465 Incident Response Jobs

Your role Monitor network security events and take action per security policy. Analyze incidents, raise tickets, and assign to resolver teams. Perform health checks of security tools and vulnerability assessments. Create and review daily/weekly/monthly dashboards and reports. Act as escalation point for L1/L2 analysts and backup for SOC Manager. Develop and fine-tune SIEM use cases. Participate in Change Control Board and infrastructure design reviews. Coordinate and implement security-related changes in line with policies. Identify and remediate rogue, unpatched, or unauthorized systems. Support incident response, maintain logs, and assist in investigations. Your profile SIEM ToolsIBM QRadar, ArcSight, RSA Envision, Nitro Security with 4 to 9 years of experience Vulnerability ManagementNessus, Qualys Guard Malware Protection & Anti-Spam Web Filtering, Content Filtering PKI, Forensic Analysis Work location Pan India and preferred location is Bengaluru What Youll Love About Working Here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Experience: 10+ years Summary :We are seeking a highly skilled and proactive SOC Lead to manage and mature our 24x7 Security Operations Center. This role involves leading a team of 15 analysts (L1L3), supporting multiple customer environments, and driving operational excellence in threat detection, incident response, and SOC process improvement. The ideal candidate will have deep technical expertise in SIEM and EDR tools, strong leadership capabilities, and excellent communication skills. Key Responsibilities: Lead and manage a team of 15-20 SOC analysts (L1, L2, L3) across multiple customer environments.Act as the primary Incident Responder for critical security incidents.Conduct Root Cause Analysis (RCA) and develop Corrective and Preventive Actions (CAPA).Mentor and train junior/fresher SOC analysts to prepare them for advanced roles.Support and co-lead SIEM migration projects in collaboration with SIEM Engineers.Configure and fine-tune SIEM rules and use cases for enhanced threat detection.Integrate and troubleshoot log sources across diverse platforms and environments.Generate and present SOC KPIs and metrics to internal stakeholders and customers.Lead technical tabletop exercises with internal teams and customer stakeholders.Support SOC maturity assessments and contribute to continuous improvement initiatives.Maintain and enhance SOC documentation, playbooks, and standard operating procedures.Collaborate with threat intelligence, vulnerability management, and engineering teams. Required Skills Experience: 10+ years of experience in cybersecurity, with at least 4 years in a SOC leadership role.Proven experience managing multi-tenant or MSSP environments. Hands-on expertise with: SIEMs: QRoC, Sumo Logic, Splunk, Palo Alto SIEMEDR Tools: CrowdStrike, SentinelOneStrong knowledge of: SIEM rule creation and use case developmentLog source onboarding, integration, and troubleshootingIncident response lifecycle and threat detection methodologiesExcellent communication and writing skills; ability to present to customers and executives.Experience in producing and interpreting SOC metrics and dashboards.Familiarity with frameworks such as MITRE ATTCK, NIST, and SANS. Preferred Qualifications:Bachelors degree in computer science, Information Security, or related field.Industry certifications such as CISSP, CISM, GCIA, GCIH, CEH, or equivalent. Experience with scripting (Python, PowerShell) for automation and enrichment. Exposure to cloud security monitoring (AWS, Azure, GCP). Work Environment: Require on-call availability and rotational shifts.

Overview The Information Security Engineer will provide technical support and execution on a range of critical security products, serve as a point of contact for all security product deployment, configuration, upgrades, related events, serve as a mentor to IT staff, automate and work to help standardize and improve processes and procedures. Responsibilities Works in support of the Senior Information Security Engineer enhancing the security direction for the organization including systems, networks, user services, and vendor development efforts Installs, configures, manages, and maintains mission-critical enterprise applications such as endpoint, software delivery, patching, log management and other technical controls. Provides technical support for day-to-day security operations, change management and business continuity programs. Troubleshoots security systems and related issues. Assists with complex projects and assumes ongoing support of security operations Conduct network and system tests via simulation or other means to highlight and find any weaknesses that may be exploited Design, implement, support, and evaluate security-focused tools and services including project leadership roles Design, implement, support, and evaluate vulnerably management tools and services Provide security tool integration and automation support Assists in defining security requirements and review of systems to determine if they have been designed to comply with established security standards. Develop new standards as necessary. Design and develop automation scripts and integrations using Python or PowerShell to monitor the health of endpoint security tools and remediate coverage issues proactively. Utilize REST APIs and JSON to automate, integrate, and enrich data across security tools for real-time monitoring and incident response. Apply AI/ML models to use cases that support automated remediation of health and coverage issues in endpoint security tooling Participate in security compliance efforts (e.g., PCI DSS, SOX) Participate in incident handling Other related duties to support the information security function Qualifications Six or more years of experience in the design and implementation of Endpoint Security products such as CrowdStrike, Symantec Endpoint Protection (SEP), and Microsoft Defender for Endpoint Demonstrated effectiveness working across multiple business units to achieve results Significant technical expertise in two or more of the following areas Cloud Security Endpoint security Data Security SIEM

As a seasoned Technology Leader specializing in Cybersecurity, you will be responsible for developing and executing a comprehensive technology roadmap for both Operational Technology (OT) and Information Technology (IT) cybersecurity solutions. Your role will involve aligning technology initiatives with business goals, industry standards, and market opportunities. You will lead the design and management of enterprise-grade cybersecurity platforms such as Splunk, QRadar, and similar systems, ensuring seamless integration across diverse OT and IT environments. Innovation is at the core of this role, where you will drive the design and development of advanced cybersecurity platforms and tools including Security Information and Event Management (SIEM), Extended Detection and Response (XDR), next-gen firewalls, and secure networking solutions. Your focus will be on addressing the unique challenges of OT/IT environments, encompassing threat detection, incident response, and compliance. You will define technology strategies for cybersecurity solutions, emphasizing scalability, efficiency, and future-readiness to support high-performance security operations globally. Building partnerships and collaborations will be key, as you foster relationships with technology providers, Original Equipment Manufacturers (OEMs), and other stakeholders to enhance the company's offerings. You will ensure seamless interoperability and integration of solutions across various platforms and ecosystems. Your role will also involve establishing and maintaining technology standards and best practices for OT/IT cybersecurity, along with monitoring and managing the adoption of emerging technologies to maintain a competitive edge and address evolving threats. Providing technical oversight for cybersecurity frameworks to ensure the protection of critical infrastructure will be crucial. Collaboration with delivery and operations teams will be essential to implement cutting-edge security measures effectively. To excel in this role, you should hold a Bachelor's or Master's degree in Engineering, Technology, or a related field, coupled with over 15 years of experience in technology leadership roles, particularly focusing on cybersecurity solutions. Expertise in platform development, such as Splunk, QRadar, and industrial control systems, is required. Strong leadership skills, innovative thinking, and a strategic mindset are essential to drive success in this dynamic and challenging environment.,

Chubb is a world leader in insurance, operating in 54 countries and territories and offering a wide range of commercial and personal insurance products. Chubb is known for its extensive product portfolio, strong financial position, and global presence. The parent company, Chubb Limited, is listed on the New York Stock Exchange and is part of the S&P 500 index. With approximately 40,000 employees worldwide, Chubb is committed to providing exceptional service to a diverse group of clients. More information about Chubb can be found at www.chubb.com. Chubb Engineering Centers (CECx) is dedicated to digital transformation and engineering excellence. As a Great Place to Work for the third consecutive year, CECx fosters a culture of innovation, collaboration, and growth. With a global team of over 3500 professionals, CECx encourages a start-up mindset to drive solutions in engineering, analytics, and automation. Position Details: - Job Title: SRE, Automation Leader - Function/Department: Technology - Location: Hyderabad / Bangalore - Employment Type: Full-time Role Overview: We are looking for a skilled SRE, Automation Leader to join our team. In this role, you will be responsible for ensuring the reliability, performance, and scalability of our applications in a production environment. Collaborating with development, operations, and product teams, you will design and implement robust application support strategies, troubleshoot complex issues, and enhance system performance. Key Responsibilities: Pilot SRE adoption in traditional application support teams by studying existing application architecture, defining critical user journeys, establishing SLOs and SLIs, managing error budgets, and prioritizing automation and process improvements. Provide coaching and mentoring to production support teams to adopt SRE practices. Ensure system uptime and reliability by delivering regional targets, proactively monitoring risks, guiding system architecture, and tracking Critical User Journeys. Implement observability tools, develop automation of operational tasks, and eliminate manual intervention through efficient tools and processes. Skills and Qualifications: - 15+ years of hands-on experience as an SRE in an application support team - Strong technical background in software development, SDLC best practices, and agile methodology - Proficiency in implementing SRE concepts, application architecture analysis, monitoring tools, automation skills, incident response, collaboration, coaching, Agile methodologies, and continuous improvement mindset Why Chubb Join Chubb to be part of a leading global insurance company with a focus on employee experience, underwriting excellence, and a culture of greatness. Enjoy a start-up-like culture that emphasizes speed, agility, and ownership. Benefit from growth opportunities, continuous learning, and a supportive work environment. Employee Benefits: Chubb offers a comprehensive benefits package including savings and investment plans, upskilling and career growth opportunities, and health and welfare benefits. Employees enjoy flexible work options, generous paid time off, health coverage, and continuous learning opportunities. Join Us: Join Chubb India's journey to shape the future and make a difference. If you value integrity, innovation, and inclusion, and are ready to contribute to a global insurance leader, we invite you to be part of Chubb.,

As a highly skilled Azure Security Analyst at Global Power Components, your primary responsibility will be to safeguard our Azure cloud infrastructure. You will be required to monitor and analyze security events, detect anomalies, respond to threats in real-time, and generate detailed incident reports with mitigation recommendations. Additionally, you will continuously monitor Azure cloud environments using advanced security tools and dashboards. Your role will also involve conducting regular security audits and risk assessments of Azure-based systems to identify vulnerabilities and implement corrective measures. You will be responsible for developing, implementing, and enforcing Azure-specific security policies and best practices, as well as leading the investigation and remediation of security incidents within Azure services. Establishing and maintaining an incident response plan for Azure workloads will also be part of your responsibilities. To excel in this role, you should stay updated on the latest Azure security tools, features, and threats and evaluate enhancements to the organization's Azure security architecture. Furthermore, conducting security awareness training for employees on Azure-specific risks and preventive measures will be crucial. The qualifications required for this position include a Bachelor's degree in Computer Science, Information Technology, or a related field, along with at least 2 years of experience in Azure security, cloud security, or a related field. A strong understanding of Azure Active Directory (Azure AD), Azure Security Center, and Azure Sentinel is essential, along with experience in identity and access management, including role-based access control (RBAC), and familiarity with vulnerability scanning tools and network security protocols. Global Power Components is an Equal Opportunity Employer and encourages applications from minorities, women, veterans, and individuals with disabilities.,

As a Senior Network Security Consultant at Black Box, you will utilize your expertise in Enterprise Network Security technologies to ensure the security and integrity of network systems. Your primary responsibilities will include managing and maintaining critical security infrastructure, firewall administration for Fortinet, Cisco FTD, and Palo Alto firewalls, overseeing SASE technologies such as Zscaler, Prisma, and Umbrella, as well as policy configuration and incident response. Your role will involve modifying and validating security policies based on business requirements, proactively identifying and resolving security issues, providing technical support for security enhancements, and participating in on-call support rotations to address critical incidents. Additionally, you will leverage automation tools to optimize security operations and scalability. To excel in this position, you should possess strong hands-on experience with network security solutions, in-depth knowledge of firewalls, VPNs, IPS/IDS, and SASE technologies, proficiency in managing security policies and troubleshooting incidents, familiarity with automated security processes, and the ability to provide technical support in a 24x7 environment. Joining Black Box will offer you the opportunity to work with cutting-edge network security technologies, be part of a team that values security excellence and continuous improvement, and access career growth and professional development prospects in a globally recognized organization.,

As a DevOps Engineer, you will be responsible for defining and implementing DevOps strategies that are in line with the business objectives. You will lead cross-functional teams to enhance collaboration among development, QA, and operations departments. Your role will involve designing, implementing, and managing Continuous Integration/Continuous Deployment (CI/CD) pipelines to automate build, test, and deployment processes, thus expediting release cycles. Furthermore, you will be tasked with implementing and overseeing Infrastructure as Code using tools such as Terraform, CloudFormation, Ansible, etc. Managing cloud platforms like AWS, Azure, or Google Cloud will also be a part of your responsibilities. It will be crucial for you to monitor and address security risks within CI/CD pipelines and infrastructure. Setting up observability tools like Prometheus, Grafana, Splunk, Datadog, etc., and implementing proactive alerting and incident response processes will be essential. In this role, you will take the lead in incident response and root cause analysis (RCA) activities. You will also play a key role in documenting DevOps processes, best practices, and system architectures. Additionally, you will be involved in evaluating and incorporating new DevOps tools and technologies. A significant aspect of your role will involve fostering a culture of continuous learning and sharing knowledge among team members.,

Dezerv is a house of investing solutions for high net worth and affluent Indians, co-founded by Sandeep Jethwani, Vaibhav Porwal, and Sahil Contractor. With a successful track record of managing over USD 7 billion in assets, the Dezerv team brings together decades of investing expertise from leading global financial institutions like JP Morgan, UBS, BNP Paribas, among others. Trusted by clients with over 12000+ crs of assets, Dezerv is backed by marque firms such as Premji Invest, Accel, Elevation, and Matrix. We are looking for a highly motivated Infrastructure Security Lead to join our team, based preferably in Bangalore. Reporting directly to the Chief Information Security Officer (CISO), you will be responsible for securing our network, systems, and cloud environments, particularly AWS. As the focal point for infrastructure security matters, your role will involve designing and implementing a comprehensive vulnerability management program, ensuring regulatory and compliance standards are met, and embedding security into our core operations. Key Responsibilities: - **Vulnerability Management:** Design, implement, and manage the end-to-end vulnerability management program, including executing network and infrastructure vulnerability scans, prioritizing findings, and collaborating with technology teams for timely remediation. - **Cloud Infrastructure Security (AWS):** Act as the subject matter expert for securing our cloud infrastructure, implementing and maintaining security best practices for cloud networking, IAM, data protection, and logging and monitoring. - **CNAPP & Cloud Compliance:** Take ownership of our Cloud Native Application Protection Platform (CNAPP) solution, monitoring cloud security posture and protecting cloud workloads to ensure continuous compliance. - **Network Security:** Design, implement, and manage network security controls like firewalls, IDS/IPS, WAF, and network segmentation to protect against internal and external threats. - **Regulatory & External Audits:** Lead infrastructure-related aspects of internal and external audits, such as ISO 27001, SOC 2, and PCI DSS, and ensure effective implementation and documentation of controls. - **Change & Patch Management Compliance:** Oversee technology teams" change and patch management processes, reviewing changes for security impact and ensuring critical patches are deployed in compliance with requirements and SLAs. - **Security Architecture & Hardening:** Develop and maintain secure configuration baselines and hardening standards for operating systems, network devices, and cloud services, reviewing new infrastructure designs for potential security risks. - **Incident Response:** Provide expertise in infrastructure forensics and containment, serving as a key technical resource in the security incident response process. Required Skills and Experience: - **Experience:** 5 to 7 years in an infrastructure or cloud security role. - **Individual Contributor Mindset:** Highly motivated, proactive, and independent with the ability to drive security initiatives without direct supervision. - **Hands-on Vulnerability Management:** Experience with vulnerability scanning tools and building/run a vulnerability management program. - **Cloud Security Expertise (AWS Preferred):** Practical knowledge of securing cloud environments, particularly AWS, and experience with AWS security services. - **CNAPP Knowledge:** Understanding of CNAPP concepts and tools for cloud compliance and security. - **Network Security:** Proficiency in network protocols, firewalls, VPNs, routing, switching, and network segmentation. - **Audit & Compliance:** Participation in infrastructure-focused security audits and interaction with external auditors. - **Patch & Change Management:** Understanding of ITIL-based patch and change management processes. - **Certifications:** Professional security certifications like CompTIA Security+, CCSP, AWS Certified Security - Specialty, or CISSP are desirable.,

As a Cyber Security Specialist, you will play a critical role in safeguarding our organization's digital assets, focusing on Cyber Threat Intelligence Services to identify and mitigate potential threats. Your expertise in Cyber Security and Cloud, along with experience in CrowdStrike, will be essential in ensuring the security of our systems. This hybrid role offers flexibility in working remotely and on-site during day shifts. You will lead the development and implementation of advanced cyber threat intelligence strategies to protect organizational assets, overseeing the monitoring and analysis of security threats using CrowdStrike and other advanced tools. Providing expert guidance on cloud security best practices, you will collaborate with cross-functional teams to design and implement robust security architectures. Your responsibilities will include conducting regular security assessments and audits, developing and maintaining incident response plans, coordinating with external partners to enhance threat intelligence capabilities, and implementing security policies and procedures to comply with industry standards and regulations. You will also analyze security incidents, provide detailed reports to senior management, train and mentor junior security team members, and stay updated with the latest cyber security trends and technologies. To qualify for this role, you must possess a deep understanding of cyber threat intelligence services and their application in a corporate environment, demonstrate proficiency in using CrowdStrike for threat detection and response, exhibit strong knowledge of cloud security principles and practices, and have a proven track record of conducting security assessments and audits. Additionally, you should show experience in developing and implementing incident response plans, display excellent communication skills for effective collaboration with cross-functional teams, and hold a relevant degree in Cyber Security, Information Technology, or a related field. Certifications Required: - Certified Information Systems Security Professional (CISSP) - Certified Cloud Security Professional (CCSP),

As a Senior Associate Information Security Analyst at NTT DATA, you will play a crucial role in designing and implementing security systems to safeguard the organization's computer networks from cyber-attacks and ensuring compliance with industry standards. Your responsibilities will include monitoring security alerts, investigating potential threats, installing security software, and documenting any security issues or breaches found. You will be actively involved in implementing and monitoring security controls such as firewalls, intrusion detection systems, and access controls. Conducting regular vulnerability assessments, analyzing scan results, and assisting in prioritizing and remediating identified vulnerabilities will be part of your daily tasks. Additionally, you will support the incident response team in investigating security incidents, documenting findings, and participating in remediation efforts. Your role will also involve installing security measures, operating software to protect systems and information infrastructure, documenting security breaches, and assessing the damage they cause. You will collaborate with the security team to perform tests, uncover network vulnerabilities, and maintain a high-security standard by fixing detected vulnerabilities. Furthermore, you will contribute to security awareness initiatives by creating training materials, conducting workshops, and educating employees about best security practices. Staying abreast of information technology trends and security standards, researching security enhancements, and making recommendations to management will also be part of your responsibilities. Key Requirements: - Bachelor's degree or equivalent in information security, cybersecurity, computer science, or related field. - Security certifications such as CompTIA Security+, CISSP, or CISM are advantageous. - Moderate level of demonstrated experience in information security or cybersecurity. - Proficiency in network penetration testing, security assessment, and vulnerability scanning tools. - Familiarity with security frameworks, standards, and regulations. Attributes: - Strong communication skills to convey technical information effectively. - Analytical thinking and problem-solving skills to prevent network hacking. - Ability to identify, evaluate, and mitigate potential risks. - Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. - Proficiency with MAC and OS. - Basic understanding of network and system architecture, security controls, and protocols. NTT DATA is a trusted global innovator in business and technology services, committed to helping clients innovate, optimize, and transform for long-term success. As a Senior Associate Information Security Analyst, you will be part of a diverse and inclusive workplace that fosters growth, belonging, and collaboration. Join us in making a difference and pushing the boundaries of what is possible in the world of information security.,

The Industrial Security Guard is responsible for maintaining a safe and secure environment for employees, visitors, and property within an industrial facility. This role involves monitoring security systems, patrolling premises, controlling access, and responding to emergencies to ensure safety and compliance with company policies and legal regulations. Regularly patrol the premises to ensure the safety of employees, visitors, and equipment. Monitor and report on potential security breaches or hazards. Observe areas such as loading docks, entrances, warehouses, and other sensitive locations. Screen and verify employee and visitor identification at access points. Monitor and control the entry and exit of personnel, vehicles, and deliveries. Issue and retrieve visitor passes as required. Operate and monitor surveillance systems (CCTV) for unusual activities. Ensure that security equipment is functioning properly and report any malfunctions. Respond quickly and appropriately to security incidents, alarms, or disturbances. Investigate suspicious activities and report incidents to supervisors or law enforcement when necessary. Assist in evacuations or other emergency procedures if needed. Maintain logs of daily activities, including inspections, incidents, and irregularities. Write detailed reports for any security breaches, accidents, or security-related incidents. Ensure that all security policies and procedures are adhered to, including emergency protocols. Identify and report safety hazards, such as equipment malfunctions or unsafe work conditions. Conduct routine safety checks to ensure that fire exits, alarms, and emergency equipment are functional. Provide a professional, approachable presence to staff, visitors, and contractors. Answer questions, direct visitors, and offer assistance in a courteous manner. Work in collaboration with other security staff, facility managers, and law enforcement when required. Participate in training sessions and drills to ensure readiness for emergency situations. Required Skills and Qualifications: - High school diploma or equivalent. - Previous experience in industrial security, law enforcement, or military is preferred. - Basic knowledge of security systems, surveillance equipment, and access control technology. - Ability to write clear and concise reports. - Strong observational skills and attention to detail. - Good physical condition and ability to stand or walk for extended periods. - Excellent communication and interpersonal skills. - Ability to remain calm and focused in stressful situations. - Ability to work independently or as part of a team. Physical Requirements: - Ability to lift up to 30 pounds (e.g., equipment, barriers). - Ability to patrol large areas and remain on foot for long periods of time. - Must be able to sit, stand, or walk for extended periods. - Ability to work in varying environmental conditions (e.g., heat, cold, rain). Preferred Qualifications: - Certification in industrial security or law enforcement training. - First Aid/CPR certified. - Familiarity with industrial safety standards and regulations. Work Schedule: - The position may require flexible hours, including nights, weekends, and holidays. - Rotating shifts may be required depending on the size and needs of the facility. Compensation: - Salary or hourly rate based on experience and location. - Benefits package may include health insurance, retirement plans, and paid time off. Benefits: - Food provided - Health insurance - Provident Fund Schedule: - Day shift Work Location: In person,

As an Operational Technology (OT) Cybersecurity Leader at Agratas, you will play a crucial role in ensuring the security and resilience of our organization's operational technology systems. With a minimum of 8 years of experience in the OT security domain, you will be responsible for securing industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, and other critical infrastructure. Your deep understanding of OT cybersecurity principles and strong leadership skills will be essential in securing OT environments. Your key responsibilities will include developing and implementing an OT cybersecurity strategy aligned with business objectives and regulatory requirements in India and the UK. You will define policies, procedures, and standards for securing OT systems and infrastructure, conduct risk assessments to identify vulnerabilities and threats, and implement risk management strategies to mitigate risks effectively. Designing and deploying security controls and monitoring solutions to protect OT systems from cyber threats, as well as developing incident response plans and procedures specific to OT environments will be part of your role. You will also be responsible for raising awareness of OT cybersecurity risks among stakeholders, providing training on security policies and controls, and ensuring compliance with regulatory requirements and industry standards. Managing relationships with vendors and third-party providers, conducting security assessments, and collaborating with OT engineers to integrate security controls into systems are critical aspects of the role. Your extensive experience in OT cybersecurity, knowledge of OT protocols and technologies, and strong analytical skills will be invaluable in identifying and mitigating OT security risks effectively. Ideally, you will hold a Bachelor's degree in Information Security, Computer Science, or a related field, along with relevant certifications such as GICSP, CISSP, or ISA/IEC 62443. Your role at Agratas will involve working collaboratively with cross-functional teams and OT personnel to ensure the security and resilience of our operational technology systems.,

Join us as a Resilience Technology and Cyber Quality Assurance Support at Barclays, responsible for supporting the successful delivery of Location Strategy projects to plan, budget, agreed quality and governance standards. You'll spearhead the evolution of our digital landscape, driving innovation and excellence. You will harness cutting-edge technology to revolutionise our digital offerings, ensuring unparalleled customer experiences. To be successful as a Resilience Technology and Cyber Quality Assurance Support, you should have experience with strong problem-solving skills, the ability to structure ambiguous problems into actionable tasks related to testing, and mobilize diverse teams to achieve desired outcomes. Understanding of various Technology and Cyber Testing controls and proven ability to align Post Test Reports with regulatory expectations and resilience framework is crucial. You should have experience in Testing Support and Execution, with proven experience in resilience testing, business continuity, disaster recovery, or operational risk management, including supported resilience testing for critical services and experience in writing post-exercise reports. Communication skills are essential in this role, including the ability to convey complex ideas clearly and concisely. You should possess excellent verbal and written communication skills, with the ability to clearly convey complex information to diverse audiences. A strong eye for details is necessary, with the ability to identify inconsistencies, errors, or missing information and communicate necessary corrections effectively. Strong analytical and problem-solving skills are also required, with the ability to analyze Quality Assurance outcomes, identify gaps, and provide actionable insights for improvements. Experience in conducting trend analysis, implementing process efficiency solutions, and reducing errors will be beneficial. Effective communication and stakeholder collaboration are key aspects of this role, requiring strong interpersonal skills to liaise with VP test leads, senior executives, and technical teams. You should have experience in facilitating stakeholder engagement and examples of cross-functional alignment or collaboration. This role is based in Pune. Purpose of the role: To develop, implement, and maintain an effective resilience strategy and Operational Recovery Planning and Incident Management framework aligned to industry-leading standards and controls and regulatory expectations, to enable the bank to respond and recover important business services to severe but plausible scenarios, and minimize the impact on customers, clients, colleagues, and the wider market. Accountabilities: - Socialization and implementation of the resilience strategy and underpinning framework across the firm, ensuring compliance to the standard and controls. - Development and enhancement of the resilience, crisis, and incident management framework to uplift recovery and response capabilities. - Operational Recovery Planning and Security Incident Management planning standards and controls enhancement. - Provide oversight to the business and technology recovery capability improvements. - Communication of the firm's/business resilience position through clear and transparent scorecards/dashboards. - Enhancement of resilience, crisis management, and incident response and recovery capability through regular testing coverage. - Assurance that services and products are built resiliently by the business through the change management process. - Continually remain abreast of resilience and crisis and incident management developments. - Mitigation of the impact of unexpected incidents by identifying, responding to, and enabling the resolution of events. - Execution of responses to reported incidents and potential threats. - Documentation and analysis of past prioritized incident details, steps to resolution, and lessons learned. As an Assistant Vice President, you are expected to advise and influence decision-making, contribute to policy development, and take responsibility for operational effectiveness. You will lead a team performing complex tasks, set objectives, coach employees, and collaborate closely with other functions/business divisions. Regardless of your specific role, you will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship, as well as the Barclays Mindset to Empower, Challenge, and Drive.,

Embark on a journey of success by joining our team at Anant Raj. As a prominent leader in the industry, we are committed to visionary leadership and unwavering dedication. Working with us means accessing a platform abundant with growth opportunities and resources to propel your career to new heights. At Anant Raj, we prioritize and celebrate exceptional, diligent performances while fostering an environment of compassion, diversity, and creative independence. Our work culture is deeply rooted in traditional values that have been instrumental in driving success and fostering innovation across all levels of the organization. We are dedicated to ensuring that every member of our team feels valued, cherished, and admired. Together, we create a vibrant and dynamic place to work. We are currently seeking a Network Consultant to join our team in Gurugram. The ideal candidate should hold a Masters degree in Computer Science, Engineering, or a related field, coupled with over 10 years of experience in Cloud-based Services such as IaaS, PaaS, SaaS, and XaaS. Key skills for this role include Cloud Solution Design, Routing & Switching, Performance Optimization, Capacity Planning, Security & Compliance, Automation & Scripting (Python, IaC), Incident Response, VMware NSX, and familiarity with Public Cloud platforms like AWS, GCP, and Azure. If you are passionate about leveraging your expertise in Cloud-based Services and are looking to be part of a supportive and innovative team, we encourage you to apply for the Network Consultant position at Anant Raj. Join us in shaping the future of technology and driving excellence in the industry.,

Come and join a 10-year-old, Fastest Growing, IT Managed Services. We have open positions at various levels throughout the organization. About TeamLogic IT Assist Were a 100-person, $22M managed services provider operating across PA, NJ, NC and FL. Our culture is built on Empathy, Transparency, and Data-Driven Decision-Making, and our mission is simple: Make fans of clients, coworkers, and vendors. For three years running we’ve been named a Best Place to Work in PA, and we maintain a 98% CSAT and 89 NPS. Our Motto is simple yet powerful: MAKE FANS OUT OF OUR CLIENTS MAKE FANS OUT OF OUR VENDORS MAKE FANS OUT OF EACH OTHER We pride ourselves in creating a family-oriented culture and creating a career path for every employee. We invest all our energy in making sure that you achieve your career goals. We are proud of our Glassdoor Review of 5.0 of employee testimonials. Check it out yourself - TeamLogic IT Reviews in Newtown | Glassdoor Company Website: https://www.teamlogicit.com/ Job Title: Associate Security Specialist Location: India Department: Security Operations Reports To: Director of Technology Employment Type: [Full-time] Overview: The Associate Security Specialist will act as the first defense on our Security Operations team (SecOps). This role will be responsible for monitoring security tools, triaging alerts, and managing low-severity incidents. This role is crucial in detecting threats early and resolving them before they escalate into critical breaches. Key Responsibilities: Monitor security alerts and events from various security tools and systems. Perform initial triage and analysis of security incidents to determine their severity and impact. Perform response activities for routine security incidents. Interact and gather information and recommended actions from partner MDR and SOC teams. Escalate high-severity incidents to Senior Security Specialists or Security Advisors as needed. Follow published SecOps policies and procedures Conduct basic troubleshooting and remediation of security incidents. Maintain detailed and accurate documentation of security incidents and actions taken. Assist in the implementation and maintenance of security policies, procedures, and controls. Onboard services and tools for core security products. Collaborate with other team members to improve security monitoring and incident response processes. Prepare and distribute standard internal and customer reports. Stay up to date with the latest security trends, threats, and technologies. Position Requirements: Education: An associate degree in computer science, information technology, cybersecurity, or a related field. Alternatively, 2 or more years of professional experience in an equivalent position. Technical Skills: Basic understanding of cybersecurity principles, threats, and vulnerabilities. Familiarity with security tools and technologies such as firewalls, antivirus software, EDR/MDR, SOC/SIEM, and intrusion detection/prevention systems (IDS/IPS). Good grasp of networking concepts Additional Skills: Excellent customer service and communication skills, with a strong focus on customer satisfaction. Ability to work independently and manage a flexible schedule. Strong documentation skills to record activities and solutions thoroughly and accurately. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work in a fast-paced and dynamic environment. Willingness to work rotational shifts, including nights and weekends. Preferred Qualifications: Relevant certifications such as CompTIA Security+ or equivalent. Physical Requirements: None Work Environment: This is a fully remote role Application Process: Interested candidates should submit their resume and a cover letter detailing relevant experience and qualifications. ________________________________________ TeamLogic IT is committed to creating a diverse environment and is proud to be an equal opportunity employer. We do not discriminate based on race, color, religion, national origin, age, sex, disability, genetic information, veteran status, sexual orientation, gender identity, or any other status protected under applicable federal, state, or local laws. We encourage all qualified candidates to apply and join our inclusive and welcoming team.

As a Security Managed Services Engineer (L1) at NTT DATA, your primary responsibility will be to provide a managed service to clients, ensuring the operational functionality of their Firewall infrastructure. You will proactively identify, investigate, and route incidents to the correct resolver group to maintain zero missed service level agreement (SLA) conditions. This role focuses on first-line support for standard and low complexity incidents and service requests, aiming to contribute to project work as required. Your key responsibilities will include assessing the existing endpoint security infrastructure, deploying EDR agents on endpoints and critical systems, configuring EDR agents to collect and analyze security events, monitoring endpoints for suspicious activities, using behavioral analysis and machine learning to detect advanced threats, generating real-time alerts for potential security incidents, enabling endpoint forensics capabilities, integrating with vulnerability management systems, rolling out patches or upgrades, alerting and remediating endpoints with outdated software configurations, providing real-time alerts for anomalies, ensuring compatibility with other security systems, correlating network anomalies with potential threats, delivering reports as per client requirements, and re-deploying agents when there is a change in infrastructure or operating systems. To excel in this role, you should have a minimum of 3 years of experience in EDR and Trend Micro, possess a Bachelor's degree or equivalent qualification in IT/Computing, hold a CEH certification, and have entry-level experience in troubleshooting and providing support in security/network/data center/systems/storage administration and monitoring services within a medium to large ICT organization. Additionally, you should have a basic knowledge of management agents, redundancy concepts, and products within the supported technical domain, as well as a working knowledge of ITIL processes. Your attributes should include the ability to communicate and work across different cultures, plan activities well in advance, maintain a positive outlook at work, work well in a pressurized environment, apply active listening techniques, adapt to changing circumstances, and prioritize client satisfaction throughout interactions. As an Equal Opportunity Employer, NTT DATA offers an on-site working environment where you can contribute to pushing the boundaries of technical excellence and leading innovations, making a positive impact on clients and society. Join us to grow, belong, and thrive as part of a diverse and inclusive workplace committed to long-term success through innovation and transformation.,

Job Description: As a Data Privacy Manager at Wipro Limited, you will be responsible for ensuring compliance with data privacy laws across various regions, including GDPR in Europe, DPDP in India, CCPA in California, and other international mandates. Your role will involve protecting Personally Identifiable Information (PII) and Sensitive Personal Information (SPI) through the implementation of a robust framework that mitigates risks and enhances the organization's security posture. You will oversee the organization's efforts in safeguarding sensitive data, ensuring compliance with data privacy regulations, and aligning with industry best practices. This pivotal role plays a crucial part in building and maintaining trust with customers, partners, and employees by safeguarding personal and confidential information. Key Responsibilities: - Monitor and ensure adherence to data protection regulations such as GDPR, DPDP (India), CCPA, HIPAA, or other applicable laws. - Develop, maintain, and update data privacy policies, procedures, and guidelines to align with legal requirements and industry best practices. - Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs) to identify and mitigate potential risks associated with data processing activities. - Stay informed about changes in data privacy laws and provide guidance to the organization accordingly. - Conduct regular audits and risk assessments to identify areas of improvement. - Lead initiatives to promote a culture of data privacy and protection within the organization. - Collaborate with cross-functional teams to ensure data privacy compliance across all departments. - Develop strategies for data governance and align them with organizational goals. - Ensure privacy is integrated into the design and development of new products and services. - Manage data breach incidents, including investigation, remediation, and reporting. - Organize training sessions to educate employees on data privacy standards and practices. - Oversee the privacy practices of third-party vendors and ensure compliance with data protection standards. Educational Requirements: A bachelor's degree or higher in fields like Law, Information Technology, Computer Science, or a similar field is preferred. Technical Skills: - Familiarity with data security concepts such as encryption, data masking, anonymization, and pseudonymization. - Knowledge of IT systems and data management. Soft Skills: - Collaboration with various teams across the organization. - Attention to detail when dealing with sensitive data and regulatory compliance. - Leadership and organizational skills in overseeing privacy program implementation. - Ethical mindset in handling sensitive information responsibly and upholding privacy rights. Join our team as a Data Privacy Manager at Wipro and contribute to protecting the data that drives our organization and fosters trust with our stakeholders. Your expertise will be instrumental in navigating the complexities of data privacy and security in a constantly evolving digital landscape.,

As an Experienced Systems Administrator, you will have a strong foundation in Linux, infrastructure management, and incident response. You will be skilled in monitoring, troubleshooting, and maintaining reliable systems across virtualized and cloud-based environments. Your main responsibilities will include collaborating with the operations team to manage escalations and oversee incident management. You will also be expected to implement strategies and solutions to enhance daily operations, focusing on system stability, security, and scalability. You will drive real-time monitoring of system performance and capacity, addressing alerts promptly to optimize systems. Leading troubleshooting efforts, you will coordinate responses to network and system issues. Your role will involve conducting and overseeing server, application, and network equipment setup and maintenance. Additionally, you will ensure effective outage notification and escalation for prompt resolution. Furthermore, mentoring and training team members on technical skills and troubleshooting methods will be a key part of your responsibilities. You will also be responsible for maintaining up-to-date documentation of processes and procedures in the WIKI. Key Skills: - Minimum 4 years of experience in Linux system administration. - Proficiency in datacenter technologies and cloud platforms such as AWS/GCP. - Experience in application deployment using tools like Git and StackStorm. - Strong troubleshooting skills across networks and systems, including familiarity with network protocols (TCP/IP, UDP, ICMP) and tools like TCPdump. - Advanced diagnostic skills in network performance and system capacity monitoring. - Proficiency in Linux command-line operations. - Analytical skills with the ability to interpret and act on data effectively. - Ability to prioritize and escalate issues efficiently. - Adaptability to shift work and capacity for multitasking in high-pressure scenarios. - Excellent leadership, communication, and interpersonal skills. - Bachelor's degree in Computer Science, Engineering (BE/B.Tech), MCA, or M.Sc. Desired Skills: - Basic experience with Configuration Management tools like Ansible, SaltStack, or StackStorm. - Basic experience with CI/CD tools like Jenkins. - Experience with monitoring tools such as Nagios, Sensu, Zabbix. - Basic experience with Log Analytics tools like Splunk, Elasticsearch, Sumo Logic, Prometheus, or Grafana. - Knowledge of Virtualization technologies like VMware, KVM. - Strong fundamentals in Linux, troubleshooting, and networking. - Knowledge of Containerization technologies like Kubernetes, Rancher. - Experience with Cloud Providers such as AWS or GCP. - Advanced knowledge of Networking concepts including BGP, F5 Load Balancer, and switching protocols. - Relevant certifications like RHCSA, CCNA, or equivalent. (hirist.tech),

SIEM tools to identify potential threats;VAPT tools, Incident Handling, Forensic Analysis;CEH CSA;CySA+;CISA;incidents and breaches; operating systems, network devices, and security devices.Familiarity with Security Information and Event Management

Your Role and Responsibilities* * Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Professional and Technical Expertise* * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience Preferred Professional and Technical Expertise * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-5 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Job description We are seeking a motivated and detail-oriented Cybersecurity Intern to join our security team. You will assist in monitoring, analyzing, and improving the security posture of our systems and networks. This internship is an excellent opportunity to gain real-world experience in threat detection, security tools, and incident response in a professional environment. Qualification Any Degree/Diploma/+2 Key Responsibilities Assist in monitoring network activity for suspicious behavior or unauthorized access.

Key Skills: Cybersecurity, Incident Response, SIEM, SOAR, MDR, Threat Hunting, Python, Bash, SQL, AWS, Azure, GCP, MITRE ATT&CK, Splunk, QRadar, CrowdStrike, Microsoft Defender, Palo Alto, Datadog. Roles & Responsibilities: Investigate security incidents related to network traffic, IAM violations, and unauthorized access. Analyze security detection rules, alerts, and correlation logic to identify malicious activities. Conduct threat hunting activities to proactively identify potential threats within the environment. Participate in incident response efforts, including containment, eradication, and recovery. Collaborate with the software development & SRE teams. Onboard customers and guide them through integration with MDR platforms. Ensure customer satisfaction and provide strategic security recommendations. This is a fully onsite role that requires high availability and proactive engagement. On-call/rotational work required. Experience Requirement: 3-8 years of experience in cybersecurity operations and advanced threat detection. Experience with SIEM platforms, Security orchestration platforms (SOAR), or specialized MDR providers such as Splunk, QRadar, CrowdStrike Falcon, Datadog, SentinelOne, Microsoft Defender, Palo Alto Cortex XDR, Panther, etc. Experience with threat hunting methodologies. Experience with databases and SQL. Scripting experience with Python and Bash. Ability to work in a team and in a 24/7 environment. Good written and verbal communication skills. MITRE ATT&CK framework knowledge is a plus. Cybersecurity certifications are a plus. Education: Any Graduation.

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 6+ years of experience in a Security Operations Center (SOC) or similar security role. Relevant certifications preferred such as: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Strong understanding of networking protocols and technologies, vulnerability assessment, and incident response procedures. Experience with SIEM tools (e.g., Splunk, ArcSight, or similar). Familiarity with compliance frameworks (e.g., ISO 27001, NIST, GDPR). Strong analytical and problem-solving skills. Excellent verbal and written communication skills.