278 Edr Jobs - Page 12

Position : SOC ANALYST Work Location : Chennai (city office ) Work Mode : From office Rotational Shifts Mandatory Job Summary : The SOC Analyst will be responsible for monitoring, analyzing, and responding to security threats and vulnerabilities across the organizations IT infrastructure. This role includes monitoring and managing alerts from SIEM and AV/AM, as well as coordinating with the vendormanaged Security Operations Center (SOC) for incident response. The SOC Analyst will collaborate with cross functional teams to identify, assess, and remediate vulnerabilities promptly. Job Responsibilities: Identify, assess, and prioritize security risks, providing actionable recommendations. Coordinate with the vendormanaged SOC team for effective incident response and collaborate on incident response planning. Monitor and respond to suspected phishing threat email reports from users Analyze and research vulnerabilities to assess their impact and severity, providing mitigation and remediation recommendations. Oversee the Vulnerability Management process, working with relevant teams to identify, assess, and remediate known vulnerabilities while tracking and reporting their status. Collaborate with IT and operations teams to ensure timely vulnerability remediation and implementation of security controls. Support encryption, data loss prevention (DLP), and identity and access management (IAM) initiatives. Stay updated on emerging threats, vulnerabilities, and industry best practices, recommending security improvements. Assist in preparing security reports and documentation for management and regulatory compliance. Job Specifications : A bachelors degree in IT, cybersecurity, or a related field, or equivalent experience with relevant certifications. Min 2 to 3 years of IT experience, in a Security Operations Center (SOC) focusing on SIEM, EDR, vulnerability management, and incident response. Experience with IBM QRadar SIEM is a plus. Strong knowledge of vulnerability scanning tools, assessment techniques, and vulnerability databases. Familiarity with security frameworks and standards such as MITRE ATT&CK, NIST Cybersecurity Framework, CIS Controls, OWASP Top Ten and ISO 27001. Ability to analyze and interpret technical data, providing actionable mitigation and remediation recommendations. Strong problemsolving and analytical skills to identify, assess, and prioritize vulnerabilities based on risk and impact. Excellent communication skills, capable of conveying technical concepts to both technical and nontechnical audiences. Professional certifications such as CompTIA Security+ or Certified Ethical Hacker (CEH) or a similar is preferred. Looking for candidates who presently work / Living in chennai for process. Short joiners preferred. Interested candidates pl mail your resume to mail : krishnan.g@talentfocuz.com

Key Responsibilities: • Design, implement, and manage Palo Alto Networks solutions including: • Next-Gen Firewall (NGFW) • EDR/XDR (Cortex XDR) • SIEM/SOAR (Cortex XSIAM) • Lead and support migration projects from legacy platforms (e.g., Splunk, Sentinel, QRadar) to Palo Alto Cortex XSIAM • Work with clients to understand business requirements and deliver tailored cybersecurity solutions • Perform threat hunting, alert tuning, policy configuration, and use case development • Collaborate with global teams (onshore/offshore model) for delivery in sectors like Telecom, Finance, Retail, and Public Sector Support security assessments, integrations, and continuous improvement initiatives Required Skills & Qualifications: • Strong hands-on experience in Palo Alto technologies (NGFW, Cortex XDR/XSIAM) • Proven knowledge of cybersecurity operations , SOC processes, and incident response • Experience with SIEM migration and integrations • Understanding of threat intelligence, detection engineering, and automation • Good knowledge of scripting (Python, PowerShell) and log analysis Excellent communication and client-facing skills Preferred Certifications: • Palo Alto Networks Certifications such as: • PCNSE (Network Security Engineer) • Cortex XDR/XSIAM certifications (if available) • Additional certifications like CEH, CISSP, or relevant SIEM/EDR vendor certifications are a plus Why Join Us? • Opportunity to work on cutting-edge XSIAM and XDR deployments • Part of a growing global team delivering high-impact security projects • Exposure to federal and enterprise-grade environments • Flexible work culture with opportunities for on-site (Australia/US) engagements

Job Role: IT Infrastructure Security Engineer . Location: Bangalore. Notice Period: Immediate to 30 days. Responsible for designing, implementing, and maintaining security measures to protect an organizations IT infrastructure. This role involves securing networks, servers, cloud environments, and other critical IT systems against cyber threats. The engineer works closely with IT, security, and compliance teams to ensure a robust security posture and adherence to industry standards. Key Responsibilities Infrastructure Security & Compliance Design and implement security controls to protect IT infrastructure, including servers, networks, databases, and cloud environments. Conduct security assessments, vulnerability scans, and penetration tests to identify weaknesses and recommend mitigation strategies. Ensure compliance with industry standards such as ISO 27001, NIST, CIS, GDPR, HIPAA, PCI-DSS, and SOC 2 . Develop and enforce security policies, procedures, and best practices for IT infrastructure. Monitor system logs, network traffic, and security alerts to detect and respond to threats in real-time. Network & Cloud Security Secure on-premises and cloud environments (AWS, Azure, Google Cloud) using security best practices. Implement firewalls, IDS/IPS, VPNs, and Zero Trust architectures to safeguard enterprise networks. Configure and manage endpoint security solutions, SIEM, EDR, XDR , and other security tools. Implement identity and access management (IAM) solutions, including privileged access management (PAM). Incident Response & Threat Management Investigate and respond to security incidents, breaches, and anomalies in coordination with SOC teams. Develop incident response plans (IRP) and lead forensic analysis for security events. Work closely with security operations teams to automate threat detection and response processes. Security Automation & Infrastructure Hardening Use Infrastructure as Code (IaC) to automate security configurations (e.g., Terraform, Ansible). Implement patch management, vulnerability management, and endpoint security policies . Secure containers and Kubernetes environments in DevOps pipelines. Harden operating systems (Windows, Linux) and cloud environments against cyber threats. Collaboration & Continuous Improvement Provide security training and awareness to IT teams. Collaborate with DevOps, IT, and compliance teams to integrate security in CI/CD pipelines. Stay up to date with emerging cyber threats and recommend new security technologies. Qualifications & Skills Technical Skills Strong knowledge of network security, cloud security, and endpoint security . Experience with firewalls, IDS/IPS, SIEM, EDR/XDR, and encryption . Hands-on experience with AWS Security, Azure Security Center, Google Cloud Security, and IAM solutions . Familiarity with scripting and automation (Python, Bash, PowerShell). Expertise in Active Directory (AD), Zero Trust security, and PKI . Knowledge of compliance frameworks like ISO 27001, NIST, CIS, GDPR, PCI-DSS . Soft Skills Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. Ability to work under pressure and manage multiple security tasks. Detail-oriented with a proactive security mindset. Certifications (Preferred but Not Mandatory) CEH (Certified Ethical Hacker) CISM (Certified Information Security Manager) CCSP (Certified Cloud Security Professional) AWS Security Specialty, Azure Security Engineer, or Google Cloud Security Certifications CISSP (Certified Information Systems Security Professional) Work Environment & Tools Security tools: Wazuh SIEM, Splunk, Palo Alto, Fortinet, CrowdStrike, SentinelOne, Qualys, Tenable, Nessus Cloud platforms: AWS, Azure, Google Cloud . Operating systems: Windows, Linux, macOS . Automation: Python, Terraform, Ansible, PowerShell.