270 Incident Response Jobs

Were Hiring: Information Security Risk Specialist | 79 Years Experience | Bengaluru Location: Bengaluru Experience Required: 7 to 9 years Employment Type: Full-Time We’re looking for a seasoned Information Security Risk Specialist to lead and strengthen our enterprise-wide risk management framework. If you’re passionate about cybersecurity, thrive on identifying and mitigating risks, and have hands-on experience with global standards like ISO 27001 and NIST. Key Responsibilities: Design and implement enterprise-wide InfoSec risk management programs. Conduct risk assessments, vulnerability analyses, and compliance evaluations. Collaborate across IT, engineering, legal, and external partners to drive mitigation strategies. Lead security awareness initiatives and incident response planning. Track and report KPIs and security metrics to senior stakeholders. What We’re Looking For: 5+ years in cybersecurity, risk, or compliance roles. In-depth knowledge of ISO 27001, NIST, COBIT, COSO frameworks. Strong analytical, communication, and stakeholder management skills. Preferred certifications: CISSP, CRISC, CISM, CEH. Why Join Us? Be a key player in building secure systems powering global transport solutions. Work with cutting-edge technologies and global teams. Drive meaningful change in a high-impact, high-autonomy role.

We are seeking a highly experienced Cybersecurity Solutions Specialist to drive technical engagements and solution design for enterprise clients. This role combines strategic presales leadership with hands-on cybersecurity expertise, including L3 support, SOC operations, and threat intelligence. You will act as a trusted advisor to clients, guiding them through complex security challenges and aligning solutions with business needs. Lead technical discovery sessions and design tailored cybersecurity solutions. Deliver product presentations, demos, and Proof of Concepts (PoCs). Respond to RFPs/RFIs and develop comprehensive technical proposals. Evaluate new technologies, tools, and processes for inclusion in solution offerings. Manage and operate security tools including SIEM, IDS/IPS, EDR, DLP, and firewalls. Implement and maintain SOC and ISMS frameworks aligned with ISO 27001. Conduct threat intelligence analysis and stay updated on emerging threats. Perform vulnerability assessments, penetration testing, and system hardening. Analyze and respond to software/hardware vulnerabilities and security log data. Conduct security audits and document incident response procedures. Hands-on experience with EDR, Anti-Virus, Vulnerability Management, Forensics, and Encryption. Experience in cybersecurity presales, solution architecture, or consulting. Strong knowledge of security domains including: Network Security (Firewalls, IPS/IDS) Endpoint Security (EPP, EDR, XDR) Cloud Security (Azure, AWS, GCP) Identity & Access Management (IAM, PAM) Data Protection (DLP, encryption) Security Operations (SIEM, SOAR) Strong scripting skills (Python, PowerShell, Bash) for automation and analysis. Familiarity with MITRE ATT&CK framework and threat intelligence platforms. Experience in cybersecurity, including L3 support and presales roles. Advanced certifications preferred: CISSP, CISM, CEH, OSCP, GCIA, GCIH, CASP, CompTIA Security+ or vendor-specific certifications (e.g., Palo Alto, Fortinet, Microsoft Security). Strong understanding of cyber-attacks, threat vectors, risk management, and incident response. Flexible to work in 24x7 operations and rotational shifts.

About us As a Fortune 50 company with more than 400,000 team members worldwide, Target is one of the worlds most recognized brands and one of Americas leading retailers. Target as a tech companyAbsolutely. We are the behind-the-scenes powerhouse that fuels Targets passion and commitment to cutting-edge innovation. We anchor every facet of one of the worlds best-loved retailers with a strong technology framework that relies on the latest tools and technologiesand the brightest peopleto deliver incredible value to guests online and in stores. Behind the brand our guests love, is a culture of continual innovation and right now, we are up to big things. The Cyber Fusion Centre is the heart of Targets security team and a place where innovation happens daily. Interested in a culture that combines invention and creative freedom, ongoing learning, engineering excellence, and stellar outcomesWe are, too thats why we work here. Join our team to take new enterprise security solutions from concept to release, collaborating with both software & security engineers to innovate on helping defend Targets network using cutting-edge technologies.We are seeking a Senior Threat Detection Engineer to join our world class cybersecurity-cyber defence team. The ideal candidate will be responsible for designing, implementing, and optimizing threat detection mechanisms to protect the organization from advanced cyber threats.About The Role/Key Responsibilities: Threat Detection Development : Design and implement detection rules, signatures, and analytics to identify malicious activities in real-time. Develop use cases and correlation rules in SIEM and other detection platforms. Create automated processes to improve detection efficiency and reduce response times. Security Monitoring & Optimization : Continuously monitor and tune rules to reduce false positives by improving rule fidelity and ensuring actionable alerts. Stay updated with emerging threat landscapes to enhance detection capabilities. Incident Support : Collaborate with Incident Response (IR) and Threat Hunting teams to provide context and insights during investigations. Participate in post-incident reviews to refine detection strategies based on lessons learned. Collaboration & Reporting : Work with Cyber Threat Intelligence (CTI) teams to integrate threat intelligence into detection mechanisms. Document and present detection engineering activities, findings, and recommendations to stakeholders. About You/Qualifications: Bachelors degree in Cybersecurity, Computer Science, or related field (or equivalent experience). 4+ years of experience in threat detection, incident response or related roles. Demonstrates a deep subject matter expertise with threat detection, response, and mitigation Capable of identifying detection opportunities sourced from threat data Exhibits an understanding of concepts such as Pyramid of Pain, MITRE ATT&CK, and other organizing frameworks Hands-on experience with security tools such as SIEM (Splunk, ElasticSearch, Zeek, SIGMA, Suricata and YARA technologies) Host based detection experience leveraging Sysmon, CrowdStrike Falcon, etc. Cloud based detection within GCP and AWS Proficiency in scripting and automation (Python, PowerShell, etc.) Deep knowledge of network protocols, operating systems, and attack techniques. Excellent problem-solving and communication skills. Stays current with new technologies via formal training and self-directed education Why Join Us Be part of a forward-thinking world class cybersecurity team. Opportunities for professional growth and continuous learning. Useful Links- Life at Target- https://india.target.com/ Benefits- https://india.target.com/life-at-target/workplace/benefits Culture- https://india.target.com/life-at-target/diversity-and-inclusion

Role & responsibilities Incident Management: Lead the end-to-end incident response lifecycle, including detection, analysis, containment, eradication, and recovery. Threat Investigation: Analyze and investigate a variety of attack vectors, such as: Identity attacks include credential abuse, privilege escalation, and MFA bypass. Web Attacks: SQL injection, cross-site scripting (XSS), remote code execution. Network Attacks: DDoS, lateral movement, traffic manipulation. Cloud Threats: IAM misconfigurations, exposed services, container security vulnerabilities. Collaboration & Coordination: Work closely with SOC analysts, threat intelligence teams, forensics, and engineering groups during and after security incidents. Root Cause Analysis: Conduct comprehensive investigations to determine the root cause of incidents and provide actionable remediation recommendations. Process Improvement & Documentation: Document all incident response procedures and lessons learned. Contribute to the continuous improvement of our detection and response capabilities. Proactive Security Measures: Participate in threat hunting and purple team exercises to enhance overall security preparedness. Preferred candidate profile A minimum of 5 years of hands-on experience in cybersecurity incident response or security operations. Proven expertise in investigating and mitigating incidents across one or more areas: identity, web, network, or cloud. Proficiency with SIEM, EDR, and SOAR tools (e.g., Splunk, Sentinel, CrowdStrike). Experience in hybrid or cloud-first environments (AWS, Azure, or GCP). Strong understanding of frameworks and methodologies such as MITRE ATT&CK, the cyber kill chain, and threat modeling. Excellent written and verbal communication skills, with the ability to document and convey technical details clearly to both technical and non-technical stakeholders.

Immediate Openings on SIEM Engineer _Contract_Pan India Notice Period :Immediate. Type : Contract Key Accountabilities Building, maintaining, and operating Splunk Enterprise and Splunk Enterprise Security SaaS Solution Building Co-relation searches for Cyber Operation requirements Evaluating and analysing business requirements and designing suitable solutions, challenging requirements where necessary Managing, co-ordinating and implementing technical project activities and enhancements to services Conducting Incident/ Problem/ Recovery activities Supporting the Joint Operations Centre and incident response teams for detected security events. Creating and maintaining accurate and high-quality documentation Supporting Operational effectiveness audit Structure phased deliverables to link long term vision with time-boxed activities. Support the project delivery phase including testing and training, to ensure the agreed business solutions are delivered successfully. Work closely with developers and testers, to ensure delivery of the functionality on time and with quality. Stakeholder Management and Leadership Negotiate and solicit engagement and support at all levels of the organisation, particularly where support is low or challenging. Communicate clearly and regularly. Typically faces off to AVP VP level stakeholders. Considers the impact of their actions and decisions on key stakeholders, seeking to deliver a positive outcome for those involved. Decision-making and Problem Solving Apply evaluative judgement and analytical skills to operate effectively within a complex and changing environment. Understand the requirements and perspectives of stakeholders and integrate into their understanding of complex situations. Demonstrates a broad understanding of how the bank operates and the metrics used to measure performance Analyses problems and evaluates options in a logical and systematic way. Seeks the advice of stakeholders to better create clarity in complex situations, understand problems, evaluate options and make decisions What were looking for: Knowledge of Splunk Enterprise architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment servers) , knowledge of Splunk Cloud Knowledge of Splunk Enterprise Security at administration and use case level Knowledge on on-boarding new data into Splunk, Splunk Forwarders - data ingestion, extraction. Knowledge of the Common Information Model, data models, enrichment, and automation Good experience on Splunk add-Ons installation configuration to bring security logs into Splunk. Good understanding of the Security Domain. Documentation skills in order to provide high quality documentation for internal customers and technical teams.

B2 Role L1/ L2 Support resource ( 2 years experience in DLP) Daily Summary Report with list of activities to be shared on daily. Configure Client tasks Purge events on frequent basis Help Desk Support Support in Troubleshooting during Agent installation Providing VPN evidences Support user in installation or uninstallation of Agents Support in resolving Agent Communication issues Support in Agent Upgrade Generate and share MIS reports with end user Troubleshooting Policy related issues Whitelisting of IPs, PF IDs Sharing of granular details of Infringements. Provide Root cause analysis documents

To be part of a global security operations center and be responsible for - proactively identify threats and vulnerabilities; implement industry best practices; participate in the review and resolution of opportunities from both internal and external IT security audits; provide recommendations to the overall IT security posture of the organization; and participate in the creation of IT security awareness communications to the organization that adhere to corporate safety and security regulations Responsibilities: Investigate and provide proper incident response to security alerts. Identify new security use cases and create required detection rules in the system. Work with the customer to gather requirements, propose use cases and build them in Splunk. Perform administration activities in Splunk including integration of log sources, creation of queries for security use cases, dashboards, troubleshoot issues. Assist and train team members on how to investigate and respond to various security threats. Manage and support wide range of security technologies including SIEM, EDR, Vulnerability Scanners, Identity and Access Management, Data Loss Prevention, and Cloud Security. Participate in security solution design and security consultation. Work with the customer point of contacts for any escalated incidents, security remediation. Create required dashboards and provide reports. Actively participate in customer meetings and give presentations. Job Bachelor's degree in Computer Science, Information Security, or an equivalent degree. 4+ years of working experience in Information Security. Vast experience in Splunk Enterprise and Enterprise Security. Have experience in integration of log sources, defining use cases, creation of new correlation rules, creation of dashboards, implementing best practices in Splunk environment. Good understanding of security threats and mitigation strategies. Have in-depth knowledge on how to investigate and respond to various security alerts, and can able to create incident response procedures for same. Certification in any of the following is a plusSplunk Certified Admin/Architect, CEH. Demonstrated excellent response to critical incidents and security threats in the past. Excellent analytical, presentation, customer service and facilitation skills. Ready to work in 24x7 Security operations.

Senior Site Reliability Engineer Site Reliability Engineers at UKG are critical team members that have a breadth of knowledge encompassing all aspects of service delivery. They develop software solutions to enhance, harden and support our service delivery processes. This can include building and managing CI/CD deployment pipelines, automated testing, capacity planning, performance analysis, monitoring, alerting, chaos engineering and auto remediation. Site Reliability Engineers must be passionate about learning and evolving with current technology trends. They strive to innovate and are relentless in pursuing a flawless customer experience. They have an "automate everything" mindset, helping us bring value to our customers by deploying services with incredible speed, consistency, and availability. Job Responsibilities Engage in and improve the lifecycle of services from conception to EOL, including system designconsulting, and capacity planning Define and implement standards and best practices related toSystem Architecture, Service delivery, metrics and the automation of operational tasks Support services, product & engineering teams by providing common tooling and frameworks to deliver increased availability and improved incident response Improve system performance, application delivery and efficiency through automation, process refinement, postmortem reviews, and in-depth configuration analysis Collaborate closely with engineering professionals within the organization to deliver reliable services Increase operational efficiency, effectiveness, and quality of services by treating operational challenges as a software engineering problem (reduce toil) Guide junior team members and serve as a champion for Site Reliability Engineering Actively participate in incident response, including on-call responsibilities Required Qualifications Engineering degree, or a related technical discipline, or equivalent work experience Experience coding in higher-level languages (e.g., Python, JavaScript, C++, or Java) Knowledge of Cloud based applications & Containerization Technologies Demonstrated understanding of best practices in metric generation and collection, log aggregation pipelines, time-series databases, and distributed tracing Demonstrable fundamentals in 2 of the followingComputer Science, Cloud architecture, Security, or Network Design fundamentals Demonstrable fundamentals in 2 of the followingComputer Science, Cloud architecture, Security, or Network Design fundamentals (Experience, Education, Certification, License and Training) Must have at least 3 years of hands-on experience working in Engineering or Cloud Minimum 2 years' experience with public cloud platforms (e.g. GCP, AWS, Azure) Minimum 2 years' Experience in configuration and maintenance of applications and/or systems infrastructure for large scale customer facing company Who We Are Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our U Krewers are an extraordinary group of talented, innovative, and collaborative individuals who care about more than just work. We strive to create a culture of belonging and an employee experience filled with meaningful recognition and best-in-class rewards and benefits. UKG has 14,000 employees around the globe and is known for its inclusive and supportive workplace culture. Ready to join the U Krewukg.com/careers

Say hello to possibilities. Its not everyday that you consider starting a new career. We’re RingCentral, and we’re happy that someone as talented as you is considering this role. First, a little about us, we’re the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. We’re a $2 billion company that’s growing at 30+% annually. Job Type: Full-Time Department: Security This is a great opportunity to work at a rapidly growing, market leading Unified Communications as-a-service company. RingCentral provides Voice-over-IP (VoIP), hosted PBX, voicemail, SMS, e-fax, and HD video meeting solutions for business. About this role: As a SOC Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentral’s global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel. Successful Candidates will: Have proven skills in application security, security monitoring, incident response and intrusion analysis Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills Demonstrated track record of quality processes in candidate’s work history Be strongly self-motivated with an aptitude for both individual and team-oriented work Have experience following and refining standard operating procedures and playbooks Responsibilities: Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment Engage teams within and outside of RingCentral to mitigate and resolve cases Maintain relevant documentation and audit artifacts Identify and track suspicious system activity Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems This role participates in on-call rotations Qualifications / Requirements: 3+ years in a security engineering, SRE, or SOC roles in a cloud services environment Experience with SIEM Experience investigating security incidents Basic knowledge AWS or GCP Experience with IDS, case management, and related tools and practices Experience with Linux, RedHat preferred Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc. Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP) Preferred Skills/Experience: Any combination of the following certifications: GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) GNFA (GIAC Certified Network Forensic Analyst) GCFE (GIAC Forensic Examiner) GASF (GIAC Advanced Smartphone Forensics) GICA GCTI (GIAC Certified Cyber Threat Intelligence) GPEN (GIAC Certified Pentester) GWAPT (GIAC Certified Web Application Pentester) GPYC (GIAC Certified Python Coder) OSCP (Offensive Security Certified Pentester) Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events Strong knowledge of Microsoft Windows Experience automating security tasks, including scripting, programming and/or SecDevOps Experience working with global teams

Roles and Responsibilities : Monitor and analyze security event logs from SIEM tools to identify potential threats and incidents. Develop and maintain incident response plans, procedures, and playbooks to respond to security breaches. Collaborate with cross-functional teams to investigate and resolve security incidents in a timely manner. Conduct regular audits of SIEM systems to ensure compliance with regulatory requirements. Job Requirements : 7-10 years of experience in IT services & consulting industry. Strong understanding of SOC (Security Operations Center) operations and processes. Proficiency in managing SIEM tools such as [insert specific tool names]. Experience with incident response planning, management, and execution.

: Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What well offer you , 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How well support you . . . . About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Essential knowledge• Have over 10+ years of rich experience in information security domain and at least 6-8 years of dedicated experience in Security Incident Response.• Hands on experience in implementing and operationalizing SIEM/SOAR tools such as Sentinel, ArcSight etc.• Experience in defining and reporting KPIs for Security Incident response.• Familiarity with advanced SOC monitoring technologies, risk, threat and security measures.• Knowledge across the SOC domains including governance, control frameworks, policies, compliance management, risk management and incident response etc.• Comprehensive knowledge of regulatory and compliance requirements and how they influence the bank's Information Security strategy.• Preferably worked in BFSI domain with proven experience in SOC function.• Strong understanding of key security standards and regulations such as NIST 800-61, CERT/CC, PCI, ISO 27035 etc.Skills and Application• Leads the development and implementation of comprehensive Security Governance strategies that address identified risks and compliance requirements, incorporating advanced technologies and methodologies to enhance security posture.• Deep understanding of Security Incident response frameworks and their application in creating robust policies.• Automate potential resilient security processes to ensure continuous compliance with security best practices.• Maintaining up-to-date knowledge of security trends, threats, and countermeasures• Assess and design security posture determination processes, tools and methodologies• Reviewing and approving use cases/playbooks for SIEM/SOAR tools• Continuously monitor security hygiene and performance using tools and processes• Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilienceOther• Knowledge of evolving advanced tech stacks and related control and risk universe from a SOC perspective.• Knowledge and expertise in conducting risk assessment and management.• The ideal candidate will have a technical or computer science degree.Professional certifications: GCIH, CISSP, CEH, FOR608, CISM etc.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Security Incident Response. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Security Incident Response. Experience5-8 Years.

Diverse Lynx is looking for Splunk Developer to join our dynamic team and embark on a rewarding career journey A Splunk Developer is responsible for designing, implementing, and maintaining Splunk-based solutions to collect, analyze, and visualize machine-generated data for various operational and security purposes They work closely with stakeholders to understand data requirements, develop data ingestion processes, create dashboards and reports, and automate data analysis workflows Splunk Developers also collaborate with cross-functional teams to ensure optimal performance, scalability, and security of Splunk deployments Key Responsibilities:Collaborate with stakeholders to understand data requirements, use cases, and objectives for Splunk deployments Design and implement data ingestion processes, including data collection, parsing, normalization, and indexing in Splunk Develop custom Splunk queries, search strings, and data models to extract meaningful insights from machine-generated data Create interactive dashboards, reports, and visualizations using Splunk's search processing language (SPL) and visualization tools Implement and maintain Splunk apps, add-ons, and configurations to support specific use cases or data sources Automate data analysis workflows and alerting mechanisms to identify and respond to critical events and anomalies Optimize Splunk deployments for performance, scalability, and search efficiency Monitor and troubleshoot Splunk infrastructure and resolve issues related to data ingestion, search performance, and system availability Collaborate with security and operations teams to develop and implement Splunk-based security monitoring, log analysis, and incident response solutions Ensure data privacy and security by implementing access controls, data encryption, and compliance with relevant regulations Stay updated with Splunk product releases, new features, and best practices to recommend and implement improvements in Splunk deployments Provide training and support to end-users on utilizing Splunk for data analysis and visualization

Hi, Job Location : Guwahati Qualifications BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. Security certifications like CEH or equivalent preferred. Experience and Skillset Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. Proficient in Incident Management and Response. Basic knowledge of Windows and Unix environments. Knowledge of OSI Model, TCP/IP Protocols, network security. Knowledge about other security tools like Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities Responsible for working in a 24x7 Security Operation center (SOC) environment. Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. Monitor various dash boards from different security solutions on shift basis. Work with the engineering team for Sensor and SIEM rules fine-tuning. Prepare various management reports from SIEM and other security solutions. Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. If youre interested for Guwahati location please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email Id : ashwini.chakor@ril.com

Requirements: Bachelors degree in Computer Science, Information Technology, or a related field. Strong technical knowledge in areas such as Threat Intelligence, DDOS, Security Monitoring, and SIEM tools. Hands-on experience in vulnerability management, patching (OS & applications), and remediation practices. Proficiency in TCP/IP, networking concepts, and security technologies (e.g., firewalls, proxies, antivirus, IDPS). Experience with event correlation, incident response, and malware/threat analysis. Strong scripting skills and ability to automate security processes. Excellent communication skills and ability to work collaboratively in high-pressure situations. Preferences: Master’s degree in Information Systems or a related field. SIEM, Networking/Router, or Vulnerability Management Tool certifications/training. Exposure to data center or cloud security environments (certifications are a plus). Experience in penetration testing and security assessments. Familiarity with implementing and managing VPNs, secure gateways, and encrypted communications. Proven ability to conduct security research and recommend effective enhancements. Demonstrated passion for cybersecurity and a strong drive to stay updated with industry trends.

LTIMindtree Hiring for Azure Sentinel L2/L3 SOC Analyst for Hyderabad Location- Notice period-immediate to 15 days. Exp-5 to 8 yrs. Location- Hyderabad Skill Combination: Minimum 6 yrs in security domain, and at least 3 yrs as L2/L3 if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview (YES/NO)- Job Description- Develop and maintain playbooks runbooks and incident response procedures Collaborate with threat intelligence teams to enrich alerts and improve detection capabilities Conduct post incident reviews and root cause analysis Mentor and train L1 and L2 SOC analysts Recommend and implement improvements to SOC tools processes and detection rules Stay current with emerging threats vulnerabilities and security technologies The expectations from the graders would be To evaluate the tasks that are being fed into the agent for their real world applicability To evaluate the agent output to come up with a ground truth and rate the agent output in a predefined rubric based on the inputs pr-ovided by us To have very deep SOC analyst experience and insights This also includes any other skills needed to evaluate the agent output The ability to scale to around min 2030 evaluations per day per grader based on the complexity of the task Core Technical Skills SIEM Tools eg Splunk QRadar Microsoft Sentinel Endpoint Detection and Response EDR eg CrowdStrike SentinelOne Firewall and IDSIPS eg Palo Alto Snort Suricata Log Analysis and Packet Capture Analysis eg Wireshark Threat Intelligence Platforms eg MISP Recorded Future Incident Response and Forensics Scripting Automation Python PowerShell Bash Operating Systems Windows Linux macOS Networking Fundamentals TCPIP DNS HTTP VPNs

Core Responsibilities Assist with technical control design, implementation and monitoring, support incident responses and assist with providing root cause analysis support for incidents. Monitor for attacks, intrusions, and un-usual, unauthorised or illegal activities when the Security Analysts are finding the instance challenging. Keep an eye on the alerts from systems including SEIM solutions and vulnerability monitoring services and check if the Analysts are able to handle the flow appropriately, if not then jump in and investigate if there are any abnormality in the inflow. Monitor identity and access management, including monitoring for abuse of permissions by authorised systems users if the stats are fluctuating or when you see a spike in the alerts. Assist with Information Security Reporting and metrics, providing input into improving information security reporting and metrics. Identify/recommend improvements on internal investigation capabilities via tool and process building/automation. Provide support to recovering from security breaches; participate in investigation and remediation of security incidents, which may include working as part of a team Assist in perform deep-dive incident analysis, determining if critical systems or data sets has been impacted. Assist with the definition and configuration of compliance policies for security technologies. Conduct research on emerging threats in support of security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases. Support the incident response of minor incidents by advising on remediation actions, escalating major incidents to the designated parties. Recording lessons learnt whilst supporting on improving existing processes and procedures. Providing support of new analytic methods for detecting threats. Continuously seeking to identify potential service and process improvements. Participate in the implementation of technologies and platforms supporting the corporate infrastructure. Ensure that you fully understand and comply with the organisation’s Risk Management Policies as they relate to your area of responsibility. Ensure that you fully understand and comply with the organisation’s Data Governance Policies as they relate to your area of responsibility. Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations. Monitoring technical controls that are in place Addressing quires raised by the Security Analysts during investigation or other BAU. Assist Security Analysts in decision making and help in setting up standards. Will be responsible to suggest new fine tunings in the environment to the vendor or to the technical counterparts. Process review and upgradation recommendation when required. Setting up simplified and effective steps in BAU that in turn improves the quality of the work Implementation of new process based on business requirements and communicating the same with the team Team building and team management activities will be one of the key responsibility.

Note : Working hours 6:30 pm to 3:30 am IST . Freelancing/ Contractual Role Key Responsibilities: Kubernetes Administration: Manage cluster lifecycle (health, upgrades, autoscaling, certs, resource tuning). Application Runtime Support: Monitor app deployments, ensure uptime, manage namespaces/configs. DigitalOcean Cloud Operations: Administer compute, networking, DNS, firewalls, backups; respond to system alerts. Redis Cache Management: Tune performance, manage availability/scaling, and respond to cache-related issues. MySQL Cluster Management: Administer clusters, replication, schema management, access controls, patching. Infrastructure as Code (IaC): Maintain infrastructure in Terraform, apply GitOps or CI/CD workflows, manage PR reviews. Security & Compliance Oversight: Manage IAM/RBAC, enforce patching/updates, detect drift/misconfigurations. Incident Response: Rapid response to service disruptions, RCA documentation, and resolution ownership. Reporting & Advisory: Produce monthly reports with key metrics, events, and optimization recommendations.

Role & responsibilities The Cybersecurity Incident Management and Response Team is responsible for effectively and efficiently managing all information and cybersecurity incidents across the Group on a 24x7 basis. This function is structured into two primary missions: Incident Management: Coordinating and orchestrating the global technical response to cybersecurity incidents, and ensuring timely, effective communication to Global Business and Functional stakeholders, Senior Executive Leadership, and relevant regulatory bodies. Incident Response: Conducting technical and forensic investigations arising from threat intelligence, security testing, and user-reported incidents. The goal is to effectively contain, mitigate, and remediate both active and potential attacks. Key Responsibilities: Lead and perform technical and forensic investigations into global cybersecurity events, ensuring timely threat identification and mitigation. Conduct post-incident reviews to assess the effectiveness of controls and response capabilities; drive improvements where necessary. Deliver forensic services including evidence collection, processing, preservation, analysis, and presentation. Stay updated on emerging technology trends and cybersecurity best practices to provide guidance to business and IT functions. Collaborate with Global Cybersecurity Operations (GCO) and business teams to develop and maintain effective incident response playbooks. Contribute to the creation and enhancement of detection mechanisms (use cases) and security automation workflows. Define and refine detailed processes and procedures for managing cybersecurity events. Enhance technical capabilities of security platforms and incident response tools. Support the development of the teams capabilities, including training and mentoring junior team members. Promote a culture of transparency and continuous improvement by identifying and addressing weaknesses in people, processes, and technology. Drive self-improvement and maintain subject matter expertise in cybersecurity. Engage with global stakeholders to improve cybersecurity awareness and communicate the impact of cybersecurity initiatives. Generate and present management information and incident reports tailored for various audiences, supported by data and expert analysis. Required Skills & Competencies: Strong understanding of cybersecurity incident management and investigation techniques. Hands-on experience with IDS/IPS systems, TCP/IP protocols, and common attack vectors. Ability to independently analyze complex problems and determine root causes. Effective communication skills with the ability to convey technical issues clearly to both technical and non-technical audiences. Sound decision-making abilities under pressure, with a focus on risk mitigation and operational resilience. Strong collaboration and stakeholder engagement skills across diverse teams. High level of integrity, urgency, and personal accountability. Demonstrated ethical conduct and commitment to organizational values. Knowledge of cybersecurity principles, global financial services, compliance requirements, and regulatory standards. Familiarity with industry frameworks and standards such as OWASP, ISO 27001/27002, PCI DSS, GLBA, FFIEC, CIS, and NIST. Experience in responding to advanced threats, including offensive security knowledge or experience with deception technologies (honeypots, tripwires, honey tokens, etc.). Preferred Technical Skills: Cybersecurity Incident Management Intrusion Detection/Prevention Systems (IDS/IPS) TCP/IP Protocols and Network Analysis Forensics Tools and Techniques Security Automation & Orchestration Platforms Threat Intelligence Integration SIEM Tools (e.g., Splunk, QRadar, etc.) Skills Incident response,Forensic

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: As a leading technology innovator, Qualcomm pushes the boundaries of what's possible to enable next-generation experiences and drives digital transformation to help create a smarter, connected future for all. As a Qualcomm Software Engineer, you will design, develop, create, modify, and validate embedded and cloud edge software, applications, and/or specialized utility programs that launch cutting-edge, world class products that meet and exceed customer needs. Qualcomm Software Engineers collaborate with systems, hardware, architecture, test engineers, and other teams to design system-level software solutions and obtain information on performance requirements and interfaces. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field. 1-2 years of relevant experience. Additional Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Feature development for Android and Linux/Ubuntu based Snapdragon products. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelor's degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience (3-6 years) with C/C++ and good programming skills. Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Good understanding of Linux kernel and internals. Good understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams.

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Work closely with Product Marketng team to understand new platforms, and requirements, Evaluate feature requirements, come up with resource planning, lead a small team on engineers with varied skills Feature development for Android and Linux/Ubuntu based Snapdragon products. Support platform bringups across various SoCs, co-ordianate with cross functional teams on identifying and fix the issues Work with customer engineering team to support customer esclated issues which are platform specific Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelors/Masters degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience with C/C++ and good programming skills. Experience scoping new requirements, working with cross functional teams, assigning works and managing teams Strong communication skills and analytics skills Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Strong understanding of Linux kernel and internals. Strong understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 8+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 7+ years of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 6+ years of Software Engineering or related work experience. 4+ years of work experience with Programming Language such as C, C++, Java, Python, etc.

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Work closely with Product Marketng team to understand new platforms, and requirements, Evaluate feature requirements, come up with resource planning, lead a small team on engineers with varied skills Feature development for Android and Linux/Ubuntu based Snapdragon products. Support platform bringups across various SoCs, co-ordianate with cross functional teams on identifying and fix the issues Work with customer engineering team to support customer esclated issues which are platform specific Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelors/Masters degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience with C/C++ and good programming skills. Experience scoping new requirements, working with cross functional teams, assigning works and managing teams Strong communication skills and analytics skills Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Strong understanding of Linux kernel and internals. Strong understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 4+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 3+ years of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. 2+ years of work experience with Programming Language such as C, C++, Java, Python, etc.

Role & responsibilities 1. Security Risk Assessment & Auditing Conduct security audits and assessments to identify vulnerabilities. Perform penetration testing and ethical hacking to simulate cyberattacks. Evaluate compliance with regulations like ISO 27001, NIST, GDPR, HIPAA, SOC 2 . 2. Security Strategy & Policy Development Develop and implement cybersecurity policies, procedures, and frameworks . Advise organizations on best practices for risk management, data protection, and incident response . Assist in aligning security strategies with business objectives and compliance mandates . 3. Threat Management & Incident Response Help organizations develop incident response plans (IRP) . Conduct forensic investigations in the event of security breaches. Provide real-time threat intelligence and recommend proactive security measures. 4. Implementation of Security Solutions Recommend and deploy firewalls, SIEM, IDS/IPS, endpoint security, and cloud security tools . Guide organizations on zero-trust architecture, identity access management (IAM), and encryption . Assist in setting up secure cloud environments (AWS, Azure etc..) . 5. Security Awareness & Training Conduct cybersecurity training sessions for employees and executives. Educate teams on social engineering attacks (phishing, BEC, ransomware defense) . Preferred candidate profile Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, CISM or CISA Knowledge of common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT