threats and create challenges on Red Team, Windows and Active Directory this is the right opportunity!Members of our current research team have spoken multiple times at DEF CON, BlackHat and many other major conferences and maintain open source tools for red and blue teams Apply ONLY:- If you can prove your skills with your blog and GitHub - If you have spoken at respected conferences - Very good communication skills and ability to present your research in talks and training - Good knowledge of a Scripting/Programming language- Excellent work ethics and passion to make and break stuff Your job will involve:- Research and implement latest attack and red team techniques in Windows and Active Directory - Research on evasion of countermeasures like EDR - Research on opsec and use of C2 in secure environments - Writing Proof-of-Concept tools in C#, PowerShell and other languages - Creating content (courses, videos, blogs, presentations) based on researchRecommended Certifications:- CRTP and CRTE