23 Incident Handling Jobs

LTIMindtree Hiring for Azure Sentinel L2/L3 SOC Analyst for Hyderabad Location- Notice period-immediate to 15 days. Exp-5 to 8 yrs. Location- Hyderabad Skill Combination: Minimum 6 yrs in security domain, and at least 3 yrs as L2/L3 if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview (YES/NO)- Job Description- Develop and maintain playbooks runbooks and incident response procedures Collaborate with threat intelligence teams to enrich alerts and improve detection capabilities Conduct post incident reviews and root cause analysis Mentor and train L1 and L2 SOC analysts Recommend and implement improvements to SOC tools processes and detection rules Stay current with emerging threats vulnerabilities and security technologies The expectations from the graders would be To evaluate the tasks that are being fed into the agent for their real world applicability To evaluate the agent output to come up with a ground truth and rate the agent output in a predefined rubric based on the inputs pr-ovided by us To have very deep SOC analyst experience and insights This also includes any other skills needed to evaluate the agent output The ability to scale to around min 2030 evaluations per day per grader based on the complexity of the task Core Technical Skills SIEM Tools eg Splunk QRadar Microsoft Sentinel Endpoint Detection and Response EDR eg CrowdStrike SentinelOne Firewall and IDSIPS eg Palo Alto Snort Suricata Log Analysis and Packet Capture Analysis eg Wireshark Threat Intelligence Platforms eg MISP Recorded Future Incident Response and Forensics Scripting Automation Python PowerShell Bash Operating Systems Windows Linux macOS Networking Fundamentals TCPIP DNS HTTP VPNs

Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!. Who We Are. Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.. Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.. Deepwatch Recognition Includes. 2025, 2024, 2023, 2022 and 2021 Great Place to Work® Certified. 2024 Military Times Best for Vets Employers. 2024 US Department of Labor Hire Vets Gold Award. 2024 Forbes' America's Best Startup Employers. 2024 Cyber Defense Magazine, Global Infosec Awards. 2023 and 2022 Fortress Cybersecurity Award. 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners. 2022 Cybersecurity Excellence Award for MDR. Position Summary. This role is 100% onsite in Bengaluru. The shift for this position is Monday Friday, 7:30AM 3:30 PM.. Deepwatch is looking for a highly motivated, self-driven, technical analyst dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. The Deepwatch Squad and Security Operations Center offers opportunities to expand your skill set through a wide variety of experiences, detecting and responding to incidents as they occur in real-time for our customers.. The Deepwatch squad is a unique approach to how we support our customers and ultimately provide an experience not found anywhere else. You’ll be an integral part of supporting our customers by understanding their bespoke environment, needs and challenges. You will be playing a key role in supporting some of the top organizations in the world, and have the opportunity to develop your skills by working with the best responders in the industry, your team and your Squad.. The Analyst I is focused on providing descriptive analysis. They will answer questions such as the who, what, when, and where of events. Analysts are curious individuals who actively work to develop a better understanding of the environments they are assigned. Using cybersecurity best practices, you will monitor and secure complex customer environments utilizing industry leading technology such as Splunk, xSOAR, CrowdStrike and more.. In This Role, You’ll Get To. Support incident handling processes across multiple platforms and security technologies including Windows, Linux and macOS. Monitor a queue of security events generated by the Deepwatch platform SOAR, triage events based on their criticality, and escalate validated security events to customers. Document and manage incident cases in our case management system. Keep up-to-date with information security news, techniques, and trends. Identify and report any gaps in log collection or reporting as soon as possible to the customer and Deepwatch Engineering. Become proficient with Splunk, ServiceNow and other third-party threat intelligence tools as required. Perform security detection analysis and investigations using SIEM and SOAR technologies, leverage Deepwatch proprietary tooling and intelligence and maintain SLA’s. Act as the first line of defense during security events by triaging and investigating alerts within a customer’s environment. Produce high-quality written and verbal communications, recommendations, and findings to customer management in a timely manner. Continue to sharpen your skills and capabilities on the job, and through the Deepwatch development program. To be successful in this role, you’ll need to:. A basic understanding of cyber security principles, concepts and practice with a focus on SOC operations, alert triage and investigations. Know your way around SIEM platforms (Splunk preferred), how to perform queries and leverage various log sources to perform investigations. Articulate the process involved in pivoting to other log sources, cloud systems, or consoles to perform a comprehensive analysis from multiple data sources. Have a basic understanding of modern EDR, email security and cloud identity platforms. Review SIEM alerts and make a determination for what other sources or intelligence is needed to make a determination, relying on peers to help improve your skills and capabilities. A strong understanding of all basic ports and protocols. Familiarity with Windows, Mac, and Linux file path structure.. Familiarity with OSINT, TTPs and IOCs. Strong written and verbal communication skills with the ability to produce well-written reports and analysis that’s thorough, accurate and complete.. Provide the customer with a complete understanding of the investigation. CEH, CySA, GSEC, Sec+, or equivalent certification preferred. A college degree in Information Security or IT, related training, certifications or on-the-job experience. Life At Deepwatch. For employees, Deepwatch fosters a unique, flexible work environment designed with collaboration in mind. The company emphasizes personal and professional. growth, offering benefits such as professional development programs, comprehensive health coverage, and generous parental leave. Deepwatch is also committed to diversity, equity, inclusion, and belonging, aiming to empower underrepresented groups in tech by connecting them with meaningful opportunities, mentors, and sponsors.. In recognition of its supportive workplace culture, Deepwatch earned the Great Place To Work Certification/(TM) in 2025, underscoring its dedication to. creating a positive and inclusive work environment. Deepwatch is a global cybersecurity company with offices in San Francisco Bay Area, CA; Tampa, Florida;. and Bengaluru, India.. What We Offer. At Deepwatch, we are committed to supporting our employees with a comprehensive benefits package designed to enhance your well-being and financial security.. We Partner With Plum Benefits To Provide. ? Group Health Insurance – Comprehensive medical coverage for you and your dependents.. ? Group Accidental Insurance – Financial protection in case of accidental injuries.. ? Group Term Life Insurance – Security for your loved ones in unforeseen circumstances.. For additional details, refer to the benefits guide provided by Plum.. Payroll & Compensation. ? Pay Cycle: Salaries are processed monthly and paid on the last day of each month.. ? Pay Slips & Reimbursements: Delivered via email.. ? Payroll Processing: Managed by BCL Chartered Accountants through GreytHR, which provides tax and payment-related details.. Show more Show less

Warm Greetings from SP Staffing!! Role :SOC Analyst Experience Required :3 to 8 yrs Work Location :Bangalore Required Skills, Security operations SOC1, SOC2 , FFIEC , GDPR Interested candidates can send resumes to nandhini.spstaffing@gmail.com

Dear Candidate, We are seeking a Security Operations Engineer to monitor, detect, investigate, and respond to security incidents and threats across systems and networks. Key Responsibilities: Monitor alerts and logs using SIEM tools (Splunk, QRadar, Sentinel). Analyze security incidents, conduct root cause analysis, and coordinate response. Support threat hunting and vulnerability assessments. Maintain and tune security tools (IDS/IPS, endpoint protection, firewalls). Document incident reports and provide remediation recommendations. Required Skills & Qualifications: Experience in a Security Operations Center (SOC) or similar role. Strong knowledge of cybersecurity concepts and incident response. Familiarity with EDR tools (CrowdStrike, Carbon Black) and log analysis. Scripting and automation skills for detection and response tasks. Security certifications such as CEH, CompTIA Security+, or GCIA are beneficial. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Job Description: Oversees site EHS, legal compliance, safety plans, audits, incident management, PPE, training, mock drills, documentation, reporting, supports EHS initiatives, and collaborates with corporate EHS for training, audits & advice.

Roles and Responsibilities Conduct threat hunting activities to identify potential security threats and vulnerabilities. Analyze malware samples using various tools such as QRadar, Splunk, and ArcSight. Perform incident response duties including handling incidents, conducting root cause analysis, and implementing remediation measures. Monitor security event logs from multiple sources to detect anomalies and potential security breaches. Collaborate with other teams to develop threat intelligence reports and improve overall security posture. Desired Candidate Profile 7-12 years of experience in Security Operations Center (SOC) or related field. Strong understanding of incident response, threat analysis, threat intelligence gathering, log analysis, and security monitoring concepts. Proficiency in tools like QRadar, Splunk, ArcSight for malware analysis and incident response tasks.

Dear Candidate, We are seeking a Cybersecurity Analyst to detect, investigate, and prevent security threats across digital assets and systems. Key Responsibilities: Monitor and analyze security alerts, logs, and events. Perform threat intelligence, malware analysis, and incident response. Conduct vulnerability assessments and patch management. Support compliance and audit activities (ISO, NIST, GDPR). Educate staff on cybersecurity best practices and awareness. Required Skills & Qualifications: Experience with SIEM tools (Splunk, AlienVault, QRadar). Knowledge of firewalls, IDS/IPS, endpoint protection, and antivirus. Familiarity with scripting for automation and reporting. Strong analytical, investigative, and communication skills. Security certifications preferred (e.g., CompTIA Security+, SOC Analyst, CISSP). Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Only candidates currently in Pune or Open to relocate to Pune, please apply: Job Description: We are seeking a skilled and detail-oriented Senior System Administrator to oversee, manage, and support on-premise servers and secure network infrastructure across multiple hospital sites and a central data centre. This is a critical, hands-on role focused on maintaining server uptime, ensuring secure and stable connectivity, managing reliable data backups, and supporting local IT teams to ensure seamless operations in a mission-critical healthcare environment. The ideal candidate will have strong Linux (Ubuntu) server administration skills, be highly responsive to system issues, and have a strong understanding of secure networking, backup integrity, and infrastructure compliance. This role requires technical depth, a proactive mindset, and a commitment to maintaining high system availability and security in environments where downtime is not an option. Key Responsibilities: 1) You will manage and maintain on-premise servers located at hospitals and central site 2) You will ensure secure connectivity between all sites using VPN and APN 3) You will monitor server performance, uptime, and resource utilization 4) You will perform daily backup operations and ensure data is stored reliably on NAS 5) You will validate backup integrity and troubleshoot failed backup jobs 6) You will respond to system issues and incidents reported by hospital staff 7) You will perform routine maintenance: software updates, patch management, and log reviews 8) You will configure and manage network settings, firewall rules, and remote access 9) You will maintain documentation for system configuration, incident resolution, and backups 10) You will coordinate with local IT staff for on-site troubleshooting or hardware issues 11) You will support new server deployments, configurations, and migrations as needed 12) You will ensure compliance with IT policies, security standards, and audit readiness 13) You will prepare periodic reports on server health, backup status, and incident logs Candidate Profile: Required Qualifications: Strong hands-on experience with Ubuntu Server administration Proficient in VPN and APN setup and troubleshooting across distributed locations Deep understanding of Linux CLI tools, systemd, cron, and shell scripting Experience with rsync, rclone, or similar tools for backup and NAS integration Skilled in managing firewall (UFW/iptables), SSH hardening, and basic security configurations Ability to troubleshoot network, disk, and service-level issues on Ubuntu Familiarity with automated updates, patching, and system monitoring (manual/log-based) Knowledge of LVM, RAID configurations, and disk performance tuning Proficient in documenting server setup, changes, and incident handling Able to manage remote server environments without centralized monitoring tools Excellent problem-solving skills and responsiveness to live issues Prior experience in healthcare or mission-critical IT environments is an advantage Desired Qualifications: Experience with automation tools like Ansible or Bash scripting for repetitive tasks Familiarity with open-source monitoring tools (e.g., Zabbix, Prometheus, Grafana) for future implementation Knowledge of NAS management, especially with NFS or SMB protocols Understanding of basic MySQL/PostgreSQL server administration Experience in log management and analysis using tools like Logwatch, journalctl, or syslog Ability to design and implement disaster recovery plans Exposure to ITIL practices or structured ticketing/helpdesk environments Ability to train and mentor junior IT staff or hospital IT coordinators Awareness of cybersecurity best practices in handling patient data and medical systems Willingness to contribute to process improvement and documentation standardization

Windows System Administration and Troubleshooting knowledge on Windows Area/O365 Windows and VMWare Trouble shooting, VMWare vCenter, Patching Troubleshooting, User Management/Storage management Windows System Administration with a minimum 4+ Years of Relevant Experience in Windws and Vmware and good Troubleshooting experience Good Exposure on Windows Production/Non-Production Environment Patching and Troubleshooting Good knowledge on AD access management and group policy troubleshooting LDAP User-Management and Troubleshooting Good knowledge on PowerShell scripting for automation Good knowledge on Vmware environment and should familiar on HA and DRA in Vmware Good knowledge in server and Vmware decommission process Good knowledge on hardware tools like HP SIM and HP oneview Should be familiar with firmware updates and enclosure and VCM administration in HPE Management/LVM/Process-Related Performing Production and Non-Production Changes and resolving queries that comes from Application Teams that are related to OS side Handling Incidents will be an added advantage Depth knowledge of Windows server setup, deployment, and maintenance, advanced coding skills, and the ability to solve complex IT issues. Responsible for installing or upgrading Windows-based systems and servers, managing user access to the servers, and maintaining the security and stability of the network. Handling O365 Issue

Incident handling, forensic analysis, and VAPT SIEM tools cybersecurity frameworks Log analysis, monitoring, detecting and investigating security incidents and breaches. CEH,CSA,CompTIA Security+,GCIH,security incidents

Dear Candidate, We are hiring a Digital Forensics Analyst to investigate cyber incidents, recover digital evidence, and support legal and compliance teams. Ideal for professionals with a strong background in cybersecurity and forensic analysis. Key Responsibilities: Perform forensic imaging and analysis on digital devices Investigate incidents involving malware, breaches, or data leaks Document evidence for regulatory, legal, or HR use Collaborate with SOC and legal teams to support investigations Required Skills & Qualifications: Experience with forensic tools (EnCase, FTK, Autopsy, X-Ways) Knowledge of file systems, OS internals, and memory analysis Understanding of chain-of-custody and evidence handling Bonus: GIAC (GCFA, GCFE) or related digital forensics certifications Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Job Title Cybersecurity Lead Incident Management Network Security Signature Writing Job Summary The Cybersecurity Lead will manage the Incident Management Network Security Signature Writing team This role involves overseeing incident response and signature development direct stakeholder management team management and project management The ideal candidate will have a strong background in cybersecurity incident response and network security with excellent communication and leadership skills Key Responsibilities Incident Monitoring and Response Monitor security alerts and incidents respond promptly and escalate as needed Threat Analysis and Detection Investigate security incidents develop detection rules and signatures Signature Development Create signatures for vulnerabilities and perform vulnerability hunting Tool Management Deploy configure and manage NDR tools Alert Tuning and Optimization Optimize alerts to reduce false positives Reporting and Documentation Document and report on security incidents Research and Development Stay updated with cybersecurity trends and improve detection capabilities Stakeholder Management Engage with stakeholders and manage escalated issues Team Management Lead and support the team Project Management Oversee projects related to incident response and signature development Preferred Skills Experience with Microsoft Defender or similar endpoint protection solutions Strong understanding of endpoint and network security threat detection and response Proficiency with SIEM platforms and scripting languages Knowledge of network protocols firewall rules and intrusion detection prevention systems Familiarity with advanced persistent threats threat hunting and incident response frameworks Understanding of IPSIDS signatures and Rapid7 recog signatures Good to have malware and threat analysis and CVE hunting This role operates within a 24x7x365 environment requiring flexibility for shifts holidays and on call responsibilities.

Job Title : Incident Manager Location State : Karnataka Location City : Hyderabad Experience Required : 4 to 6 Year(s) Shift: 24/7 Work Mode: Onsite Position Type: Contract Openings: 3 Interested candidate share there updated resume sangeeta.t@varite.com For more information contact sangeeta @ 8929376486 Company Name: VARITE INDIA PRIVATE LIMITED About The Client: An American multinational computer technology company headquartered in Austin, Texas, United States. A global technology provider offers a comprehensive suite of software solutions, encompassing a flagship relational database management system, enterprise resource planning, customer relationship management, and cloud services. Additionally, the company delivers middleware products, business intelligence tools, and industry-specific applications, addressing diverse business needs worldwide. As a key player in application development, it stewards a widely utilized programming language. These software solutions cater to businesses across various industries and are widely adopted for scalability, security, and innovation. About The Job: Experience in the field of ITIL Service Management, Incident Management Experience handling Tickets & Ticketing tools Maintain, monitor and manage mission critical servers and applications in a mission critical 24x7 environment Manage applications in multi-server Windows, Linux, and Oracle environment, requiring limited or no downtime Qualifications: B.TECH/ M.TECH/ MCA/ BCA How to Apply: Interested candidates are invited to submit their resume using the apply online button on this job post. Equal Opportunity Employer: VARITE is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, veteran status, or disability status. Unlock Rewards: Refer Candidates and Earn. If you're not available or interested in this opportunity, please pass this along to anyone in your network who might be a good fit and interested in our open positions. VARITE offers a Candidate Referral program, where you'll receive a one-time referral bonus based on the following scale if the referred candidate completes a three-month assignment with VARITE. Exp Req - Referral Bonus 0 - 2 Yrs. - INR 5,000 2 - 6 Yrs. - INR 7,500 6 + Yrs. - INR 10,000 About VARITE: VARITE is a global staffing and IT consulting company providing technical consulting and team augmentation services to Fortune 500 Companies in USA, UK, CANADA and INDIA. VARITE is currently a primary and direct vendor to the leading corporations in the verticals of Networking, Cloud Infrastructure, Hardware and Software, Digital Marketing and Media Solutions, Clinical Diagnostics, Utilities, Gaming and Entertainment, and Financial Services.

Position Title: IT Security Analyst Description of the role: The Security Monitoring Analyst is responsible for manning the India SOC for our client based in the US. The key responsibilities include: Handling of all alerts - SIEM, IPS/IDS solutions, EDR the resource is expected to monitor, investigate, respond, and resolve these alerts. Resolving general support requests device control, URL whitelisting, lockouts, etc. Completion of daily checklists and preparation and sending daily reports. Monitor patching status and respond to patch failures by either redeploying the patch manually or escalating to the relevant teams. Monitor Vulnerability scans, review the reports, and parse through these to remove false alarms. • Document the response and resolution of alerts and tickets. Creating exclusions or Detection lists to reduce false alarms. Qualification: Require CompTIA / CySA+ / equivalent preferred certifications. The individual is expected to be a graduate (Engineering preferred). Candidates with professional certifications such as CompTIA Security+ would be preferred. Key requirements: Ability to think logically, understand and apply learning into practice 4 years of experience in IT security monitoring. Experience working with intrusion detection/prevention systems is a must. Experience in Darktrace would be preferred. Experience working with a SIEM tool is a must. Experience in patch management and IBM BigFix would be an advantage. Experience with vulnerability scanners and their reporting management would be beneficial. Excellent verbal and written English is mandatory. The candidates will be communicating with users based in the US and must communicate effectively. Position Location: Mumbai Andheri(E). Hours of operation: 7 am -3 pm/3 pm -11 pm/11 pm to 7am.

Oversee the entire quality assurance process, from raw materials to finished goods, ensuring consistent quality & compliance, ensuring that products meet regulatory requirements & quality standards like ISO 13485, ISO 9001, 21 CFR 211 & 21 CFR 820 Required Candidate profile Bachelors in science 10-15 years' experience in quality in medical device/ pharma industry QMS implementation experience Must have regulatory audit exposure Like WHO/ USFDA & EU GMP

Daily site operations Coordination with staff (HK, attendance, joining etc) Basic reporting & MIS, Incident handling. Basic computer knowledge Team coordination - FM exp preferred

Dreaming big is in our DNA Its who we are as a company Its our culture Its our heritage And more than ever, its our future A future where were always looking forward Always serving up new ways to meet lifes moments A future where we keep dreaming bigger We look for people with passion, talent, and curiosity, and provide them with the teammates, resources and opportunities to unleash their full potential The power we create together when we combine your strengths with ours is unstoppable Are you ready to join a team that dreams as big as you do AB InBev GCC was incorporated in 2014 as a strategic partner for Anheuser-Busch InBev The center leverages the power of data and analytics to drive growth for critical business functions such as operations, finance, people, and technology The teams are transforming Operations through Tech and Analytics, Do You Dream Big We Need You, Job Description Job Title: Senior Specialist Cyber Security Operations Location: Bengaluru Reporting to: Senior Manager Cyber Security Operations Purpose of the role Do you want to join the world largest brewerWe at AB-InBev have a fantastic opportunity for you to work as a Cyber threat hunter & join a growing team of top professionals who invest time and effort in protecting Ab-InBev from top Sophisticated Threats We're constantly improving, advancing, and adopting new trends, new skills, and new expertise, giving our employees endless opportunities for professional development Youll be expected to work with in a team of incident responders operating in 24x7 shift model with deep knowledge on investigating Security alerts, and process responses for alerts generated by cyber security systems within defined timelines, Key tasks & accountabilities Work in a team of cyber security incident responders monitoring, responding, and processing responses for the security alerts triggered from SOC tools deployed across on-premises and cloud environments like EDR, IDS/IPS, Web proxy, SIEM, phishing analysis etc , And from Cloud Security platforms like MS Defender for Cloud, AWS Guard duty, Orca Security etc , Monitor threats and new attack techniques being disclosed in the wild, Investigate events to determine if they are true events or false positive, Perform hunts in environment to identify any persistent in environment, Create incident storyline based on the investigations, identify, and communicate required remediation steps for all security alerts/incidents, Co-relate different log sources to collect the evidence required to understand the impact and advise on response actions, Must have worked on Tuning existing alerts and Creation of exiting alerts to reduce False positive, Adhere to the SLAs and operational practices during a 24x7 shift schedule, Follow shift routine, regular updates to incidents, follow-up with vendors, AB InBev Zone Security contacts, and shift handover, Work closely with In-house automation, data science to automate the repeated tasks, Participate in projects to improve security monitoring toolkits as well as to improve defensive controls, Act as an Incident commander during Critical incidents Act quickly on identifying potential kill switch and containment Post Containment, Prepare the incident report and share with required stakeholders, Create Incident response SOPs and run books as in when needed, Seek opportunities to drive efficiencies and collaborate with other technology teams within and outside SOC (Eg : NOC, Infra, automation, Intel, Offensive team, Cloud Ops, etc ,) Working closely with Engineering team, to aid in the enhancement of contextual analysis and providing threat hunting support, Business Environment Flexible to support in 24*7 support environment, Proficient in Threat Hunting techniques (endpoint and network data analysis), Knowledge on Operational Technology (OT) Devices, Protocols, Effective interpersonal, team building and communication skills, Good Oral and Written communication skills Ability to communicate complex technology to non tech audience in simple and precise manner Ownership skills, Effectively collaborates and communicates with the stakeholders and ensures client satisfaction, Learn things quickly, while working outside the area of expertise, Good knowledge of security standards and best practices, Understanding of various operating systems, Familiarity with the Cyber Kill Chain and demonstrable analytical skills, Qualifications, Experience, Skills Bachelors degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience, 6+ years of experience in a technical role in the areas of Incident response, CISRT and SOC Operations, Experience with more than one EDR, SIEM, and log analysis tools and techniques, Experience on Cloud Security native solutions like MS Defender for Cloud, AWS Guard duty, GCP Command center etc , and commercial tools like Orca, Wiz etc , Experience in handling critical incidents in the past with Strong ability to use data points to sketch a story, Ability to identify and communicate remediation steps for cybersecurity events by considering architecture, infra and system limitations, Ability to recognize potential intrusion attempts and compromises through analyses of relevant event logs, Good knowledge on operating system internals (Windows, Linux/UNIX & MAC) and Networking concepts, Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively, Nice to have: Security certifications like CEH, CHFI, CompTIA Security +, etc , Should have strong experience on Cyber Security alert response practices and Critical incident handling procedures, Good to have experience in tuning UBEA platform, Should have Advanced knowledge on operating system internals (Windows & Linux/UNIX) and Networking protocols, A demonstrated passion towards cyber security, Competencies: Familiarity with offensive strategies and attack vectors, Ability to effectively work in a global team across a complex, geographically dispersed organization, Good understanding of common threat analysis models such as the Cyber Kill Chain, and MITRE ATTCK, Knowledge on Operational handling will be an additional advantage, And above all of this, an undying love for beer! We dream big to create future with more cheers

* DO NOT APPLY ON NAUKRI * NO FRESHERS - No Career Gaps 2 - 4 yrs Exp in Incident Management - ACK Tickets - Manage Tickect - Manage Field Engineers - Manage Inventory - Manage Client Communication . HR - Sanjay / Shilpa WhatsApp CV - 888-464-3032 . Required Candidate profile Permanent WFH 2+ yrs exp in Incident Management Excellent Written English * Laptop + Wi-Fi 6-Day Work - Day Shift Rotational w/off HR Sanjay / Dharini For fast processing WhatsApp CV - 888-464-3032 Perks and benefits . Permanent WFH - Work from anywhere in India!! .

* DO NOT APPLY ON NAUKRI * NO FRESHERS - No Career Gaps 2 - 4 yrs Exp in Incident Management - ACK Tickets - Manage Tickect - Manage Field Engineers - Manage Inventory - Manage Client Communication . HR - Sanjay / Shilpa WhatsApp CV - 888-464-3032 . Required Candidate profile Permanent WFH 2+ yrs exp in Incident Management Excellent Written English * Laptop + Wi-Fi 6-Day Work - Day Shift Rotational w/off HR Sanjay / Dharini For fast processing WhatsApp CV - 888-464-3032 Perks and benefits . Permanent WFH - Work from anywhere in India!! .

SIEM tools to identify potential threats;VAPT tools, Incident Handling, Forensic Analysis;CEH CSA;CySA+;CISA;incidents and breaches; operating systems, network devices, and security devices.Familiarity with Security Information and Event Management

Role & responsibilities: Critical Incident Analyst

Job Title: Application Support Engineer Experience Required: 2+ Years Job Type: Full-Time Location: Chennai (Hybrid) Job Summary: We are seeking an experienced Application Support Engineer to join our dynamic support team in Chennai. The ideal candidate will have a minimum of 2 years of experience in technical support, with hands-on knowledge of EDI data processing, incident and service request handling, and standard operating procedure documentation. A basic understanding of Java and experience working with tools like JIRA are essential. Key Responsibilities: Provide Level 1 and Level 2 support for business-critical applications. Monitor and manage EDI (Electronic Data Interchange) data exchanges to ensure accuracy and timely processing. Handle incidents and service requests in line with agreed SLAs. Log, track, and resolve issues using JIRA or similar ticketing tools. Document Standard Operating Procedures (SOPs) and knowledge base articles for recurring issues. Coordinate effectively with cross-functional teams, business users, and third-party vendors. Conduct root cause analysis and implement preventive actions for frequent issues. Support routine system monitoring, maintenance, and reporting . Use basic Java knowledge for issue triaging and provide insights for potential automation. Must-Have Skills: 2+ years of experience in application/production support Experience in EDI data monitoring and management Proficiency in incident and request management Familiarity with JIRA or equivalent tools Ability to document technical procedures and support guides Strong communication and troubleshooting skills Basic knowledge of Java Nice-to-Have Skills: ITIL Foundation Certification Exposure to Java-based automation or scripting Experience working in hybrid/onsite support environments

•Review and triage information security alerts, provide analysis and determine and track remediation and escalate as appropriate •Assist with log management and security information and event management (SIEM) solutions design and configuration Required Candidate profile Scripting in one of the common scripting languages (Python, Bash, Powershell) is an asset. CISSP Certification is a plus.