323 Edr Jobs - Page 9

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Job Description: 5+ years of experience in Security Operations Center and Threat Hunting. Develop and refine threat hunting techniques and tools. Experience in monitoring and alert handling in QRadar SIEM. In-depth knowledge of advanced persistent threats (APTs) and attack vectors. Collaborate with threat intelligence teams to integrate new threat data into hunting processes. Security incident handling and reporting. Experienced in EDR alert analysis, preferably Sentinel One. Preferred candidate profile Bachelor's degree in computer science, Information Security, or related field. Should be flexible to work in 24/7 rotational shifts. Should possess good communication skills.

We are seeking an experienced Associate skilled in Zscaler Proxy, Firewalls, Data Loss Prevention (DLP), and Endpoint Detection & Response (EDR) solutions. The successful candidate will play a pivotal role in ensuring the security, availability, and performance of our IT infrastructure by implementing both proactive and reactive measures to secure our network and endpoint environments. Key Responsibilities Zscaler Proxy Management Configure, manage, and optimize Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions. Implement and enforce web security policies to ensure compliance with organizational standards. Troubleshoot and resolve Zscaler-related issues to ensure continuous internet and private application access. Conduct periodic health checks and performance tuning of the Zscaler infrastructure. Firewall Administration Manage and configure firewalls to secure internal and external network traffic. Create and maintain firewall rules, Network Address Translation (NAT) configurations, and VPN setups as per business requirements. Monitor and analyze firewall logs to detect and respond to potential security incidents. Regularly review firewall policies to ensure adherence to industry best practices and compliance standards. Endpoint and Data Protection Monitor endpoint activity for suspicious behavior and respond to threats promptly. Provide incident response support and recommend corrective actions for endpoint security incidents. Participate in vulnerability assessments and implement remediation plans. Collaborate with cross-functional teams to ensure seamless integration of security tools. Prepare and maintain technical documentation, configurations, and standard operating procedures. Experience 3-5 years of hands-on experience with Zscaler Proxy, Firewalls, DLP, and EDR solutions in an enterprise environment. Technical Skills: Strong knowledge of Zscaler technologies, including policy configuration, SSL inspection, and application control. Proficiency in managing firewalls, creating security rules, and implementing VPNs. Expertise in deploying and managing EDR tools for threat detection and response. Understanding of network protocols, IP subnetting, and traffic analysis tools. Familiarity with SIEM solutions and their integration with security tools. Strong understanding of security operations and incident management. Knowledge of endpoint security, malware detection, and response. Soft Skills: Strong problem-solving and analytical skills. Excellent verbal and written communication abilities. Capability to work independently and collaboratively in a fast-paced environment. Proactive attitude towards learning and adapting to new technologies. We are looking an experienced Associate skilled in Zscaler Proxy, Firewalls, Data Loss Prevention (DLP), and Endpoint Detection & Response (EDR) solutions. The candidate will play a pivotal role in ensuring the security, availability, and performance of our IT infrastructure by implementing both proactive and reactive measures to secure our network and endpoint environments. Key Responsibilities Zscaler Proxy Management Configure, manage, and optimize Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions. Implement and enforce web security policies to ensure compliance with organizational standards. Troubleshoot and resolve Zscaler-related issues to ensure continuous internet and private application access. Conduct periodic health checks and performance tuning of the Zscaler infrastructure. Firewall Administration Manage and configure firewalls to secure internal and external network traffic. Create and maintain firewall rules, Network Address Translation (NAT) configurations, and VPN setups as per business requirements. Monitor and analyze firewall logs to detect and respond to potential security incidents. Regularly review firewall policies to ensure adherence to industry best practices and compliance standards. Endpoint and Data Protection Monitor endpoint activity for suspicious behavior and respond to threats promptly. Provide incident response support and recommend corrective actions for endpoint security incidents. Participate in vulnerability assessments and implement remediation plans. Collaborate with cross-functional teams to ensure seamless integration of security tools. Prepare and maintain technical documentation, configurations, and standard operating procedures. Experience 3-5 years of hands-on experience with Zscaler Proxy, Firewalls, DLP, and EDR solutions in an enterprise environment. Technical Skills: Strong knowledge of Zscaler technologies, including policy configuration, SSL inspection, and application control. Proficiency in managing firewalls, creating security rules, and implementing VPNs. Expertise in deploying and managing EDR tools for threat detection and response. Understanding of network protocols, IP subnetting, and traffic analysis tools. Familiarity with SIEM solutions and their integration with security tools. Strong understanding of security operations and incident management. Knowledge of endpoint security, malware detection, and response. Soft Skills: Strong problem-solving and analytical skills. Excellent verbal and written communication abilities. Capability to work independently and collaboratively in a fast-paced environment. Proactive attitude towards learning and adapting to new technologies.

- Design, develop & maintain playbooks within Cortex XSOAR - Integrate security tools & threat intelligence sources with XSOAR - Implement & manage security alerts using XSIAM, SIEM & SOAR platforms - Fine-tune & optimize securty automation processes Required Candidate profile Exp. : 6+ yrs CTC : Upto 30 Lacs Location : Remote WFH (1 Opening) / Central Mumbai WFO (2 Open) Comm. Skills - Excellent Strong in Cortex XSOAR along with automation and XSIAM, SOAR, and SIEM tools.

Qualification Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills.

Role & responsibilities: 1. Provides Monitoring and Analysis support of Cybersecurity events Identify and detect security threats Perform initial triage Report security events, in accordance with established processes and procedures Perform threat analysis, risk analysis, security assessments, and vulnerability testing Anticipate threats and alerts to avoid their occurrence Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc. 2. Investigate, analyze, and contain malware incidents Includes performing computer forensic investigations 3. Understanding of common malware types and behaviors and common infection vectors Ability to identify attacker Tactics, Techniques, and procedures (TTPs) Experience with IoC lifecycle (development, organization, sharing, effective usage) 4. Will be responsible for: Developing alerting, reporting, and automated detection solutions Authoring rules and creating new ML features 5. Strong experience in leveraging Next gen SIEM with SOAR/XDR capabilities to detect & investigate the cyber security incident and reporting in defined template. 6. SIEM solution management and maintenance: Ensure health of underlying architecture Create ruleset and alerts to cover the current threat landscape Remediate alerts generated by the system Manage vendor relationship with OEM 7. Security Log Analysis Monitor and analyze the logs from various security tools e.g. SIEM, EDR, DLP, AV etc. and manually correlate system analyzed events 8. Practical/Working experience with tools like EDR, DLP, Zero Trust, Threat intel software, IPS/IDS, Email Security tools 9. Collaborate with various IT groups to collaborate for analysis, troubleshooting, and ensure that their requirements and new initiatives adhere to information security policies and best practices 10. Responding to escalations to resolve detection effectiveness issues (misclassified spam/phish and false positives) Design and develop novel threat detection techniques or methodologies from creating proof-of-concept to productizing the solution. 11. Perform device reviews to ensure compliance with hardening standards, access controls and security related configuration settings 12. Prepare and update security documentation including security procedures, standards, notifications, and alerts in support of other teams within the EgonZehnder Security department. 13. Proactively hunting threats, blue teaming, performing exploit and vulnerability research, all in order to find and a gap that can be exploited by bad actors Preferred candidate profile: 1. Prior work experience in SOC 2. Should be able to conduct advanced forensics including packet captures using tools such as Wireshark, Netmon etc. 3. Knowledge and experience of configuration and operation of SIEM Solutions 4. Expert knowledge of configuration and operation of Security Solutions including, Firewalls, IDS, Internet Filters, DLP, Vulnerability Scanners, Anti Malware Solutions, etc. 5. A basic understanding of Linux and Windows operating systems and OS event logging 6. Strong analytical and problem-solving skills 7. Excellent communication skills both verbal and written 8. Experience in evaluating and implementing new tools, and solutions by working directly with the vendor Relevant Professional Qualifications (Preferred) Certified Ethical Hacker (CEH) Global Information Assurance Certifications (GIAC) e.g. Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), Certified Enterprise Defender (GCED) Benefits: Benefits which make us unique At EZ, we know that great people are what makes a great firm. We value our people and offer employees a comprehensive benefits package. Learn more about what working at Egon Zehnder can mean for you! Benefits Highlights: 5 Days working in a Fast-paced work environment Work directly with the senior management team Reward and Recognition Employee friendly policies Personal development and training Health Benefits, Accident Insurance Potential Growth for you! We will nurture your talent in an inclusive culture that values diversity. You will be doing regular catchups with your Manager who will act as your career coach and guide you in your career goals and aspirations.

What Your Responsibilities Will Be You will perform incident response activities and workstreams as the Incident Response Senior Analyst. You will monitor security systems, including Intrusion Detection Systems (IDS), Endpoint Detection and Response (EDR) platforms, software firewalls, and Security Information and Event Management (SIEM) platforms. Gather and analyze evidence from affected systems, logs, and network traffic. You will conduct detailed investigations of security incidents to determine the root cause, scope, and impact. Document all aspects of security incidents, including timelines, actions taken, and lessons learned. Perform forensic analysis of compromised systems to identify the techniques and tactics used by attackers, or as directed by Legal. Collaborate with cross-functional teams including Engineering, IT, Security Operations, Legal, HR, and Compliance to manage and mitigate incidents. Strengthen KPIs and metrics for measuring response effectiveness and provide clear and consistent reporting to internal stakeholders. Participate in rotating On Call shifts that utilize a paging system in case a security event requires attention. What You'll Need to be Successful 5+ years experience in Security Incident Response. Experience across the information security domain, including familiarity with endpoint, email, network, cloud security, vulnerability management, incident response, and threat intelligence. Experience with log analysis, network security, digital forensics, and incident response investigations. Ability to script / code using Python or an equivalent language. Bachelor's degree in computer science, information security, or relevant experience. Certifications related to digital forensics and incident response.

What You'll Do Join us in building a secure, scalable, and experienced platform to support Avalara's expanding business and global customer base. As a Senior Application Security Engineer , you'll work with world-class engineers and architects to ensure security is embedded in everything we buildboth in today's systems and the future of our architecture. This role is perfect for someone passionate about automation, cloud-native security, and AI-driven application defense . You'll help shape the future of Avalara Security , driving security as code, ensuring automation-first practices, and integrating modern AI tooling into security workflows. You understand the value of developer empathy, moves quickly without sacrificing quality, and excels in an environment that combines startup energy with enterprise scale. Job Responsibilities You will build, maintain, and continuously improve an automated security pipeline framework integrated into our CI/CD environments. You will lead development of Infrastructure-as-Code and Policy-as-Code for application security enforcement and consistency across environments. You will evaluate and integrate security tools (SAST, DAST, SCA, CSPM, EDR) and AI-based solutions into engineering workflows and CI/CD pipelines. You will provide applicable guidance and mentorship to development and Avalara Security engineering teams on secure development best practices. Investigate, prototype, and apply AI/ML-based solutions for application behavior analysis, anomaly detection, and threat hunting. Promote security by design across the organization, and help foster a security-first culture. Contribute to the continuous refinement of the SDLC to ensure security is smooth, consistent, and measurable. What You'll Need to be Successful Required Qualifications 8+ years of experience in application security, secure software development , or security engineering. Strong programming proficiency in Python and GoLang (hands-on). Experience with secure SDLC practices and CI/CD pipeline integration. Strong hands-on experience with Kubernetes , container security, and cloud infrastructure security preferably AWS and GCP . Experience with Infrastructure-as-Code (IaC) tools like Terraform or CloudFormation. Working knowledge of cryptographic protocols and standards: TLS, OAuth, SAML, JWT , etc. Familiarity with Git , modern source control practices, and agile development methodologies. Experience working with a broad range of security tools , including: Tenable , Wiz (Cloud Security Posture Management) Checkmarx , Mend (SAST, SCA) Acunetix , Burp Suite (DAST) CrowdStrike (EDR/XDR) Bachelor's Degree in Computer Science, Engineering, or a related field. Proven experience contributing to security automation efforts within a security organization like Avalara Security . Experience with AI/ML tools and frameworks applied to application security or behavior analytics. Security certifications such as OSWE, CSSLP, AWS Security Specialty, or Kubernetes Security Specialist. Passion for enabling developer-friendly security solutions and maximum automation.

Monitor,analyze security events,alerts across various platforms. Investigate potential security incidents,escalate as appropriate,following defined incident response processes. Correlate events from multiple sources to identify patterns or anomalies Required Candidate profile Lead,participate in threat hunting activities to proactively identify potential threats vulnerabilities Serve as the administrator for SOC tools including SIEM, EDR, SOAR,threat intelligence platforms Perks and benefits To be disclosed post interview

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Min 3 Years exp in EDR and Trend Micro. The vendor should assess the existing endpoint security infrastructure and identify any gaps or vulnerabilities. The vendor should deploy EDR agents on endpoints, servers, and critical systems within the organization's network. The vendor should configure EDR agents to collect and analyze security events and activities on endpoints. The solution should monitor endpoints for suspicious activities, such as malware infections, unauthorized access attempts, and unusual user behavior. The solution should use behavioral analysis and machine learning to detect advanced threats and zero-day attacks. The solution should generate real-time alerts for potential security incidents and provide guidance for incident response and remediation. The vendor should enable endpoint forensics capabilities to investigate security incidents and identify the root cause of attacks. The solution should capture and store detailed endpoint activity logs and artifacts for further analysis. The vendor should integrate the tool with vulnerability management systems to assess the endpoint's security posture. The EDR solution should be able to rollout patches or upgrades from the EDR management console for agents onboarded on the platforms. The solution should alert and remediate endpoints with outdated or vulnerable software configurations. The solution should provide real-time alerts for anomalies that could indicate potential threats. The vendor should ensure the compatibility with other security systems, such as (but not limited to) SIEM, incident response tools, etc. The solution should correlate network anomalies with potential threats, aiding in early threat detection. The vendor is expected to deliver reports at periodic intervals as per Clients requirements. The vendor should re-deploy the agent as and when there is a change in the infrastructure or the operating systems. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is must. Required Experience: Entry-level experience with troubleshooting and providing the support required in security network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization. Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (such as Security, Network, Data Centre, Telephony, etc.). Working knowledge of ITIL processes. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Min 4+ Years exp in Soc along with SIEM (Splunk). Min 2 years Hands on exp in Splunk. Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Active CEH certification is Must. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is Must. Workplace type : On-site Working

Your day at NTT DATA The Senior Associate Collaboration Technical Services (TS) Systems Integration Specialist is a developing subject matter expert, responsible for ensuring that client solution requirements are resolved in line with Service Level Agreements (SLAs). This role performs configurations, actions installations and attends to break/fix events. This role works towards associate to professional level certification, whilst at the same time developing business knowledge. What you'll be doing Key Responsibilities: Owns larger portions of an installation, break/fix incidents at a low to medium level of complexity during project lifecycle Takes responsibility for problem resolution and troubleshooting during project lifecycle Escalates complex problems to the relevant third parties. Assists with the documentation of standard operating procedures relating to installations and fixes during ops handover Compiles and maintains project administration (Time Capture and feedback to stakeholders) Conducts elementary presentations within the customer's organization. Expected to take leadership from senior resources on relevant technologies according to specialization and best practice. Performs any other related task as required. Knowledge and Attributes: Developing fundamental project and administration ability Developing understanding and appreciation of technical design principles and compute layers. Ability to develop an understanding of fundamental project and administration processes. Display a strong learning orientation. Good verbal communication skills. Demonstrate a client service orientation. Hands-on proactive in approach. Knowledge on security concepts and application of those concepts. Ability in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, decoys, and other security tools. Developing knowledge on log collection mechanism such as Syslog, Log file, DB API. Developing knowledge in security architecture. Developing knowledge on log collection mechanism such as Syslog, Log file, DB API. Developing knowledge in security architecture. Developing knowledge in ETL concepts, data processing at scale and data stream pipelines through Terraform. Ability in cloud services on at least one of the following providers: AWS, Azure, GCP. Developing knowledge web service protocols and frameworks for high-availability, low-latency, resiliency, and auto-scaling. Developing understanding any of the following - Java, Python, TypeScript, JavaScript, R, .NET, PowerShell. Developing knowledge in serverless development. Analytical skills and ability to communicate effectively. Ability to solve problems in innovative ways while adhering to industry standards and practices. Developing understanding practices on securing data and systems by applying appropriate authentication and authorization controls. Developing understanding of Event Driven Development and asynchronous operations. Developing understanding project fundamentals which are demonstrated in the execution of installations and other assignments. Developing knowledge of security technologies and understanding of managed services concepts Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or Computing or a related field. Vendor certification is mandatory. Azure Certified Security Engineer PCNSA FCA CCNA Security. Cloud Security certifications and certifications like AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCDPCCNP Security, JNCIA, ACCA, PCNSE, PCNSA, FCP, CCSA, ITIL, Azure Security Engineer, Azure Certified DevOps Engineer, Azure Certified Network Engineer, Azure Administrator Associate, will be an advantage. Certifications relevant to the services provided (certifications carry additional weightage on a candidates qualification for the role) Terraform, Azure, Sentinel, EDR Defender for Cloud, Microsoft Security, Devops Ci/CD Pipelins, Azure Governance (Defender for Cloud, Azure Policies, Secure Score and Compliance), Version Control (Git), Microservices (Kubernetes, Azure Containers), Azure AWS/ GCP Infrastructure (IaaS, PaaS, SaaS), Azure Infrastructure as Code, Azure Administration, Hybrid Cloud, Networking (Firewalls, LAN, VPN), Automation, MS Office365, Power BI Administration, Scripting (PowerShell), ZTNA. Required Experience: Moderate level experience in SOC Analysis Operations. Moderate level experience in SIEM usage for Moderate level experience in Azure or AWS or GCP. Moderate level experience in Security technologies like Firewall, IPS, IDS, Proxy etc. Moderate level experience in technical support to clients. Moderate level experience in handling security incidents end to end. Moderate level experience in Security Analysis or Engineering Moderate level experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots, and other security tools. Workplace type : On-site Working.

Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Min 4+ Years exp in Soc along with SIEM (Splunk). Min 2 years Hands on exp in Splunk. Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Active CEH certification is Must. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties. Workplace type : On-site Working

Key Responsibilities: Min 3 Years exo in EDR and Trend Micro. The vendor should assess the existing endpoint security infrastructure and identify any gaps or vulnerabilities. The vendor should deploy EDR agents on endpoints, servers, and critical systems within the organization's network. The vendor should configure EDR agents to collect and analyze security events and activities on endpoints. The solution should monitor endpoints for suspicious activities, such as malware infections, unauthorized access attempts, and unusual user behavior. The solution should use behavioral analysis and machine learning to detect advanced threats and zero-day attacks. The solution should generate real-time alerts for potential security incidents and provide guidance for incident response and remediation. The vendor should enable endpoint forensics capabilities to investigate security incidents and identify the root cause of attacks. The solution should capture and store detailed endpoint activity logs and artifacts for further analysis. The vendor should integrate the tool with vulnerability management systems to assess the endpoint's security posture. The EDR solution should be able to rollout patches or upgrades from the EDR management console for agents onboarded on the platforms. The solution should alert and remediate endpoints with outdated or vulnerable software configurations. The solution should provide real-time alerts for anomalies that could indicate potential threats. The vendor should ensure the compatibility with other security systems, such as (but not limited to) SIEM, incident response tools, etc. The solution should correlate network anomalies with potential threats, aiding in early threat detection. The vendor is expected to deliver reports at periodic intervals as per Clients requirements. The vendor should re-deploy the agent as and when there is a change in the infrastructure or the operating systems. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is must. Required Experience: Entry-level experience with troubleshooting and providing the support required in security network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization. Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (such as Security, Network, Data Centre, Telephony, etc.). Working knowledge of EDR processes.

Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion its a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to / support on project work as and when required. What youll be doing Key Responsibilities: Min 3 Years exo in EDR and Trend Micro. The vendor should assess the existing endpoint security infrastructure and identify any gaps or vulnerabilities. The vendor should deploy EDR agents on endpoints, servers, and critical systems within the organizations network. The vendor should configure EDR agents to collect and analyze security events and activities on endpoints. The solution should monitor endpoints for suspicious activities, such as malware infections, unauthorized access attempts, and unusual user behavior. The solution should use behavioral analysis and machine learning to detect advanced threats and zero-day attacks. The solution should generate real-time alerts for potential security incidents and provide guidance for incident response and remediation. The vendor should enable endpoint forensics capabilities to investigate security incidents and identify the root cause of attacks. The solution should capture and store detailed endpoint activity logs and artifacts for further analysis. The vendor should integrate the tool with vulnerability management systems to assess the endpoints security posture. The EDR solution should be able to rollout patches or upgrades from the EDR management console for agents onboarded on the platforms. The solution should alert and remediate endpoints with outdated or vulnerable software configurations. The solution should provide real-time alerts for anomalies that could indicate potential threats. The vendor should ensure the compatibility with other security systems, such as (but not limited to) SIEM, incident response tools, etc. The solution should correlate network anomalies with potential threats, aiding in early threat detection. The vendor is expected to deliver reports at periodic intervals as per Clients requirements. The vendor should re-deploy the agent as and when there is a change in the infrastructure or the operating systems. Academic Qualifications and Certifications: Bachelors degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is Must

Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources.Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD,PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis.Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities.Identify log sources and examine system logs to reconstruct event histories using forensic techniques.Align SIEM rules and alerts with the LICs security policies and compliance requirements.Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging.Maintain and support the operational integrity of SOC toolsets.Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness.Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans.Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner.Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively.Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits.Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive.Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency.

Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is Must.

Key Responsibilities: Min 4+ Years exp in Soc along with SIEM (Splunk). Min 2 years Hands on exp in Splunk. Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Active CEH certification is Must. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties.

Your day at NTT DATA The Security Platform Engineer is a seasoned subject matter expert, responsible for facilitating problem resolution and mentoring for the overall team. This role performs operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). The Security Platform Engineer is responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments). What you'll be doing Key Responsibilities: Works as part of a 24/7 team working on rotational shifts. Works as part of Platform and Content Engineering handling tunings, stake holder requests, escalations, reporting, trainings. Administers the organization's security tools to gather security logs from environment. Performs lifecycle management of the supported security tools/technologies, Break-fix, Patching, Live update. Adheres to SOPs and notify stake holders on log flow/log format issues. Documents best practices. Identifies opportunities to make automations which will help the incident response team. Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics, and a broad range of skills in LAN technologies, Windows and Linux O/Ss, and general security infrastructure. Carries out agreed maintenance tasks. Ensures usage of knowledge articles in incident diagnosis and resolution and assist with updating as and when required. Performs defined tasks to monitor service delivery against service level agreements and maintains records of relevant information. Investigates causes of incidents and seeks resolution. Escalates unresolved incidents and follow up until incident is resolved. Provides service recovery, following resolution of incidents. Documents and closes resolved incidents according to agreed procedures. Investigates and identifies root cause of incidents and assist with the implementation of agreed remedies and preventative measures. Maintains knowledge of specific specialisms, provides detailed advice regarding their application. Ensures efficient and comprehensive resolution of incidents, including ensuring that repairs are carried out by coordinating product requests, working with other team members. Logs all such incidents in a timely manner with the required level of detail with all the necessary. Cooperates with all stakeholders including client IT environments, vendors and carriers to expedite diagnosis of errors and problems and to identify a resolution. Knowledge and Attributes: Seasoned working knowledge on implementation and monitoring of any SIEM or security tools/technologies. Seasoned knowledge on security architecture, worked across different security technologies. Customer service orientated and pro-active thinking. Problem solver who is highly driven and self-organized. Great attention to detail. Good analytical and logical thinking. Excellent spoken and written communication skills. Team player with the ability to work well with others and in group with colleagues and stakeholders. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or related field. Relevant level of Networking certifications such as CCNA, JNCIA, ACCA, PCNSA, CCSA etc. preferred. Relevant level of Security certifications such as AZ-500, SC-200, Security+, CEH, CISSP, CISM etc. will be added advantage. Required Experience: Seasoned experience in Security technologies like (Firewall, IPS, IDS, Proxy etc.). Seasoned experience in technical support to clients. Seasoned experience in diagnosis and troubleshooting. Seasoned experience providing remote support in Security Technologies. Seasoned experience in SOC/CSIRT Operations. Seasoned experience in handling security incidents end to end. Knowledge on networking, Linux and security concepts. Seasoned experience in configuring/managing security controls such as Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, HoneyPots and other security tools. Knowledge on log collection mechanism such as Syslog, Log file, DB API. Knowledge in security architecture. Seasoned experience in Security engineering.

Job description: TCS has always been in the spotlight for being adept in the next big technologies. What we can offer you is a space to explore varied technologies and quench your techie soul. What we are looking for: Deep technical expertise in Endpoint security technology domain with demonstrated expertise in one or more of the following areas EDR, HIPS, Anti-Malware, FIM, Server Protection Proven experience in maintaining endpoint security solutions across enterprise environments. Provide compliance reports (monthly and based on need) Performing analysis of end-point security needs that contribute to the design, integration, and installation of hardware and software. Analysis, troubleshooting and development of solutions to end-point security problems. Excellent troubleshooting skills Creation of SOPs for daily operations of endpoint security tools and services Monitoring security advisory groups to ensure all necessary security updates, patches and preventive measures are in place. Support forensics activates and requirements. Good soft skills and multi-tasking abilities

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Lead and mentor a team of Tier 1, Tier 2, and Tier 3 SOC analysts.- Define and enforce SOC processes, workflows, SLAs, and escalation protocols.- Provide regular performance feedback and conduct training to upskill the team.- Collaborate with IT, DevOps, Risk, and Compliance teams on security initiatives.- Oversee daily security monitoring, triage, and incident response activities.- Ensure timely detection, investigation, and resolution of security incidents.- Maintain incident tracking and reporting for internal stakeholders and audits.- Conduct root cause analysis and ensure lessons learned are documented and implemented.- Manage and optimize SIEM, SOAR, EDR, and other monitoring tools.- Define and tune detection rules, playbooks, and alerts to reduce false positives.- Evaluate and recommend new tools and technologies to improve SOC capabilities.- Ensure log sources and telemetry are complete and properly ingested.- Ensure SOC operations support compliance requirements (ISO 27001, NIST, PCI DSS, GDPR).- Prepare and deliver regular security metrics and executive reports.- Coordinate with internal and external auditors during assessments. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Governance.- Strong understanding of risk management frameworks and compliance standards.- Experience with cloud security architecture and implementation.- Ability to conduct security assessments and audits.- Familiarity with security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 12 years of experience in Security Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills. Additional Information:Work as part of analysis team that works 24x7 on a rotational shift The candidate should have minimum 2 years of experience This position is based at our Chennai office.Minimum a bachelors or a masters degree in addition to regular 15- year full time educationAdaptability to accept change Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Engineering Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a secure environment for all stakeholders. Roles & Responsibilities:Work as part of Security Engineering handling tunings, customer requests, escalations, reporting, trainings.Administration of the Accenture proprietary SIEM to gather security logs from customer environment.Life cycle management of the SIEM Adhering to SOPs and notify customers on log flow/log format issuesDocument best practices and writing KB articlesIdentify opportunities for process improvements Professional & Technical Skills: Experience in SOC OperationsKnowledge on networking, Linux and security concepts Experience in configuring/managing security controls such as Firewall, DS/IPS, EDR, UTM, ProxyKnowledge on log collection mechanism such as Syslog, Log file, DB & API and build collector Knowledge in device onboarding and integrationPassion for cyber security, learning, and knowledge sharing Strong Verbal & written communication skillsProven customer service skills, problem solving and interpersonal skills Ability to handle high pressure situationsConsistently exhibit high levels of teamwork Additional Information:Work as part of a global technical services team that works 24/7 on rotational shiftThe candidate should have minimum 2 years of experience in Accenture MxDR Ops Security Engineering.This position is based at our Chennai office.A 15 years full time education is required. Qualification 15 years full time education

About Organization: Larsen & Toubro Ltd, commonly known as L&T, is an Indian multinational conglomerate company, with business interests in engineering, construction, manufacturing, technology, information technology and financial services, headquartered in Mumbai. The company is counted among world's top five construction companies. The L&T Group comprises of 93 subsidiaries, 5 associate companies, 27 joint ventures and 35 jointly held operations, operating across basic and heavy engineering, construction, realty, manufacturing of capital goods, information technology, and financial services. Specialties: Aerospace, Infrastructure, Shipbuilding, Construction, Defense, Finance, Forging, Hydrocarbon, Information Technology & Engineering Services, Construction Equipment, Railways, Boilers, Process Plant, Turbines, Power, Renewable Energy, Manufacturing, and Green Hydrogen. Job Title: Assistant Manager/Manager - Technology support & excellence Job Location: Powai, Mumbai Working Model: Work from office Operating Model: 6 days (2nd and 4th Saturdays Off) EDUCATIONAL QUALIFICATIONS: B.Tech/B.E./MCA/M.Sc. In Cyber Security Specialization EXPERIENCE: Min 4-6 years in Information Security Job Profile: Should have handled latest security tools, technologies (EDR, PIM, WAF, SASE, Proxy etc) & maintained compliance to standards (e.g. ISO27001:2022) Remediate cyber security incidents as per agreed service levels with Central Cyber Security operation Center As SME of security technology, evaluate & deploy security technologies Establish vendor selection criteria (RFP, Evaluation, Short listing, Selection) Ensure implementation of security tools & technologies as per project plans Managing & ensuring service delivery of partners with agreed SLA & payments as per schedule Conducting security awareness trainings for stakeholders in respective areas Run technology excellence program (CoE) with KPIs in line with industry standards Adherence to Budgets (Capex, Opex)