565 Incident Response Jobs - Page 16

AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation. AtAHEAD, we prioritize creating a culture of belonging,where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD. We are an equal opportunity employer,anddo not discriminatebased onan individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, maritalstatus,or any other protected characteristic under applicable law, whether actual or perceived. SOC Analysts at AHEAD monitor customer environments and perform Incident Detection, Validation, and Incident Reporting. SOC Analysts are the frontline of SOC and are customer-facing representatives. SOC Analysts are responsible for triaging events, incidents, and reporting validated incidents to the customer for incident response. Incumbents will possess strong technical and analytical skills while providing accurate analysis of security related problems. They have a well-rounded networking background and are responsible for performing troubleshooting of customer issues. This individual is user focused and works to resolve client needs in a timely manner. These needs may involve resolving hardware/software failures, investigating, and responding to security threats, and making change request to the security policy of company devices. The SOC Analystis expected to monitor security feeds streaming from client servers, network devices, and end user workstations, operate and maintain network security equipmentat client locations. The Analystis expected to be familiar with a wide range of security tools and understand basic security fundamentals. TheAnalystwill perform information security event analysis and must possess knowledge of operating systems, TCP/IP networking, network attacks, attack signatures, defense countermeasures, vulnerability management, and log analysis. Roles & Responsibilities: Monitor and analyze network traffic and alerts Investigate intrusion attempts and perform in-depth analysis of exploits Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident Conduct proactive threat research Review security events that are populated in a Security Information and Event Management (SIEM) system Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility Data mining of log sources to uncover and investigate anomalous activity, along with related items of interest Independently follow procedures to contain, analyze, and eradicate malicious activity Document all activities during an incident and provide leadership with status updates during the life cycle of the incident Incident management, response, and reporting Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client Track trends, statistics, and key figures for each assigned client Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions Reporting Incident reports Security status reports Client-facing security meetings Position : Incident handling/response experience Working knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles Understanding ofanda strong desire to learn common security technologies (IDS, Firewall, SIEM, etc.) The ability to think creatively to find elegant solutions to complex problems Excellent verbal and written communication skills The desire to work both independently and collaboratively with a larger team A willingness to be challenged along with a strong appetite for learning 8-10years of experience in Information Security, Incident Response, etc. (or related field) Hands-on experience with common security technologies (IDS, Firewall, SIEM, etc.) Knowledge of common security analysis tools & techniques Understanding of common security threats, attack vectors, vulnerabilities and exploits Knowledge of regular expressions Education: BachelorsDegree in Computer Science, Information Security or related/equivalent educational or work experience One or more of the following certificationsCISSP, GCIA, Security+, CEH, ACSE

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. Cloud Senior Information Security Engineer (Subject Matter Expert) - GL28 Position Overview The Cloud Senior Information Security Engineer (Subject Matter Expert) is responsible for architecting, building, supporting, and enhancing the organization's public cloud security strategy. This role serves as a critical partner between the Enterprise Security Risk Organization (ESRO) and the Enterprise Technology Infrastructure and Platform Services (ETIPS) to ensure robust and effective cloud security measures. Primary Responsibilities Security StrategyCollaborate with ESRO and ETIPS to develop and implement a comprehensive public cloud security strategy Security ArchitectureDesign and maintain secure cloud architectures, ensuring compliance with industry standards and best practices Risk ManagementIdentify, assess, and mitigate security risks associated with public cloud environments Incident ResponseLead incident response efforts for cloud security breaches, including investigation, containment, and remediation ComplianceEnsure compliance with relevant regulations and standards specific to public cloud environments Security MonitoringImplement and manage security monitoring tools to detect and respond to threats in real-time CollaborationPartner with ESRO and ETIPS teams to integrate security measures into cloud services and applications Policy DevelopmentDevelop and enforce security policies and procedures specific to public cloud environments Audit and AssessmentConduct regular security audits and assessments to ensure the effectiveness of security measures Vulnerability ManagementTest and identify network and system vulnerabilities, developing strategies to mitigate them DocumentationPrepare and document standard operating procedures and protocols for security operations Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Experience in conducting security audits and assessments Public Cloud Security ExperienceDemonstrated experience with public cloud security in AWS, Azure, or both Proven experience in cloud security strategy and architecture Solid knowledge of risk management and incident response Familiarity with compliance regulations and security monitoring tools Proven excellent collaboration and communication skills, with experience partnering between security and IT organizations Demonstrated ability to conduct training and develop security policies Demonstrated ability to build and maintain relationships with business leaders and stakeholders

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. Cloud Segment Information Security Officer (SISO- GL28) Location - Gurgaon Position Overview: The Cloud Segment Information Security Officer (SISO) is responsible for overseeing and implementing security measures to protect the organization's cloud-based data and infrastructure. This role involves developing cloud-specific security strategies, managing risks, ensuring compliance, and leading incident response efforts. A key aspect of this role is fostering strong relationships and partnerships with business leaders and stakeholders to ensure security measures align with business objectives. Primary Responsibilities: Cloud Security StrategyDevelop and implement security strategies tailored to the cloud segment to ensure the protection of cloud-based data and infrastructure Risk ManagementIdentify, assess, and mitigate security risks associated with cloud operations and technologies Incident ResponseLead incident response efforts for security breaches within the cloud segment, including investigation, containment, and remediation ComplianceEnsure compliance with relevant cloud-specific regulations and standards CollaborationWork closely with other IT teams and cloud segment leaders to integrate security measures into cloud services and applications Training and AwarenessSupport security training and awareness programs for employees within the cloud segment to promote a security-conscious culture Policy DevelopmentDevelop and enforce security policies and procedures specific to cloud operations Audit and AssessmentSupport security audits and assessments to ensure the effectiveness of security measures within the cloud segment Business PartnershipFoster strong relationships with business leaders and stakeholders to ensure security measures support and enhance business objectives. Collaborate with business units to understand their needs and provide tailored cloud security solutions Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Proven experience in developing and implementing cloud security strategies Experience in leading cloud incident response efforts Experience in conducting cloud security audits and assessments Solid knowledge of cloud risk management and security architecture Familiarity with cloud compliance regulations and security monitoring tools Proven excellent collaboration and communication skills Demonstrated ability to conduct training and develop cloud security policies Demonstrated ability to build and maintain relationships with business leaders and stakeholders

Daily Monitoring and Investigation Monitor DLP alerts across email, endpoint, web, and cloud. Perform triage to determine false positives, true positives, and actual incidents. Document findings and escalate critical violations per SOPs. Incident Response Support Support incident response by providing evidence, logs, and context around DLP policy violations. Coordinate with IT, HR, and Legal teams for user engagement, awareness, and disciplinary action if necessary. Participate in Root Cause Analysis (RCA) for recurring or high-severity incidents. Policy Tuning and Optimization Analyse alert trends and false positive patterns to suggest and implement policy refinements. Work with business and security teams to validate policy changes and test updated rulesets before production deployment. Maintain documentation of policy changes, rationales, and approvals. Lifecycle Management Support onboarding business units, or geographies into DLP coverage. Maintain and update DLP dashboards and reporting structures. Stakeholder Communication Provide regular reports to CISO on DLP violations Interface with Data Owners, Business Units, and Compliance teams for policy alignment and exception management.

TITLE- SOC ANALYST-L3 JOB DESCRIPTION: Responsible for responding to security incidents identified by internal controls or external SOC partners Strictly adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling security incidents and events. Hands-on experience with Security Information and Event Management (SIEM) tools such as Splunk, IBM Q-Radar, Microsoft Sentinel, LogRhythm, or ArcSight. Proficient in Incident Response and automation workflows as it relates to Security Operations. Detects, identifies, and responds to cyber events, and incidents in line with cyber security policies and procedures. Should be capable of independently leading and managing security event investigations with minimal guidance from SOC leadership, while effectively collaborating with other departments as needed Evaluate and update current SOC procedures and runbooks as required or directed. QUALIFICATION REQUIRED: Bachelors degree in computer science, Information Technology, Business or equivalent discipline Minimum 5 years of technical experience in Security Operations Center (SOC) and Information Security required. SIEM certification or Security technology related certification is a plus. Candidate should be willing to work in 24*7*365 shifts Candidate should be able to work from Ares Office located in Mumbai Experience- 5 to 7 years Location-Mumbai (In office) Shift- Rotational shifts Notice- Immediate joiners NOTE- Candidates are expected to attend inperson interview in Mumbai.

Job Title Security Analyst Role and Responsibilities The security Analyst is a member of the CISO Regulatory & Compliance Team and will assist in ensuring the associated business units / accounts comply with applicable Conduent and NIS 2 security standards, regulations, and policies.The Security analyst will be professional, independent, impartial, and fair in all interactions. The security resource is accountable for procedures and processes that ensure the integrity, confidentiality, and availability of assigned Business units\u2019 information, applications, and infrastructure. Resource will perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document, and remediate organization risk, control gaps and vulnerabilities. This position will be responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units. Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to IPS/IDS alerts; change detection (FIM) alerts application firewall alerts; malware alerts rogue wireless network alerts security system health alerts; exploit attempt alerts Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to audits of system security to ensure compliance with Corporate security framework NIS 2, NIST 800-53, ISO 27001/2, PCI-DSS emerging country, state, and Federal privacy laws Primary POC in a vulnerability management program of the account that includes external and internal vulnerability scans of applications and systems external and internal penetration tests of applications and systems documentation and remediation of identified vulnerabilities and exploits routinely monitoring various communication avenues for security vulnerabilities and security patches taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environments making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement Acts as the initial point of contact to facilitate the handling of security audits and client requests Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units Qualifications and Education CIPP, CRISC, CISA, CISSP, CISM, ISO or any security/IT audit certification is a plus. Minimum of Five (3 to 5) Years of experience in IT Security compliance, or Security Auditing is required. Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc. Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls. Knowledge of security technologies, devices, and countermeasures, as well as the threats they are designed to counter. Experience with developing security reports, recommendations, policies, and procedures that are meaningful, defensible, and actionable for a variety of audiences. Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). Experience in PowerPoint, Word, Excel; experience with Visio and MS Project. Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations. Familiarity with security, workflow, and collaboration tools such Nessus Tenable, Splunk, SharePoint and ServiceNow (Snow) is a plus Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally Preferred Skills Creating and Maintaining NIST 800-53-rev5 based SSP and POAM Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks).

- Design, develop & maintain playbooks within Cortex XSOAR - Integrate security tools & threat intelligence sources with XSOAR - Implement & manage security alerts using XSIAM, SIEM & SOAR platforms - Fine-tune & optimize securty automation processes Required Candidate profile Exp. : 6+ yrs CTC : Upto 30 Lacs Location : Remote WFH (1 Opening) / Central Mumbai WFO (2 Open) Comm. Skills - Excellent Strong in Cortex XSOAR along with automation and XSIAM, SOAR, and SIEM tools.

Dear Candidate, We are seeking a Cybersecurity Analyst to detect, investigate, and prevent security threats across digital assets and systems. Key Responsibilities: Monitor and analyze security alerts, logs, and events. Perform threat intelligence, malware analysis, and incident response. Conduct vulnerability assessments and patch management. Support compliance and audit activities (ISO, NIST, GDPR). Educate staff on cybersecurity best practices and awareness. Required Skills & Qualifications: Experience with SIEM tools (Splunk, AlienVault, QRadar). Knowledge of firewalls, IDS/IPS, endpoint protection, and antivirus. Familiarity with scripting for automation and reporting. Strong analytical, investigative, and communication skills. Security certifications preferred (e.g., CompTIA Security+, SOC Analyst, CISSP). Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

WHAT YOULL DO? Daily follow up on all vessels marine related performance and requirements. Monitor and follow daily vessel correspondence and provide feedback/assistance on marine issues. Analyze cargoes of fleet vessels to be loaded and provide proper guidance to Master. Provide any data required for vessel fixtures or any data requested by charterers. Work closely with TSI to improve and follow up on vessel deck maintenance. Ensure that the vessels are prepared for inspection. WHAT YOULL NEED? A minimum of a year experience as a Marine Superintendent onshore or a minimum of 10 years experience at sea with at least a year as a Master. An experience with Bulk vessels. A proven background in the maritime industry. Excellent interpersonal skill WHO YOU ARE? Responsible and diligent team player. Well experienced in a diversified fleet. Well-organized and highly motivated.

Title The Information Security team defends the company’s digital infrastructure by designing, implementing, and improving the company’s cybersecurity architecture. This is a critical role responsible for protecting infrastructure, cloud, edge devices, and data against unauthorized use, modification, exfiltration, or damage. This role identifies threats, manages projects and engineers solutions that impact the entire company. An ideal candidate for this role is technical, dedicated to learning new things, security-minded, strong initiative, and able to manage projects autonomously. Overview Medpace is a full-service clinical research organization (CRO). We provide Phase I-IV clinical development services to the biotechnology, pharmaceutical and medical device industries. Our mission is to accelerate the global development of safe and effective medical therapeutics through its scientific and disciplined approach. We leverage local regulatory and therapeutic expertise across all major areas including oncology, cardiology, metabolic disease, endocrinology, central nervous system, anti-viral and anti-infective. Headquartered in Cincinnati, Ohio, employing more than 5,000 people across 40+ countries. Responsibilities Engineer security solutions without oversight and collaborate with multiple departments; Analyze security systems and seek improvements on a continuous basis; Research vulnerabilities, perform vulnerability scanning, and mitigate threats; Develop security best practices and policies for the organization; Document new processes, cross-train coworkers, and assist employees on security-related matters; Provide security awareness training and testing for employees to verify proper security protocols are being followed; Staying current with cybersecurity knowledge by participating in educational opportunities, reading professional publications, and participating in professional organizations; Performing cyber security incident response, and remediation activities; and Facilitate access reviews of company data and revoke inappropriate/overprovisioned access in order to drive least privilege access. Qualifications Require at least a bachelor’s degree preferably in Information Technology; Require a minimum of at least 2 years of experience in implementing Information Security solutions; Understanding of security best practices and how to implement them at a business-wide level; Experience with managing, configuring, and deploying enterprise-grade security solutions in some of the following: SIEM Privileged Access Management/Identity Access Management/Multifactor Authentication Endpoint Detection & Response Network Access Control Cloud based architecture such as Azure/AWS Active Directory Soft skills including excellent communication skills, critical thinking skills with the ability to solve problems as they arise, and ability to prioritize projects; and Basic scripting skills, such as PowerShell/Python scripting. Nice to have: Experience with vulnerability assessment tools such as Nessus and Tenable; Experience with enterprise web proxy solutions, web filters, and VPN; Experience with email security solutions; Experience with firewall and network architecture; Experience with administrating Windows environment including GPO and servers; Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPAA, GDPR, SOC Type 2, etc; and Auditing and policy-writing experience. People. Purpose. Passion. Make a Difference Tomorrow. Join Us Today. The work we’ve done over the past 30+ years has positively impacted the lives of countless patients and families who face hundreds of diseases across all key therapeutic areas. The work we do today will improve the lives of people living with illness and disease in the future. Medpace Perks Flexible work environment Competitive compensation and benefits package Competitive PTO packages Structured career paths with opportunities for professional growth Company-sponsored employee appreciation events Employee health and wellness initiatives Awards Recognized by Forbes as one of America's Most Successful Midsize Companies in 2021, 2022, 2023 and 2024 Continually recognized with CRO Leadership Awards from Life Science Leader magazine based on expertise, quality, capabilities, reliability, and compatibility What to Expect Next A Medpace team member will review your qualifications and, if interested, you will be contacted with details for next steps.

Job Summary: We are seeking an experienced Cyber Security Trainer to join our team. The ideal candidate will have a solid background in cybersecurity principles and practices, combined with a passion for teaching and helping students understand complex cybersecurity concepts. You will be responsible for delivering high-quality training sessions and supporting students as they develop skills essential to succeed in the cybersecurity field. Key Responsibilities: Deliver engaging and interactive training sessions on cybersecurity topics, including but not limited to network security, threat analysis, malware protection, digital forensic, and ethical hacking. Develop and update course materials, including presentations, handouts, and online resources, to reflect the latest cybersecurity trends and practices. Conduct hands-on labs and exercises to help students gain practical experience with cybersecurity tools and techniques. Assess students' understanding and progress through evaluations, assignments, and feedback sessions. Stay updated with the latest cybersecurity developments and incorporate new knowledge into training programs. Support and mentor students as they navigate their learning journey, answering questions, and providing guidance on cybersecurity career paths. Qualifications: Bachelors degree in Technology (BTech) or a Master’s in Computer Applications (MCA), or a Master's degree in Technology (MTech) 2-3 years of experience in cybersecurity or a related field, with proven knowledge of current cybersecurity threats, tools, and practices. Previous experience in teaching, training, or mentoring is highly desirable. Excellent communication skills, with the ability to simplify complex topics and engage a diverse audience. Strong knowledge of cybersecurity tools and technologies, such as firewalls, intrusion detection systems, SIEM, and vulnerability assessment tools. Preferred Skills: Relevant certifications in cybersecurity, such as CompTIA Security+, CISSP, CEH, or similar. Familiarity with e-learning platforms and digital training tools. Strong problem-solving skills and adaptability to different learning styles. Why Join Us: Opportunity to make a meaningful impact on the next generation of cybersecurity professionals. Collaborative and supportive work environment. Access to continuous learning and professional development opportunities.

What You'll Do Avalara is looking for Detection Engineer to join the Detection and Response Team. The ideal candidate will have a track record in incident response, demonstrating advanced technical expertise and leadership capabilities. Your role will be of an Incident Response Analyst, you will help protect Avalara. This includes detecting, investigating, and mitigating security incidents. You will also be a key contributor in improving our incident response capabilities. You will report to Security leadership at Avalara. This is a remote position. What Your Responsibilities Will Be You will perform incident response activities and workstreams as the Incident Response Senior Analyst. You will monitor security systems, including Intrusion Detection Systems (IDS), Endpoint Detection and Response (EDR) platforms, software firewalls, and Security Information and Event Management (SIEM) platforms. Gather and analyze evidence from affected systems, logs, and network traffic. You will conduct detailed investigations of security incidents to determine the root cause, scope, and impact. Document all aspects of security incidents, including timelines, actions taken, and lessons learned. Perform forensic analysis of compromised systems to identify the techniques and tactics used by attackers, or as directed by Legal. Collaborate with cross-functional teams including Engineering, IT, Security Operations, Legal, HR, and Compliance to manage and mitigate incidents. Strengthen KPIs and metrics for measuring response effectiveness and provide clear and consistent reporting to internal stakeholders. Participate in rotating On Call shifts that utilize a paging system in case a security event requires attention. What You'll Need to be Successful 5+ years experience in Security Incident Response. Experience across the information security domain, including familiarity with endpoint, email, network, cloud security, vulnerability management, incident response, and threat intelligence. Experience with log analysis, network security, digital forensics, and incident response investigations. Ability to script / code using Python or an equivalent language. Bachelor's degree in computer science, information security, or relevant experience. Certifications related to digital forensics and incident response.

Role & responsibilities • Monitor and respond to real-time cyber threats using SIEM tools and threat intelligence platforms. Conduct regular vulnerability assessments and penetration testing. Analyze security incidents and provide detailed incident reports with remediation plans. Oversee firewall, antivirus, and intrusion detection/prevention systems (IDS/IPS). Perform security risk assessments for infrastructure, applications, and cloud environments. Ensure compliance with HIPAA, GDPR, ISO 27001, and other relevant regulations. Develop and enforce information security policies, procedures, and standards. Work closely with the DevOps, Network, and Infrastructure teams to enforce security protocols. • Lead incident response drills and disaster recovery planning. Prepare security metrics and dashboards for internal reviews and audit support. Stay current on evolving cyber threats and emerging security technologies Preferred candidate profile • Bachelor's degree in Computer Science, Information Security, or a related field. • Strong knowledge of threat intelligence, security monitoring tools (e.g., Splunk, IBM QRadar, or similar). Experience in cloud security (AWS/Azure/GCP) and endpoint security. Familiarity with frameworks such as NIST, MITRE ATT&CK, OWASP. Certifications preferred: CISSP, CISM, CEH, or CompTIA Security+. Strong analytical skills and ability to handle security incidents independently. Excellent communication skills and ability to work with cross-functional teams. Nice to Have • Experience working in healthcare or pharmaceutical industries. • Knowledge of data privacy regulations applicable to clinical or health data. • Exposure to machine learning applications in threat detection.

Key Responsibilities: Design solutions ensuring high availability, scalability, and performance. Lead application monitoring, observability, and AIOps practices. Establish testing strategies (automation, performance, security). Drive DevOps, SRE, and incident management best practices. Required Skills: Strong experience with observability stacks (New Relic, Dynatrace, Splunk, etc.). Expertise in performance engineering, quality assurance, and application support. Familiarity with AIOps, SRE, and proactive incident response models. Hands-on knowledge of cloud-native monitoring and CI/CD pipelines. Must have 8+ years of solutions architecure and presales experience Expertise in technical solutions writing and presenting using tools such as Word, PowerPoint, Excel, Visio etc. High level of executive presence to be able to articulate the solutions to CXO level executives.

Req ID: 325298 We are currently seeking a AWS Redshift administrator Engineer to join our team in Bangalore, Karntaka (IN-KA), India (IN). Job Duties: "¢ Administer and maintain scalable cloud environments and applications for data organization. "¢ Understanding business objectives of the company and creating cloud-based solutions to facilitate those objectives. "¢ Implement Infrastructure as Code and deploy code using Terraform, Gitlab "¢ Install and maintain software, services, and application by identifying system requirements. "¢ Hands-on AWS Services and DB and Server troubleshooting experience. "¢ Extensive database experience with RDS, AWS Redshift, MySQL "¢ Maintains environment by identifying system requirements, installing upgrades and monitoring system performance. "¢ Knowledge of day-to-day database operations, deployments, and development "¢ Experienced in Snowflake "¢ Knowledge of SQL and Performance tuning "¢ Knowledge of Linux Shell Scripting or Python "¢ Migrate system from one AWS cloud to another AWS account "¢ Hands-on DB and Server troubleshooting experience "¢ Maintains system performance by performing system monitoring and analysis and performance tuning. "¢ Troubleshooting system hardware, software, and operating and system management systems. "¢ Secures web system by developing system access, monitoring, control, and evaluation. "¢ Testing disaster recovery policies and procedures; completing back-ups; and maintaining documentation. "¢ Upgrades system and services and developing, testing, evaluating, and installing enhancements and new software. "¢ Communicating with internal teams, like EIMO, Operations, and Cloud Architect "¢ Communicate with stakeholders and build applications to meet project needs. Minimum Skills Required: "¢ Bachelor"™s degree in computer science or engineering "¢ Minimum of 7 years of experience in System, platform, and AWS cloud administration "¢ Minimum of 5 to 7 years of Database administration and AWS experience using latest AWS technologies "“ AWS EC2, Redshift, VPC, S3, AWS RDS "¢ Experience with Java, Python, Redshift, MySQL, or equivalent database tools "¢ Experience with Agile software development using JIRA "¢ Experience in multiple OS platforms with strong emphasis on Linux and Windows systems "¢ Experience with OS-level scripting environment such as KSH shell., PowerShell "¢ Experience with version management tools and CICD pipeline "¢ In-depth knowledge of the TCP / IP protocol suite, security architecture, securing and hardening Operating Systems, Networks, Databases and Applications. "¢ Advanced SQL knowledge and experience working with relational databases, query authoring (SQL) , query performance tuning. "¢ Experience supporting and optimizing data pipelines and data sets. "¢ Knowledge of the Incident Response life cycle "¢ AWS solution architect certifications. "¢ Strong written and verbal communication skills.

Overview 170+ Years Strong. Industry Leader. Global Impact. At Pinkerton, the mission is to protect our clients. To do this, we provide enterprise risk management services and programs specifically designed for each client. Pinkerton employees are one of our most important assets and critical to the delivery of world-class solutions. Bonded together, we share a commitment to integrity, vigilance, and excellence. Pinkerton is an inclusive employer who seeks candidates with diverse backgrounds, experiences, and perspectives to join our family of industry subject matter experts. The Senior Security Specialist will be responsible for assessing client security needs, developing customized security strategies, and implementing solutions to mitigate risks. This role requires strong analytical skills, technical expertise, and the ability to communicate effectively with clients Responsibilities Represent Pinkerton’s core values of integrity, vigilance, and excellence. Proven project management expertise with a strong understanding of security design principles. Demonstrated ability to develop and implement standardized security processes and best practices in collaboration with subject matter experts. This includes defining project scope, documentation, metrics, communication strategies, and successful implementation. Excellent time management and prioritization skills to meet client needs and deadlines. Adept at creating clear and concise security documentation, including SOPs, guidelines, presentations and Skilled in creating high-quality reports Strong communication and interpersonal skills. Holds a Project Management Professional (PMP)/CPP certification. 5 to 7 years of relevant experiences. Collaborate with stakeholders to define project scope, objectives, and deliverables. Develop and implement comprehensive security solutions, including physical security design, access control systems, and surveillance technologies. Create and maintain accurate documentation, including project plans, risk assessments, and incident reports. Communicate effectively with clients, security leaders, and other team members Proactively identify and mitigate security risks. Prioritize tasks and manage workload to meet deadlines and client expectations. Develop and deliver security awareness training to employees. Perform other security-related duties as assigned by the client. All other duties, as assigned. Qualifications Proven experience as a Security Consultant or in a similar role. • Strong understanding of security protocols, risk management, and incident response. • Excellent analytical, problem-solving, and communication skills. • Relevant certifications such as CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) are preferred. Working Conditions: With or without reasonable accommodation, requires the physical and mental capacity to effectively perform all essential functions; Regular computer usage. Occasional reaching and lifting of small objects and operating office equipment. Frequent sitting, standing, and/or walking. Travel, as required. Pinkerton is an equal opportunity employer to all applicants and positions without regard to race/ethnicity, color, national origin, ancestry, sex/gender, gender identity/expression, sexual orientation, marital/prenatal status, pregnancy/childbirth or related conditions, religion, creed, age, disability, genetic information, veteran status, or any protected status by local, state, federal or country-specific law.

Your day at NTT DATA The Senior Associate Information Security Analyst is a developing subject matter expert, responsible for designing and implementing security systems to protect the organization's computer networks from cyber-attacks, and to help set and maintain security standards. This role is required to monitor the organization's computer networks for security issues, install security software, and document any security issues or breaches found. The Senior Associate Information Security Analyst is responsible for assisting in the planning, implementation, and management of information security measures to safeguard the organization's digital assets and systems and contributes to maintaining a secure and compliant environment. What you'll be doing Key Responsibilities: Monitors security alerts and events from various sources, investigates potential threats, and escalates incidents as necessary. Assists in the implementation and monitoring of security controls, including firewalls, intrusion detection systems, and access controls. Performs regular vulnerability assessments, analyses scan results, and assists in prioritizing and remediating identified vulnerabilities. Supports the incident response team in investigating security incidents, documenting findings, and participating in remediation efforts. Assists in ensuring compliance with industry standards (for example, GDPR, ISO 27001) by conducting assessments and implementing necessary controls. Installs security measures and operates software to protect systems and information infrastructure, including firewalls and data encryption programs. Documents security breaches and assess the damage they cause. Works with the security team to perform tests and uncover network vulnerabilities. Fixes detected vulnerabilities to maintain a high-security standard. Develops organizational best practices for IT security. Performs penetration testing and upgrades systems to unable security software. Installs and upgrades antivirus software and tests and evaluates new technology. Assists with the installation of security software and understands information security management. Researches security enhancements and makes recommendations to management. Stays abreast of information technology trends and security standards. Contributes to security awareness initiatives by creating training materials, conducting workshops, and educating employees about best security practices. Maintains accurate records of security incidents, assessments, and actions taken for reporting and audit purposes. Assists in the management and maintenance of security tools, including antivirus software, encryption tools, and security information and event management (SIEM) systems. Participates in risk assessments to identify potential security threats, vulnerabilities, and associated risks to the organization. Collaborates with cross-functional teams, IT, and other teams to ensure security measures are integrated into the organization's processes and projects. Performs any other related task as required. Knowledge and Attributes: Good communication skills to effectively convey technical information to non-technical stakeholders. Good analytical thinking and problem-solving skills to prevent hacking on a network. Ability to identify and evaluate potential risks and to develop solutions. Ability to identify and mitigate network vulnerabilities and explain how to avoid them. Understands firewalls, proxies, SIEM, antivirus, and IDPS concepts. Understands patch management with the ability to deploy patches in a timely manner whilst understanding business impact. Developing proficiency with MAC and OS. Familiarity with security frameworks, standards, and regulations (for example, NIST, CIS, GDPR). Basic understanding of network and system architecture, protocols, and security controls. Ability to analyze security incidents and assess potential risks. Ability to work both independently and collaboratively in a fast-paced environment. Academic Qualifications and Certifications: Bachelor's degree or equivalent in information security, cybersecurity, computer science, or related. Security certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are advantageous. Required Experience: Moderate level of demonstrated experience in information security or cybersecurity, or related roles. Moderate level of demonstrated experience working in a global IT organization. Moderate level of demonstrated experience with computer network penetration testing and techniques. Moderate level of demonstrated experience with security assessment and vulnerability scanning tools. Workplace type : On-site Working

Your day at NTT DATA The Senior Information Security Incident Response Analyst is an advanced subject matter expert, responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments). This role acts as the technical second responder for the team and supports the work of technical staff from various business areas, as well as third-party technical experts. The Senior Information Security Incident Response uses their technical competencies of systems and automated mechanisms to detect unauthorized activity on company information assets. What you'll be doing Key Responsibilities: Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated. Performs access management activities according to the policy. Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses. Interacts with a global team of Cyber Security Analysts and specialists. Manages 2nd level triaging of security alerts, events, and notifications. Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees. Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders. Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified. Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults. Maintains an understanding of current and emerging threats, vulnerabilities, and trends. Knowledge and Attributes: Advanced understanding of End Point Protection Software. Advanced understanding of Enterprise Detection and Response software. Advanced knowledge of technological advances within the information security arena. Advanced understanding of inter-relationships in an overall system or process. Advanced knowledge of information security management and policies. Advanced understanding risk management principles and frameworks is crucial for prioritizing and addressing security incidents Advanced understanding of the organization's business operations, goals, and objectives enables the analyst to align incident response efforts with the broader business strategy. Ability to effectively communicate technical information to both technical and non-technical stakeholders, and end-users, as well as working with cross-functional teams during incident response. Ability to think critically, analyze information, and solve medium to complex problems. Academic Qualifications and Certifications: Bachelors degree or equivalent in Information Technology, Computer Science or related preferred. SANS GIAC Security Essentials (GSEC) or equivalent preferred. SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred. SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred Required Experience: Advanced experience in a Technology Information Security Industry. Advanced experience or knowledge of SIEM and IPS technologies. Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors. Workplace type : Remote Working.

Your day at NTT DATA The Associate Security Platform Engineer is an entry level subject matter expert, responsible for learning how to facilitate problem resolution and mentoring for the overall team. This role performs operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). The Associate Security Platform Engineer is responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments). What you'll be doing Key Responsibilities: Works as part of a 24/7 team working on rotational shifts. Works as part of Platform and Content Engineering handling tunings, stake holder requests, escalations, reporting, trainings. Administers the organization's security tools to gather security logs from environment. Lifecycle management of the supported security tools/technologies, Break-fix, Patching, Live update. Adheres to SOPs and notify stake holders on log flow/log format issues. Documents best practices. Identifies opportunities to make automations which will help the incident response team. Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics, and a broad range of skills in LAN technologies, Windows and Linux O/Ss, and general security infrastructure. Knowledge and Attributes: Entry level knowledge on implementation and monitoring of any SIEM or security tools/technologies. Entry level knowledge on security architecture, worked across different security technologies. Customer service orientated and pro-active thinking. Ability to problem solve and is highly driven and self-organized. Great attention to detail. Good analytical and logical thinking. Excellent spoken and written communication skills. Team player with the ability to work well with others and in group with colleagues and stakeholders. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or related field. Relevant level of Networking certifications such as CCNA, JNCIA, ACCA, PCNSA, CCSA etc. preferred. Relevant level of Security certifications such as AZ-500, SC-200, Security+, CEH etc. will be added advantage. Required Experience: Entry level experience in Security technologies like (Firewall, IPS, IDS, Proxy etc.). Entry level experience in technical support to clients. Entry level experience in diagnosis and troubleshooting. Entry level experience providing remote support in Security Technologies. Entry level experience in SOC/CSIRT Operations. Entry level experience in handling security incidents end to end. Entry level experience in Security engineering.

Knowledge and application: Seasoned, experienced professional; has complete knowledge and understanding of area of specialization. Uses evaluation, judgment, and interpretation to select right course of action. Problem solving: Works on problems of diverse scope where analysis of information requires evaluation of identifiable factors. Resolves and assesses a wide range of issues in creative ways and suggests variations in approach. Interaction: Enhances relationships and networks with senior internal/external partners who are not familiar with the subject matter often requiring persuasion. Works with others outside of own area of expertise, with the ability to adapt style to differing audiences and often advises others on difficult matters. Impact: Impacts short to medium term goals through personal effort or influence over team members. Accountability: Accountable for own targets with work reviewed at critical points. Work is done independently and is reviewed at critical points. Workplace type : Hybrid Working

Work experience: 8 + years Location : Bengaluru Essential Duties and responsibilities: Participate in governance, risk and compliance related assessments, policy and procedures, awareness and training for end users, change management, internal control identification and measurement per applicable guidelines and frameworks Conduct comprehensive security assessment and implementation support based on ISO 27001:2022, NIST 800, NIST CSF, PCI DSS and HITRUST. Perform gap analysis, identify risks, and provide actionable recommendations for compliance and security improvement. Lead risk methodology development and execution maintain updates and mapping of governance, risk and compliance (GRC) assessments for changing requirements/criteria related to SOC1, SOC2, in addition to other regulatory or industry requirements Work across matrix business environments both internal and external for risk and compliance (audit) readiness. Work with business units in a consulting role to assist in their understanding of internal controls and measurements in addressing strategic initiatives, business/client drivers and concerns, future audits and compliance requirements. Lead governance, risk and compliance (GRC) liaison with internal and external audit resources, external customers and government regulators, domestic and international. Actively support business units request for information and data security risk, technology risk, technical vendor relationship management, product selection and design related to the authority and responsibility of GRC within an Enterprise Risk Management (ERM) model. Promote a positive, entrepreneurial, consulting, performance focused culture within organisation that works effectively with stakeholders in the development and launch of services and programs that support compliance and company growth. Support the coordination, tracking and reporting on divisional and business units' metrics, results, data modelling, processing, calculating and transformation into meaningful risk metrics and reports. Roles and Responsibilities Job Qualifications: Bachelor’s degree in Computer Science/ Information Technology, Risk Management or equivalent years in experience Certifications required (two), preferred certifications: Certified Information Systems Auditor (CISA, Certified in Risk and Information System Controls (CRISC), Certified Information System Security Professional (CISSP), or equivalents. 8+ years of combined experience with consulting, external audit, company in house and outsourced internal audit, assurance services, contracts; experience with a Big 4 is required. 8+ years of hands-on combined experience with designing and implementing technology controls in diverse technology environments, including auditing, risk assessments and providing recommendations for remediation. 5+ years of hands-on combined experience, preferred in business process design, system integration, identity access & management, data privacy and protection, system development life cycle (SDLC), vulnerability assessment, information technology security, incident response, vendor management, backup and recovery and continuity planning. 8+ years of operational leadership roles that include domestic and international; diverse industry experience preferred, consulting services, financial services and banking, insurance and healthcare, risk and compliance. 8+ years of audit experience with SOC1, SOC2, and regulatory compliance. 8 years of combined hands-on operational experience in; accounting, tax, payroll, human resources, information technology operations, information technology security, risk management. 8+ years as a Subject Matter Expert (SME); working with industry frameworks including COSO, ISO, NIST 800-53, NIST/CSF, PCI, HITRUST, and GDPR. Experience leading engagements, establishing budgets, developing work programs/plans, building relationships, mentoring staff, providing performance feedback, and monitoring workloads of team(s) while meeting stakeholder and client expectations. Advanced written, verbal and presentation skills; including interactions with key stakeholders, internal executive management and external executive management and senior leaders. Experienced working in remote environments. Independent, motivated self-starter with the ability to analyse complex problems, think critically, problem solve, influence change, provide thought leadership. Excellent interpersonal skills, including the ability to work across a highly matrixed organization, interacting, influencing, negotiating effectively with all levels of leadership and peers Experienced with vendor and managed security services with ability to identify continuous improvement opportunities to drive risk assessment effectiveness and efficiency.

About the Role: Uber's Security Response and Investigations (SRI) team is the cybersecurity incident response body at Uber. SRI responds to security incidents and mitigates security threats across the company. The SRI team is made of three teams: vSOC (virtual Security Operations Center), Investigations and Automation, and Incident Command. You will be joining the vSOC team. As a Security Analyst on the vSOC team, You will be on the front-line of defence for the Uber Security Incident Response program. You will be handling triage for all security alerts for Uber globally across all environments (cloud, prod, corp). You will build Standard Operating Procedures (SOP) and help improve the incident response program. You will serve as an incident coordinator during high and critical severity incidents. Expect to work weekend shift (Saturday / Sunday) Basic Qualifications: Good understanding of cybersecurity fundamentals. This includes but is not limited to network protocols (e.g. TCP/IP stack) and security, system security, email security, etc. 2+ years of hands-on experience in a cybersecurity role. 1+ year of hands-on experience with security monitoring and response in a SOC environment. Strong problem-solving skills. Good communication skills. Preferred Qualifications: Experience with cybersecurity forensic methodologies and software. Experience driving complex incidents or leading investigations end-to-end. Threat hunting and Automation experience(SOAR/Python). Applied knowledge of cyber intel frameworks such as ATT&CK framework and kill-chain model. Experience working crisis events for a global company. Ability to work across geographically distributed teams. Certifications in Security is a plus

Wipro Limited (NYSEWIT, BSE507685, NSEWIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. About The Role Job Summary: We are seeking a skilled and experienced Network and Security Consultant to join our team. The ideal candidate will have a strong background in network security, risk assessment, and the implementation of security protocols. This role involves evaluating security needs, designing robust security systems and ensuring the protection of sensitive data. ? Key Responsibilities: Evaluate the enterprise network and security standards and create solutions that meet the required benchmarks for new infrastructure set ups. Design and implement robust network and security policies and procedures to protect the enterprise infrastructure. Install, configure, and upgrade security software (CC, DS, RF, AS device, on prem and cloud FWs and related networking solutions. Train and mentor team members to upskill them and perform KE sessions for overall team betterment. Respond to security breaches and provide incident response solutions. Stay up to date on the latest intelligence, including hackers’ methodologies, to anticipate security breaches. Ensure compliance with changing laws and applicable regulations. ? Required Skills: Technical level experience in Ethernet/Voice/Security/Cloud/VOIP, WIFI, etc. Strong understanding of End-to-End network device set up to support existing infrastructure. Experience with customer relationship management and interaction with internal and external customers. Proficiency in data analysis tools, data gathering, and reporting, Data Migrations and Storage solutions. Mandatory knowledge of CISCO, HP infrastructure along with networking requirements for Azure, GCP and AWS CSP’s. Preferred Knowledge of CP and PA FW’s (on Prem and Cloud) along with VPC and Public Cloud set ups Excellent presentation skills to interact at multiple organizational levels. Remarkable interpersonal skillsempathy, respectfulness, persuasiveness, and diplomacy. ? Internal - General Use Ability to multitask and deliver to timescales. Preferred bachelor’s degree or equivalent with at least 5 years of related experience. Fluent in English, including excellent written English ? Preferred Qualifications: Familiarity with a wide range of security frameworks and a deep understanding of threat. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

? Identify gaps and weaknesses on current alerting platforms and recommend improvements to ensure evolving capabilities. Identify gaps and weaknesses on Data Loss Prevention platforms. Continually review existing risk scoring models and adjust accordingly to ensure proper focus on significant security events and business needs. Administrate of DLP solution and liaising with GRC & CISO function to configure policies and work on reporting, monitor and respond to different alerts generated from the DLP solution. Demonstrate a good understanding of incident response process and event escalations, repone to DLPs escalations reported by incident response team. Share recommendations to further identify sensitive data and strengthen security controls. Collaborate & partner with legal, compliance team to support customer privacy initiative and continue compliance with different regulations, to mature company data life cycle management with focus on data security. Ability to independently research and solve technical issues and Demonstrated integrity in a professional environment.

About The Role :About The Role : Technology GRC Manager C1 Role Purpose: As GRC (Governance, Risk, and Compliance) Manager is responsible for overseeing and managing the risk assessment, remediation, and monitoring of information and technology process risks. This role involves ensuring that all risk and compliance activities are performed effectively by various control functions. The GRC Manager also serves as an internal consultant, providing guidance to operating functions and business lines on risk-related matters. Additionally, they are tasked with identifying, assessing, quantifying, reporting, communicating, mitigating, and monitoring process risks to ensure the organization''s overall security and compliance posture. Responsibilities: Ensure strong governance on risk and compliance performed by various control functions. Manage risk assessment, remediation, and monitoring of information and technology process risks. Serve as an internal risk consultant to operating functions and business lines. Identify, assess, quantify, report, communicate, mitigate, and monitor process risks. Support the implementation of information security policies. Discuss risk closure, mitigation, and acceptance with stakeholders. Ensure periodic entitlement reviews are completed, and risks are managed to an acceptable level. Collaborate with control functions to track and mitigate identified risks. Work with technology leaders to identify control gaps. Act as a subject matter expert for risk and controls related to operations. Maintain strong working relationships with stakeholders. Review and refine policies and processes based on industry best practices. Track identified risks and ensured their closure within defined timelines. Prepare and maintain risk heat maps and risk registers. Required Skills: Excellent executive-level communication skills. Strong working relationships with team members and the ability to motivate them. Knowledge in areas such as Application Security, Data Security, Identity Access Management, Information, Infrastructure Technology, GDPR, and ISO Audits. Solid understanding of Risk Management Lifecycle and exposure to standards like SOX, COBIT, PCI-DSS, NIST Control, etc. Understanding of Security incident response aspects is desirable. Good analytical, problem-solving, and interpersonal skills. B.E in Computer Science/Information Technology or equivalent qualification with 8-12 years of experience. Industry-recognized certification in information security such as CISSP, CISM, CISA, etc.