565 Incident Response Jobs - Page 18

Role & responsibilities Cyber Threat Intelligence Operating System-Understanding of how different system work, especially windows, Linux, MacOS. Programming Languages: Java, Python (Basic Understanding needed) Malware Analysis Techniques: Static & Dynamic analysis, code analysis, behavioral analysis, forensic analysis. Malware Analysis Tools: Need to have proficiency in using various malware analysis tools Static Analysis- CFF Explorer, PEiD, PEStudio, Stings, FLoss, ExeInfo PE, SSDEEP Dynamic Analysis Tools: Process Monitor, Process, Process Hacker, Sysmon, Autoruns, Regshot Reverse Engineering Tools: IDA Pro, Ghidra Analyzing Suspicious Files / Sandboxing by using :Virus Total, Hybrid Analysis , Cuckoo , Any.run , Intezer, Joe Sandbox Network Tool: Wireshark, InetSim. Malware Mitigation strategies: Have knowledge of various malware mitigation strategies such as preventation, detection removal , recovery and response. Good understanding on MITRE framework(TTP, IOC ,Threat Actor). Cyber kill chain, Dark web Analysis Should be able to setup the malware analysis lab with minimum support Threat Analysis- Analyze threat data from various sources to identify trends, tactics, techniques, and procedures (TTPs) used by cyber adversaries. Incident Response: Collaborate with the incident response team to provide intelligence support during security incidents. Reporting: Prepare and present intelligence reports to stakeholders, highlighting significant threats and recommended actions. Research: Conduct research on emerging threats, vulnerabilities, and security trends to inform strategic decisions. Collaboration: Work with internal teams and external partners to share intelligence and improve threat detection capabilities. Tool Utilization: Use threat intelligence platforms and tools to gather, analyze, and disseminate threat information-MISP, Threat Connect, Cyble , Anomali Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or GIAC Cyber Threat Intelligence (GCTI) are preferred. Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL-210438

Job Title: Senior Security Analyst Threat Hunting & Incident Response Location: Bangalore (Rotational Shifts) Mode of work- 5 days WFO Experience: 8+ Years Job Type: Full-time Job Description: We are looking for a highly skilled and experienced Senior Security Analyst to join our client's Cybersecurity team. This role involves leading incident response activities, performing proactive threat hunting, and enhancing our overall security posture through innovative detection strategies and forensic investigations. Key Responsibilities: Lead end-to-end security incident response, including analysis, containment, mitigation, and reporting. Design and implement detective controls for emerging threats and vulnerabilities. Perform proactive threat hunting across multiple platforms and environments. Continuously enhance SIEM/SOAR/XDR alert use cases and threat detection capabilities. Research emerging threats, vulnerabilities, and attack techniques to improve defenses. Participate in a 24/7 on-call rotation to support incident response and critical investigations. Document incident response activities and produce detailed reports for stakeholders. Conduct post-incident reviews to drive improvements in tools, processes, and readiness. Collaborate across teams to improve the organization’s threat detection and response maturity. Required Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or related field. Minimum 8 years of experience in Security Operations, Incident Response, or Threat Detection. Strong experience with threat hunting methodologies and frameworks. Hands-on expertise with tools such as SIEM, SOAR, XDR (e.g., Cortex XSIAM, Torq). Working knowledge of MITRE ATT&CK , NIST frameworks, and cyber kill chain concepts. Preferred Skills & Experience: Strong understanding of network and endpoint security, defense-in-depth, and current threat trends. Experience with cloud security (AWS, Azure, GCP) and public cloud defense techniques . Exposure to Endpoint Detection & Response (EDR) tools, forensic analysis, and log correlation. Proficiency in scripting languages (e.g., Python, PowerShell ) for automation and analysis. Relevant certifications such as CISSP, GIAC (GCIA, GCIH, GCFA), CEH are a plus. Strong analytical mindset with the ability to assess risk and prioritize response. Excellent written and verbal communication skills.

Role & responsibilities Understands SIEM tools (Sentinel ) functionality and logic behind creating rules and filters, integrating with different solution based on client security policy and requirements e.g. AV software, IDS, IPS etc... Good TCP /IP concepts Good understanding on Vulnerability Management tools such Nessus, Qualys Guard Diagnosing and resolving issues and problems with the clients information technology systems involving several processes. Act as a point of escalation for L1Team Members Develop/Fine Tune Use Cases Monitor logs and security events across network infrastructure. Log, monitor, investigate, and report on access violations. Provide log analysis to provide views of misuse, fraudulent or malicious activities. Provide updates as the incident progresses through the incident response process as requested by client. Support security incident response processes in the event of a security breach by providing logging and audit information and by providing incident reporting. Coordinate with client Information Security and Capgemini activities required to respond to security incident notifications received from Capgemini. Implement and manage a security incident management process according to the Security Policy. Maintain a security corrective action tracking methodology. Coordinate notification of security incident occurrence with client. Provide periodic trending problem reports. Create and maintain a Security Incident log that is also provided to client Information Security to facilitate historical analysis. Assist investigators of security incidents involving the client Sites and other locations, document findings, and coordinate resolution. Investigating causes, analyzing and diagnosing the problem and repairing or providing detailed alternative solutions Technical Experience: - 1: Experience in SIEM tools, Strong working experience in SIEM ES 2: Team management Incident handling skills, use case management, risk assessment 3: SOC operations for very large enterprises 4: Security Analytics skills is added advantage 5: Should have excellent customer handling skills Professional Attributes: 1: Good verbal communication skills to connect with customers at varying Levels of the organization methods 2: Ability to operate independently and make decisions with little or no supervision. Educational Qualification: Bachelor or college degree in related field or equivalent work experience

We are seeking a talented and highly motivated Microsoft Sentinel SIEM Engineer to join our Dedicated Defense group. As a key member of our team, you will be responsible for deploying and maintaining Microsoft Security technologies to enhance threat detection, response, and overall security posture. This is an exciting opportunity for an individual with expertise in major SIEM technologies, aiming to help safeguard critical systems and data from evolving cyber threats. Responsibilities: Architect, deploy, and maintain Microsoft Sentinel for SIEM use cases including log ingestion, data normalization, and incident correlation. Manage and optimize Microsoft Defender for Endpoint, Identity, Cloud, Office 365, and other Defender tools to maximize protection and visibility. Develop custom queries,detection rules, workbooks, and automation playbooks to improve threat detection and response efficiency. Lead the design and implementation of security monitoring, including data connectors, analytics rules, and incident automation. Collaborate with threat analysts and incident response teams to triage, investigate, and respond to security alerts and incidents. Provide technical guidance in security best practices, incident response procedures, and threat hunting using Microsoft security tools. Continuously assess the security landscape and recommend improvements to policies, tools, and configurations. In addition to strong technical acumen, the ideal candidate will bring excellent communication and client-facing skills to collaborate directly with customers, understand their security needs, and deliver tailored solutions that align with their risk posture and compliance requirements. Outcomes: Integration & Optimization: Integrate and optimize Microsoft Sentinel to improve visibility and automate threat detection workflows Threat Detection: Utilize Microsoft Sentinel AI-powered analytics to dashboard reports and automate critical reporting functions Automation & Playbook Development: Develop automated detection and response playbooks based on Microsoft data feeds, streamlining incident management and reducing time to resolution. Collaboration & Knowledge Sharing: Work closely with other security and IT teams to share threat intelligence, optimize SIEM use, and contribute to security strategy development. Reporting & Documentation: Develop and maintain dashboards, reports, and documentation related to Microsoft Sentinel deployment, performance, and incident metrics. Continuous Improvement: Continuously evaluate Microsoft Sentinel capabilities and other relevant security tools to recommend improvements and refine detection capabilities. Required Qualifications: 5 years of SIEM experience in Splunk, Qradar, Microsoft, and comparable SIEMS Hands-on experience with other SIEM platforms (Splunk, IBM QRadar, Microsoft Sentinel, etc.) and integrating them with endpoint security tools. Strong understanding of cybersecurity principles, threat detection, and SIEM management. Experience working with Sentinel One Core EDR technology Proficiency in scripting and automation (Python, PowerShell, etc.). Experience with cloud security (AWS, Azure, GCP) and cloud-native SIEM solutions is a plus. Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience). Preferred Qualifications: 5 years of experience in cybersecurity in a SOC or security engineering capacity. Proven hands-on expertise with Microsoft Sentinel and Microsoft Defender suite. Deep knowledge of Kusto Query Language (KQL) and building custom analytics rules and workbooks in Sentinel. Strong experience in customer-facing roles. Experience with incident response, threat detection, and threat hunting techniques. Strong understanding of cloud security, especially in Azure environments. Familiarity with MITRE ATT&CK, NIST, and other security frameworks. Experience integrating Sentinel with third-party solutions (e.g., threat intel feeds, ticketing systems).

Title: Security Analyst (SOC & EDR) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Who We Are: Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and knowledgeable Security Analyst to join our Information Security Operations (SecOps) team . This role will focus on SOC monitoring and Endpoint Detection and Response (EDR) using SentinelOne . The ideal candidate should have solid experience in threat monitoring, incident response, and SentinelOne tool handling. Key Responsibilities: Monitor and respond to SOC alerts and security incidents in real time. Analyze logs and alerts from SIEM and SentinelOne EDR platforms. Perform incident triage , escalation, and coordination with internal teams. Troubleshoot SentinelOne-related issues , including error resolution, agent communication, and performance problems. Understand and manage SentinelOne policies , ensure proper deployment, and make necessary adjustments for better coverage. Quickly identify the root cause of issues related to endpoint protection and take corrective actions. Coordinate with the IT team for issue resolution and endpoint remediation. Collaborate with teams to reduce false positives and improve alert accuracy. Maintain incident documentation , reports, and operational dashboards. Support in threat hunting , vulnerability detection, and other BAU (Business As Usual) security tasks. Required Skills & Qualification: Bachelors/Masters Degree in Computer Science, Information Systems, Engineering. 24 years of experience in SOC operations and endpoint security monitoring. Hands-on experience with SentinelOne EDR , including troubleshooting and policy management. Good knowledge of cybersecurity threats, incident response processes, and log analysis. Ability to investigate and resolve SentinelOne alerts and agent-related errors effectively. Experience working with SIEM tools (like Splunk, Qradar, etc.). Strong understanding of false positive tuning and threat detection improvement. Basic scripting knowledge (PowerShell, Python) is a plus. Good communication and analytical skills. Preferred Skills & Qualifications: CEH , CompTIA Security+ , or any other relevant security certification. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

Must-Have Skills: Minimum 3 years of experience in EDR (End point security) Minimum experience of 3 years as L1 level Only look for L1 level experienced candidates who are expert on EDR (EDR, incident response) and Trend Micro (Antivirus) Active CEH certificate Requirements: Location: Patna/Bhopal/Mumbai/Kanpur/Kolkata./Delhi Notice Period: Immediate to 30 days Salary Range: 9 LPA (Including 5% variable) Job Type: Work from Office Key Performance Indicators: Assess endpoint security infrastructure Deploy and configure EDR agents Monitor endpoints for suspicious activities Generate real-time alerts for potential security incidents Ensure compatibility with other security systems

Position Title: IT Security Analyst Description of the role: The Security Monitoring Analyst is responsible for manning the India SOC for our client based in the US. The key responsibilities include: Handling of all alerts - SIEM, IPS/IDS solutions, EDR the resource is expected to monitor, investigate, respond, and resolve these alerts. Resolving general support requests device control, URL whitelisting, lockouts, etc. Completion of daily checklists and preparation and sending daily reports. Monitor patching status and respond to patch failures by either redeploying the patch manually or escalating to the relevant teams. Monitor Vulnerability scans, review the reports, and parse through these to remove false alarms. • Document the response and resolution of alerts and tickets. Creating exclusions or Detection lists to reduce false alarms. Qualification: Require CompTIA / CySA+ / equivalent preferred certifications. The individual is expected to be a graduate (Engineering preferred). Candidates with professional certifications such as CompTIA Security+ would be preferred. Key requirements: Ability to think logically, understand and apply learning into practice 4 years of experience in IT security monitoring. Experience working with intrusion detection/prevention systems is a must. Experience in Darktrace would be preferred. Experience working with a SIEM tool is a must. Experience in patch management and IBM BigFix would be an advantage. Experience with vulnerability scanners and their reporting management would be beneficial. Excellent verbal and written English is mandatory. The candidates will be communicating with users based in the US and must communicate effectively. Position Location: Mumbai Andheri(E). Hours of operation: 7 am -3 pm/3 pm -11 pm/11 pm to 7am.

Job Summary Site Reliability Engineer Responsibilities Ensure security automation across our entire platform collaborating with developers security and operations teams to ensure platform integrity Have a passion for Security Agile and DevOps and promote shiftleft and ShiftRight culture which integrates security analysis into each CI/CD stages Implement new tools and processes to enable security in Cloud environment Automatic audit and implement security control in the DevOps CI/CD pipeline ensuring processes are followed maintained reviewed and updated regularly Contribute to SRE operations (Production support incident response and Oncall rota) Pasion for observability The skills you will need Strong experience in SRE practice with knowledge of conducting security checks and mitigation (static and dynamic code analysis SAST DAST IAST vulnerability analysis / penetration tests security component analysis) Hands on Experience with Azure DevOps is a must including Repos advanced pipelines and package management. Must have knowledge in Azure Cloud and its solutions Hands on Experience in IaC JSON/YAML Azure Bicep Azure policies Azure DevOps Open Telemetry Azure Monitoring Azure Sentinel Azure Defender Grafana Kusto queries Kubernetes AKS Azure ARC BICEP Azure function apps Azure Synapse PowerBI Azure Data Factory Dynamics 365 AzureML and MLflow Programming skills on PowerShell Knowledge on building and testing .NET and C# application and APIs Experience onCloud Networking Skills (TCP/IP SSL SMTP HTTP FTP DNS) WAF IPS/IDS Azure FrontDoor Experience working on large scale distributed systems with deep understanding of design impacts on performance reliability operations and security Working Experience in Monitoring tools and their implementation preferably with Azure Monitoring Suit. Knowledge of securing APIs and security in microservices is beneficial Should have demonstrated ability to work in an Agile environment Strong communication and teamwork skills Certifications Required Azure DevOps

Job Summary Continually monitor and evaluate security operations, investigative processes, automation, threat-hunting techniques, eDiscovery, legal holds, and forensic investigations and technologies. Provide security thought leadership across the security operational function as well as work with security engineering to provide feedback on current capabilities. Provide oversight for all security incidents, processes, and escalations to determine the root cause and extent of the incidents; be the escalation point and incident commander for severe security incidents. Identify cybersecurity architecture, goals, objectives, and metrics; analyze business needs and priorities for the protection of critical systems. Develop and manage operational playbooks, procedures, recommendations, and standards to ensure compliance with applicable security laws, regulations, and privacy legislation as appropriate. Manage the development, deployment, and execution of controls and defenses to ensure the security and risk mitigation of company infrastructure technology, information systems, and health sectors systems. Years of experience needed – You should have over 15 years of experience in cyber security and a minimum of 5 years' experience managing SOC functions. Technical Skills: Should have experience leading the security operations teams, providing management, leadership, and strategic direction. Should have monitored systems for cybersecurity vulnerabilities, threats, and events, overseen incident response planning, and led vulnerability audits and forensic investigations. Should have driven the analysis and trending of information and data from a large number of heterogeneous security devices. Certifications Needed: A Master's degree is a strong plus, with CISSP or CISM and GCFA certifications also a plus

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Senior Security Operations Analyst We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you’ll do: Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities Perform proactive threat hunting to identify and mitigate advanced threats Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership Continuously improve SOC processes and playbooks to streamline operations and response efforts Mentor junior SOC analysts and provide guidance on security best practices This role requires participation in a rotational shift Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed What you’ll bring: Strong analytical and problem-solving abilities Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams Proven ability to remain calm and efficient under a high-pressure environment Proficient in using SIEM tools, such as Microsoft Sentinel Experience with data migration strategies across SIEM platforms Experience on Cloud Security Operations and Incident Response platforms such as Wiz In-depth understanding of cyber threats, vulnerabilities, and attack vectors Proficient in creating KQL queries and custom alerts within Microsoft Sentinel Expertise in developing SIEM use cases and detection rules Skilled in incident response and management procedures Experienced in conducting deep-dive investigations and root cause analysis for incidents Adept at collaborating with stakeholders to resolve complex cybersecurity challenges Ability to automate routine SOC processes to enhance operational efficiency Experienced in mentoring and guiding junior analysts in security operations Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: Excellent interpersonal (self-motivational, organizational, personal project management) skills Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System Ability to analyze cyber threats to develop actionable intelligence Skill in using data visualization tools to convey complex security information Academic Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks Experience with SIEM migration Expertise in incident response, threat detection, and security monitoring Solid understanding of Windows, Linux, and cloud security concepts Relevant certifications (e.g., CompTIA Security+, Microsoft CertifiedSecurity Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred Preferred Security Cloud CertificationsAWS Security Specialty Perks & Benefits ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Oracle HCM Cloud Core HR Good to have skills : Oracle Applications Development, Security GovernanceMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will engage in proactive monitoring of systems to identify vulnerabilities and respond to potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security audits and assessments to identify areas for improvement.- Develop and implement security policies and procedures to enhance overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Oracle HCM Cloud Core HR.- Good To Have Skills: Experience with Oracle Applications Development, Security Governance.- Strong understanding of security frameworks and compliance standards.- Experience with risk assessment and management methodologies.- Familiarity with incident response and threat detection tools. Additional Information:- The candidate should have minimum 5 years of experience in Oracle HCM Cloud Core HR.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. What you will do Let’s do this. Let’s change the world. In this vital role you will be responsible for the initial response to security events and incidents within a 24/7 Cybersecurity Operations Center (CSOC). This role involves following established procedures to investigate security events, providing feedback to improve processes, and assisting in the incident response lifecycle. Additionally, the associate will participate in knowledge-sharing sessions and correlate security alerts across platforms. Roles & Responsibilities: Follow established procedures to triage, investigate and respond to security events and incidents. Provide feedback to senior analysts to improve, review, and optimize existing procedures and documentation. Correlate security alerts from various platforms based on common elements. Participate in and lead CSOC Tier 1 knowledge-sharing and learning sessions. Assist incident responders in coordinating the response, containment, eradication, recovery, and lessons learned phases of the incident response lifecycle. Basic Qualifications: Bachelor’s degree and 0 to 3 years of Security Operations experience OR related field experience Diploma and 4 to 7 years of Security Operations or related field experience Professional Certifications: CompTIA Security+ (preferred) CEH (preferred) GSEC (preferred) MTA Security Fundamentals (preferred) Must-Have Skills: Solid understanding of security technologies and their core functionality Experience in analyzing cybersecurity threats with up-to-date knowledge of attack vectors and the cyber threat landscape. Ability to prioritize tasks effectively and solve problems efficiently in a diverse, distributed team environment. Good knowledge of Windows and/or Linux systems. Familiarity with CSOC operations and incident response procedures. Experience with security alert correlation across different platforms. Preferred Qualifications: Good communication and collaboration skills, especially when working with global teams. Ability to prioritize and manage tasks in high-pressure situations. Critical thinking and problem-solving abilities in cybersecurity contexts. A commitment to continuous learning and knowledge sharing. Work Hours This position requires you to work a later shift and may be assigned a second or third shift schedule. Candidates must be willing and able to work during evening or night shifts, as required. Potential Shifts (subject to change based on business requirements)Second Shift2:00 pm – 10:00 pm IST; Third Shift10:00 pm – 7:00 am IST. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Project Role : Technology Platform Engineer Project Role Description : Creates production and non-production cloud environments using the proper software tools such as a platform for a project or product. Deploys the automation pipeline and automates environment creation and configuration. Must have skills : Critical Incident Management Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Technology Platform Engineer, you will be responsible for creating production and non-production cloud environments using the proper software tools. Your role involves deploying the automation pipeline and automating environment creation and configuration, ensuring seamless operations for projects or products. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Implement automation pipeline for environment creation.- Ensure proper configuration of cloud environments.- Collaborate with cross-functional teams for project success.- Troubleshoot and resolve critical incidents efficiently.- Continuous improvement of cloud environment performance. Professional & Technical Skills: - Must To Have Skills: Proficiency in Critical Incident Management.- Strong understanding of incident response procedures.- Experience in managing critical incidents effectively.- Knowledge of ITIL framework for incident management.- Hands-on experience with incident management tools.- Good To Have Skills: Experience with IT Service Management tools. Additional Information:- The candidate should have a minimum of 3 years of experience in Critical Incident Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that security measures are effectively integrated into the cloud environment and aligned with organizational objectives. Roles & Responsibilities:-Administer a globally distributed and heterogeneous SIEM environment, preferably Securonix/Splunk-Knowledge on Automation app deployment to multiple sites, Monitoring the central infrastructure-Design and customize complex search queries, develop dashboards, data models, reports and optimize their performance-Administration of core SIEM Components (Deployment Server, Indexer)-Understanding of threat models and threat intelligence-Improve detection capabilities by building and enhancing alert rules Professional & Technical Skills: - Exp working in SOC/SIEM-Incident handling, use case management development , risk assessment, playbook recommendation, fine-tunings-SIEM/SOC operations experience for very large enterprises-Knowledge on MITRE/CKC framework-Security Analytical skills and analysis-Should have good customer handling skills-SIEM, Incident Response, Basic understanding of security technologies-User behavior/Malware Analysis, Knowledge on Securonix, Defender, CrowdStrike, FortiSOAR and Splunk Admin Additional Information:- The candidate should have a minimum of 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and threat management.- Familiarity with regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : Accenture MxDR Ops Security EngineeringMinimum 3 year(s) of experience is required Educational Qualification : Minimum a bachelors or a masters degree in addition to regular 15- year full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to assess security measures, implementing protective solutions, and ensuring that all systems are safeguarded against potential cyber threats. You will engage in proactive monitoring and analysis of security incidents, contributing to the overall security posture of the organization while staying updated on the latest security trends and technologies. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance organizational security. Professional & Technical Skills: - Must To Have Skills: Proficiency in Accenture MxDR Ops Security Threat Analysis.- Strong understanding of security frameworks and compliance standards.- Experience with incident response and threat hunting methodologies.- Familiarity with security information and event management tools.- Knowledge of network security protocols and best practices. Additional Information:- The candidate should have minimum 3 years of experience in Accenture MxDR Ops Security Threat Analysis.- This position is based at our Chennai office.- A minimum a bachelors or a masters degree in addition to regular 15-year full time education is required. Qualification Minimum a bachelors or a masters degree in addition to regular 15- year full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in strategic discussions to enhance security protocols and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team understanding of cloud security practices.- Evaluate emerging security technologies and recommend improvements to existing security frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Knowledge of compliance frameworks such as ISO 27001, NIST, or GDPR.- Familiarity with risk assessment methodologies and tools. Additional Information:- The candidate should have minimum 15 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled cybersecurity professional with hands-on experience in managing and optimizing CrowdStrike EDR, FIM, Host Firewall, MxDR solutions. As a CrowdStrike EDR Specialist, you will play a critical role in endpoint threat detection, incident response, and continuous monitoring of the enterprise environment to identify and remediate cyber threats. Roles & Responsibilities:-Deploy, configure, and maintain CrowdStrike Falcon EDR agents across enterprise endpoints.-Monitor CrowdStrike dashboards and alerts for suspicious activity, malware, and unauthorized behavior.-Investigate, analyze, and respond to endpoint-related security incidents.-Create and tune detection rules, indicators of compromise (IOCs), and response workflows.-Collaborate with SOC teams, IT administrators, and incident responders on security investigations.-Perform threat hunting using CrowdStrike Falcon and other tools.-Develop reports and dashboards that provide visibility into the EDR environment and incident trends.-Ensure EDR platform integration with SIEM and other cybersecurity tools.-Stay updated on emerging threats and recommend configuration or policy improvements.-Knowledge and Exposure on Service Now ticketing for Incident Management, Problem Management and Change Management. Professional & Technical Skills: -Experience in a EDR (CrowdStrike) or threat detection role.-Strong hands-on experience with CrowdStrike Falcon EDR (deployment, policy management, investigation, etc.).-Solid understanding of malware, endpoint threats, and attack vectors.-Familiarity with MITRE ATT&CK framework and threat intelligence principles.-Experience with scripting (PowerShell, Python, etc.) and automation tools is a plus.-Knowledge of SIEM platforms (Splunk, QRadar, etc.) and their integration with EDR.-Relevant certifications preferred (e.g., CrowdStrike CCFA, FIM, Azure Fundamental). Additional Information:- The candidate should have minimum 3 years of experience in Endpoint Extended Detection and Response.- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the architecture aligns with organizational objectives, while also addressing any emerging security challenges in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular assessments of security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and threat intelligence.- Familiarity with compliance frameworks and regulatory requirements.- Ability to analyze security risks and develop mitigation strategies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will also engage in proactive monitoring of security systems and respond to potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and implement security protocols and procedures to enhance the overall security posture.- Conduct regular security audits and assessments to identify vulnerabilities and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk Privileged Access Management.- Experience with identity and access management solutions.- Strong understanding of security frameworks and compliance standards.- Familiarity with incident response and threat detection methodologies.- Knowledge of network security principles and practices. Additional Information:- The candidate should have minimum 7.5 years of experience in CyberArk Privileged Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and ensuring the integrity and confidentiality of data. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Design and implement security solutions to protect the organization's cloud infrastructure.- Collaborate with cross-functional teams to ensure the integrity and confidentiality of data.- Conduct risk assessments and develop strategies to mitigate security risks.- Stay up-to-date with the latest security trends and technologies.- Ensure compliance with industry standards and regulations.- Train and educate employees on security best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Strong understanding of cloud security principles and best practices.- Experience with cloud security technologies and tools.- Knowledge of network security protocols and technologies.- Familiarity with security frameworks and standards such as ISO 27001 and NIST.- Good To Have Skills: Experience with cloud platforms such as AWS or Azure.- Experience with security incident response and management.- Knowledge of threat intelligence and vulnerability management.- Understanding of identity and access management concepts.- Solid grasp of encryption and cryptographic techniques. Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Architecture Design.- This position is based at our Mumbai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain security policies and procedures to ensure compliance with regulatory requirements.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and threat intelligence.- Familiarity with security frameworks such as NIST, ISO 27001, and CIS.- Ability to analyze and interpret security logs and alerts. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Network Security Operations Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Monitor and evaluate the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Security Operations.- Strong understanding of cloud security principles and frameworks.- Experience with security compliance standards and regulations.- Ability to design and implement security architectures for cloud environments.- Familiarity with incident response and threat management processes. Additional Information:- The candidate should have minimum 12 years of experience in Network Security Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : ForgeRock Access Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will also engage in proactive monitoring of security systems to identify potential threats and vulnerabilities, while continuously improving security protocols to safeguard the organizations information and infrastructure. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security audits and assessments to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management.- Good To Have Skills: Experience with identity and access management solutions.- Strong understanding of security protocols and frameworks.- Experience with incident response and threat analysis.- Familiarity with cloud security practices and technologies. Additional Information:- The candidate should have minimum 7.5 years of experience in ForgeRock Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : ForgeRock Access Management Good to have skills : Java Standard EditionMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, Provide expert knowledge and function as a subject matter expert on key principles of Identity and Access Management (IAM) Provide scripting support in PowerShell, JavaScript, and PythonIdentity and Access Management technologiesExperience in NIST and/or SOC2Understanding of modern authentication solutions using SAML/OAuth/OIDCIdentity security best practicesCapable in all information security domains including regulatory compliance, risk assessments, controls implementations, governance frameworks and audit processes.Able to integrate with cloud based IAM vendorsAbility to collaborate with high-performance teams and individuals to drive results Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management.- Good To Have Skills: Experience with Java Standard Edition.- Strong understanding of identity and access management principles.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or GDPR.- Familiarity with security incident response and management processes. Additional Information:- The candidate should have minimum 7.5 years of experience in ForgeRock Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education