811 Incident Response Jobs - Page 9

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

Security Analyst Req number: R5734 Employment type: Full time Worksite flexibility: Onsite Who we are CAI is a global technology services firm with over 8,500 associates worldwide and a yearly revenue of $1 billion+. We have over 40 years of excellence in uniting talent and technology to power the possible for our clients, colleagues, and communities. As a privately held company, we have the freedom and focus to do what is right—whatever it takes. Our tailor-made solutions create lasting results across the public and commercial sectors, and we are trailblazers in bringing neurodiversity to the enterprise. Job Summary We are looking for a motivated Security Analyst ready to take us to the next level! If you understand ISMS, Information Security, Vulnerability Management and are looking forward to your next career move, apply now. Job Description We are looking for a Security Analyst . This position will be full-time and Onsite Gurugram. What You’ll Do Ensure compliance with security standards and frameworks (e.g., ISO 27001). Assist in the development and enforcement of internal security policies and procedures. Conduct regular audits to ensure compliance with established security protocols and guidelines. Coordination with relevant stakeholders to identify, assess, and prioritize security vulnerabilities across systems and networks. Coordinate in performing vulnerability assessments and penetration testing to ensure system defense are robust. Collaborate with IT teams to recommend and implement patches, fixes, or configuration changes to address vulnerabilities. Continuously monitor network traffic, security logs, and systems for any signs of security breaches or irregularities. Maintain and manage security tools (e.g. Next gen AV, EDR, SIEM). Educate employees on information security best practices, including secure password policies and safe internet use. What You'll Need 3+ years of experience in a Security Analyst or related role. Hands-on experience with security monitoring, vulnerability management, and incident response. AV, EDR/XDR, SIEM, Network protocol. Incident Response. Vulnerability Assessment. Familiar with the Secure SDLC Framework. Strong analytical and problem-solving skills. Excellent understanding of network protocols (TCP/IP, DNS, HTTP, etc.). Experience with vulnerability management and penetration testing tools. Familiarity with risk management and compliance requirements. Windows/Linux administration. Conduct regular system scans, security checks, and updates to ensure the security tools are functioning optimally. Provide guidance on handling sensitive data and maintaining security hygiene. Document security incidents, investigations, and actions taken for compliance and future reference. Contribute to risk assessments and assist in the identification of key risk areas for the organization. Investigate security incidents, respond promptly, and report findings to the management team. Physical Demands Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc. Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor. Reasonable accommodation statement If you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employment selection process, please direct your inquiries to application.accommodations@cai.io or (888) 824 – 8111.

We are seeking a highly skilled Cybersecurity Officer with a strong background in information security, cyber risk management, and technical infrastructure protection.As a global provider of financial and data clearing applications for mobile network operators, we understand the critical importance of robust cybersecurity measures.This role is specifically focused on the digital security of enterprise systems, cloud infrastructure, application environments, and customer data. Nextgen Clearing is the market leading provider of global roaming services. We operate internationally across 20 global locations, employing over 300 talented people. We offer Award-winning Data and Financial Clearing services, along with unique value-added features on a single flexible online platform. Nextgen Clearing serves more than 160 operators worldwide, giving them a 24/7 holistic overview of their full roaming business Key Responsibilities: Define and implement security policies and controls to protect the company's digital assets and ensure regulatory compliance. Continuously monitor the company's security posture and quickly respond to security incidents. Develop security strategies and plans for preventing and responding to security breaches. Provide expert guidance and support to software teams on implementing secure development practices, security requirements, and conducting security testing. Foster secure application deployment and configuration, ensuring the protection of data integrity and confidentiality. Conduct regular training and awareness sessions for the company's staff to promote security best practices. Assist in the response to security incidents, including the management of communications and recovery efforts. Work collaboratively with customer service teams to safeguard customer data, enhance data privacy, and ensure secure customer interactions. Contribute to the company's efforts to prevent fraud and manage security incident communications to maintain trust with customers. Stay up-to-date on the latest cybersecurity trends, threats, and security technologies to continuously improve the organization's security stance. Collaborate with IT and other departments to establish a security-focused culture across the company. Develop and maintain documentation related to security policies, procedures, and incident response plans. Stay up to date on emerging cybersecurity threats and vulnerabilities and proactively recommend and implement countermeasures to mitigate risks. Foster security awareness and monitor security policy implementation Requirements Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree or cybersecurity certifications (e.g., CISSP, CISM, CEH, TOGAF) are a plus. A minimum of 5 years of experience in information security or cybersecurity. Strong understanding of information security principles, best practices, and industry standards. Experience with implementing and managing security protocols, cybersecurity tools, and technologies. Familiarity with compliance requirements and standards such as ISO 27001, GDPR, and PCI DSS. Ability to identify security vulnerabilities and risks, as well as implement preventive and corrective measures. Knowledge of secure software development life cycle (SDLC) practices. Excellent problem-solving skills and the ability to work in a fast-paced, high-pressure environment. Strong communication and interpersonal skills to collaborate with diverse teams and educate non-technical stakeholders on security-related matters. Incident response and crisis management experience. Working Conditions: The role may require availability outside of standard business hours to respond to security incidents and maintain critical security measures. Benefits A supportive, dynamic, and collaborative work environment. Exceptional opportunities for professional and career advancement. Engagement with the leading provider of roaming services, catering to global Mobile Network Operators as clients. For more information, please visit www.nextgenclearing.com. Private Health Insurance Training & Development

We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment, configuration, and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations. The ideal candidate will play a critical role in enhancing security monitoring, investigating incidents, and ensuring seamless SIEM operations. This role requires a blend of expertise in QRadar deployment, incident handling, and forensic analysis to improve the organization’s security posture, Plan, design, and deploy QRadar SIEM environments including Incident forensic, ensuring proper integration with network devices, servers, and applications Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Develop and maintain documentation, including deployment guides, SOPs. Generate forensic reports and compliance dashboards for internal stakeholders and external audits. Proactively identify gaps in threat detection capabilities and recommend enhancements. Implement updates, patches, and upgrades to maintain system reliability and performance. Optimize architecture and storage allocation to ensure scalability and efficiency. Hands-on experience with QRadar architecture, deployment, and administration. Strong knowledge in Linux, unix, redhat OS. Strong knowledge in TCP/IP & networking. Proven track record in incident handling, forensic investigations, and log analysis. Expertise in QRadar features such as AQL queries, rule creation, offense management, and dashboards. Proficiency in forensic tools and methodologies for log analysis and evidence gathering Preferred technical and professional experience Support threat hunting activities by leveraging anomaly detection and root cause analysis. Research and implement emerging QRadar features, integrations, and third-party tools to enhance functionality. Perform daily health checks, ensure system availability, and resolve performance bottlenecks. Use the tools in IBM QRadar Incident Forensics in specific scenarios in the different types of investigations, such as network security, insider analysis, fraud and abuse, and evidence-gathering. Investigate security incidents by analyzing logs, offenses, and related data within QRadar. Manage and troubleshoot log ingestion, data flow, and parsing issues across multiple data sources. Extract and analyze digital evidence to support forensic investigations and incident response. Reconstruct attack scenarios and provide root cause analysis for post-incident reviews

Lead & focus: Demonstrate clear & calm leadership, setting the tone for each response Command and coordinate a response to security incidents, relevant threats, and high profile security events Scope a response to the next best actions Ensure response is sustainable for all resources involved Support beyond normal shift hours in an emergency or during times of staff shortage Coordinate & communicate: Delegate tasks in a timely manner and manage them to closure Facilitate incident / threat resolution through prompt communication across multiple teams Document status and regularly communicate updates to stakeholders and senior management Develop and track key metrics and reporting related to incident management Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Incident Response, Soc Management Preferred technical and professional experience Threat Hunting

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

Threat Protection Engineer | ACPL Must have Microsoft Threat Detection & Protection, Defender, and Cloud Security experience. Should be able to provide L3 support.its a 2 yrs bond with ACPL Company/Manesar location-Hybrid

Responsibilities: * Conduct threat analysis using SOC tools like QRadar & LogRhythm. * Collaborate with incident response team on security incidents. * Monitor network activity for suspicious behavior.

As a Manager, Information Security Incident Response at NTT DATA, you will be responsible for leading the Information Security Incident Response Management team. Your role will involve ensuring that your team is well-equipped to detect and monitor threats and suspicious activities affecting the organization's technology domain. You will serve as the escalation point for incident workflows and actively participate in delivering security measures through analytics and threat hunting processes. Your primary responsibilities will include managing a team of security professionals while fostering a collaborative and innovative team culture focused on operational excellence. You will be expected to have at least 10 years of experience in SOC, with a minimum of 4 years as a SOC Manager. Additionally, you should have 4+ years of experience in SIEM (Splunk) and hold a CISM/CISSP certification. Your role will also involve troubleshooting technical issues to ensure project success, implementing changes to align with client demands, and providing guidance to the team to achieve specific objectives. You will be responsible for developing and executing a timeline for the team to achieve its goals, monitoring incident detection and closure, and presenting regular metrics and reports. Furthermore, you will be required to conduct periodic DR drills, design SIEM solutions to enhance security value, and conduct root-cause analysis for security incidents. It will be vital for you to ensure that the SIEM system is optimized for efficient performance, align reports SIEM rules and alerts with security policies, and compliance reports requirements. You will also collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. To qualify for this role, you should have a Bachelor's degree or equivalent in Information Technology, Computer Science, or a related field, along with industry certifications such as CISSP or CISM. You should possess advanced experience in the Technology Information Security industry, prior experience working in a SOC/CSIR, and advanced knowledge of tools, techniques, and processes used by threat actors. Additionally, you should have practical knowledge of indicators of compromise (IOCs), end-point protection, enterprise detention, response software, SIEM, and IPS technologies. This is an on-site working position at NTT DATA, where diversity and inclusion are embraced, and you will have the opportunity to continue growing, belonging, and thriving in a collaborative environment. NTT DATA is an Equal Opportunity Employer, and your career progression here will involve seizing new opportunities, expanding your skills, and preparing for future advancements within the global team.,

As a Security leader with a background in AWS and cloud Security, you play a crucial role in defining and enforcing the security policies and procedures of the organization. With excellent written and verbal communication skills, exceptional organizational abilities, and expert-level proficiency in IT and Cloud Security, you will be responsible for architecting and implementing IT Security policies while reporting to the Director of Information Technology. In this full-time role, your essential duties and responsibilities include providing leadership and technology vision to the IT Security team, performing internal and external security audits, documenting, implementing, and monitoring adherence to IT security standards, as well as assessing and improving security metrics. You will work on enhancing security tools and operations, monitor and manage IDS, vulnerability scanning, and assessments, and serve as the Data Privacy Officer (DPO) for the company. Creating awareness within the company regarding Security, Privacy, and compliance requirements, ensuring security and privacy training for staff involved in data processing, conducting security and privacy audits, and serving as the point of contact between the company and clients for privacy controls are key aspects of your role. Additionally, you will be responsible for log aggregation and analysis, managing Anti-Virus software, addressing security and data breach-related incidents, and ensuring customer satisfaction while being accountable for individual product/project success and quality. To qualify for this position, you must hold certifications such as CISSP, Security+, or equivalent, along with having 10+ years of Cyber Security experience, 5+ years of IT management experience, 5+ years of AWS experience, and 3+ years of experience with Identity & Access Management tools. Your extensive experience with Linux & Windows Security administration, managing Cloud and Container Security, Network and Application penetration testing, vulnerability scanners, IDS, IPS deployment and monitoring, SIEM tools, security automation, incident response & management, vulnerability management, and patch management will be essential. Moreover, your role will involve ensuring organization efficiencies through continual improvement programs, representing the organization in inspections and audits, driving action plans to closure, conducting deep dive RCAs and ensuring CAPAs are closed, and maintaining a metrics-driven approach. Additional qualifications such as experience with monitoring tools like Datadog, Change Management, Configuration Management, Infrastructure as Code tools, hardening Operating Systems and Applications, endpoint security management, working in GxP environments, and familiarity with various practices will be beneficial. With no travel expectations, this role requires a dedicated and experienced professional who can effectively lead security operations and teams, prioritize security and privacy, and drive continuous improvement initiatives to enhance organizational security posture.,

As an L2 SOC Analyst specializing in LogRhythm SIEM, your role will involve strengthening the Security Operations Center in Mumbai. With 2 to 5 years of hands-on experience in security monitoring and incident analysis, particularly focusing on LogRhythm SIEM, you will play a crucial part in the in-depth analysis, incident investigation, escalation, and coordination with response teams. Your key responsibilities will include monitoring, analyzing, and triaging security alerts from LogRhythm SIEM and other security platforms. You will be responsible for investigating and validating security incidents with detailed analysis and impact assessment, conducting threat hunting, and advanced log correlation as per SOC playbooks. Additionally, you will respond to incidents following defined escalation matrices, perform root cause analysis, recommend containment and mitigation actions, and provide guidance and mentorship to L1 SOC Analysts for escalated incidents. Moreover, you will prepare incident reports, analysis summaries, and dashboards for management, monitor and report SIEM health, log source integration issues, and tuning requirements. Your role will also involve participating in the continuous improvement of detection rules and SOC processes. Being ready to work in 24x7 rotational shifts with a constant readiness for critical incident handling is essential for this position. To excel in this role, you should possess 2 to 5 years of SOC operations experience, with a specific focus on SIEM monitoring and incident handling. Strong hands-on experience with LogRhythm SIEM is mandatory, in addition to a good understanding of security threats, attack vectors, malware behavior, and common vulnerabilities. Practical experience in analyzing logs from firewalls, IDS/IPS, endpoint security, and cloud platforms is required, along with familiarity with the MITRE ATT&CK framework and the usage of threat intelligence. Furthermore, you should exhibit strong analytical thinking, incident response capabilities, and problem-solving skills. Effective communication skills for incident reporting and escalation are essential for this role. Preferred certifications include LogRhythm Certified Deployment Engineer (LCDE) or LogRhythm Certified SOC Analyst (LCSA), while certifications such as CompTIA Security+, CEH, CySA+, or equivalent security certifications are optional. Any threat hunting or incident response certification would be considered a plus. This is a full-time role based at the Mumbai SOC facility, requiring you to work in 24x7 rotational shifts, including nights and weekends.,

Tower Research Capital, a leading quantitative trading firm established in 1998, has earned a stellar reputation for its high-performance platform and independent trading teams. With over 25 years of innovation, the firm is renowned for its ability to identify unique market opportunities. Home to exceptional systematic trading and engineering talent, Tower empowers portfolio managers to develop their teams and strategies independently, while benefiting from the advantages of being part of a large, global organization. Engineers at Tower excel in developing electronic trading infrastructure at a world-class level, tackling complex challenges in low-latency programming, FPGA technology, hardware acceleration, and machine learning. The firm's continuous investment in top engineering talent and cutting-edge technology ensures that its platform remains unparalleled in terms of functionality, scalability, and performance. Every employee at Tower contributes to its success. The Business Support teams play a crucial role in constructing and maintaining the platform that drives the firm's operations, combining market access, data, compute, and research infrastructure with risk management, compliance, and a range of business services. These teams enable the trading and engineering teams to achieve their best performance. At Tower, employees thrive in a stimulating, results-driven environment where highly intelligent and motivated colleagues inspire each other to reach their full potential. As a member of the Global Cybersecurity team, you will work to enhance the security posture and services by monitoring, identifying, and addressing security gaps and countermeasures. Location: Gurgaon, India Team: Global Security Operations Shift Timing: 6:00 AM IST 3:00 PM IST with rotational weekend support as part of 24x7 operations Responsibilities: - Monitoring alerts for potential security incidents and information requests, utilizing real-time channels, tools, dashboards, reports, chat sessions, and tickets. - Following incident-specific procedures to conduct basic triage of potential security incidents, determining their nature, priority, and eliminating false positives. - Investigating and validating alerts to identify scope, impact, and root cause using available telemetry and threat intelligence. - Escalating confirmed incidents with comprehensive evidence, impact assessment, and recommended containment/remediation actions. - Collaborating with stakeholders and third-party security service providers to triage alerts, events, or incidents. - Monitoring and analyzing Security Information and Event Management (SIEM) to identify security issues for remediation. - Developing detection content, correlation rules, and queries in SIEM platforms to enhance threat detection capabilities. - Contributing to incident response playbooks, runbooks, and process enhancements. - Participating in threat hunting activities, adversary emulation exercises, and purple teaming efforts. - Maintaining accurate documentation of investigations, incidents, and actions in ticketing systems. - Staying informed of the current threat landscape, attacker tactics, and vulnerabilities relevant to Tower's environment. - Interacting with customers/users in a professional and positive manner. Requirements: - Bachelor's Degree in Computer Science, Information Security, or Information Technology. - 3+ years of hands-on experience in a Security Operations Center (SOC) or threat detection/incident response role in a mid to large-scale organization. - Proven track record in performing triage of potential security incidents and experience with various technologies including SIEM, EDR/NDR/XDR, web proxies, vulnerability assessment tools, IDS/IPS, firewalls, and data leakage prevention. - Strong understanding of various operating systems, network protocols, malware behavior, attacker techniques, and common attack vectors. - Willingness to work in early shifts and provide round-the-clock support, including weekend shifts. Soft Skills & Work Traits: - Strong analytical, investigative, and troubleshooting skills. - Effective written and verbal communication skills, with the ability to simplify complex security issues. - Organized, detail-oriented, and capable of managing multiple priorities under pressure. - Passion for security, continuous learning, and operational excellence. - Comfortable working in a rotating shift model, including weekend support. - Strong desire to understand security incidents thoroughly. Benefits: - Tower's headquarters are located in the historic Equitable Building in NYC's Financial District, with a global impact and offices worldwide. - The firm fosters a culture where smart, driven individuals thrive in a collaborative environment without egos. - Benefits include generous paid time off, financial wellness tools, hybrid working opportunities, daily meals and snacks, wellness experiences, volunteer opportunities, social events, continuous learning opportunities, and more. At Tower, you will find a welcoming and collaborative culture, a diverse team, and a workplace that values both performance and enjoyment. Join a team of great people doing great work together. Tower Research Capital is an equal opportunity employer.,

About Northern Trust: Northern Trust is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. The organization takes pride in offering innovative financial services and guidance to successful individuals, families, and institutions while upholding principles of service, expertise, and integrity. With over 130 years of experience and more than 22,000 partners, Northern Trust serves sophisticated clients worldwide with leading technology and exceptional service. Job Summary: Northern Trust is seeking an experienced Manager of Technology Resilience & Automation to lead the automation, orchestration, and continuous improvement of the Technology and Infrastructure Resilience Process. The role focuses on enhancing the efficiency, reliability, and effectiveness of Disaster Recovery (DR) Operations through automation to ensure rapid recovery of critical systems and minimize downtime. The ideal candidate will possess expertise in disaster recovery planning, automation frameworks, IT Infrastructure, on-premise and cloud-based recovery solutions, and regulatory compliance requirements. This individual will play a critical role in identifying risks, developing mitigation strategies, and collaborating with cross-functional teams to maintain the security and resilience of the business during unforeseen disruptions. Key Responsibilities: - Disaster Recovery Automation and Strategy: Develop and implement an automated DR framework to enhance failover and recovery speed, integrate automation into DR Runbooks, testing, and execution, optimize Recovery Time Objective (RTO) and Recovery Point Objective (RPO) through automation, collaborate with Infrastructure teams to enhance DR capabilities, and ensure DR plans meet standards and compliance requirements. - Automation & Tooling Implementation: Review requirements, approve design artifacts, strategize and utilize organization infrastructure tools to automate DR processes, lead DR automation solutions across different environments, and enhance monitoring and alerting capabilities for DR automation. - DR Testing & Validation: Conduct DR tests, failover drills, and resilience simulations using automation, monitor and analyze test results for improvements, collaborate with relevant departments for alignment between DR, authentication, and security strategies, lead DR efforts during disruptions, and maintain documentation to support automation capabilities. - Communication, Collaboration & Leadership: Lead a team focused on DR Automation, serve as a subject matter expert, provide guidance and training, develop and deliver effective presentations, communicate key metrics professionally, facilitate meetings with stakeholders, and maintain a technical network across multiple service areas. Qualifications: - Bachelor's degree or equivalent experience. - Strong knowledge of IT automation strategies, tools, and frameworks. - Proven experience in disaster recovery and business continuity planning. - Excellent analytical and problem-solving skills. - Strong communication and interpersonal skills. - Experience in a global organization across multiple countries and time zones. - Ability to work effectively under pressure. - Knowledge of relevant regulations and compliance standards. Experience: - Minimum 12+ years in Management or Team Lead role in IT. - Minimum 5 years in disaster recovery, business continuity planning, or point-in-time recovery planning. - Practical experience in Agile development. - Hands-on experience in leading DR automation projects. - Strong communications, analytical, problem-solving, and incident response skills. - Experience in leading disaster recovery exercises and response efforts. - Management soft skills including team building, conflict resolution, and strategic planning. Join Northern Trust: Northern Trust offers a flexible and collaborative work culture, encourages movement within the organization, provides accessibility to senior leaders, and commits to assisting the communities it serves. If you are interested in working for a sustainable and admired company, consider building your career with Northern Trust today. Reasonable accommodation: Northern Trust is dedicated to working with individuals with disabilities and providing reasonable accommodations. If you require accommodations during the employment process, please contact the HR Service Center at MyHRHelp@ntrs.com. Apply today to explore opportunities for flexible working and contribute to a diverse and inclusive workplace where different perspectives are valued. #MadeForGreater.,

You will be joining a global fintech leader in securities finance as a Senior Product Support Engineer (L2) in Chandigarh. As a part of the Product Support Team, you will play a crucial role in resolving complex production issues, ensuring system stability, and supporting clients and internal teams. Your responsibilities will include taking ownership of high-priority incidents, troubleshooting and resolving complex business queries using SQL and Unix tools, documenting recurring issues and best practices, collaborating with development and DevOps teams, and mentoring junior engineers. To excel in this role, you should have 3-7 years of commercial experience in application or product support roles, proficiency in SQL and Unix for analysis and troubleshooting, a deep understanding of incident response workflows, and prior experience in the Financial Services or trading domain. Effective communication skills, strong problem-solving abilities, and the ability to work in Agile environments are essential. Benefits of this role include hybrid working options, generous vacation days, family health insurance coverage, personal accidental injury insurance, an annual team-building retreat, and relocation assistance if needed. The company is committed to fostering an inclusive and diverse workplace where all employees are respected and valued. If you require any accommodations during the interview process, the company is ready to support you.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. To provide security monitoring and support to Client's technology platforms, network, applications, crew, and environments in response to incidents of varying severity and perform other security monitoring/incident response functions as needed. **Duties and Responsibilities:** - Support Client Data Loss Prevention (DLP) initiatives through monitoring and investigation of email, network, and endpoint DLP alerts. - Performs remediation actions to resolve incidents relating to violations of Client Information Security policies. - Establishes and maintains effective service relationships with business users - keeping them informed of the status of their security requests and tickets; understanding their business needs and escalating as necessary; providing non-technical answers to security questions that come in via email or hotline; and explaining the rationale behind security policies, procedures, and monitoring. - Keeps management within the department informed by communicating progress, issues, concerns, and opportunities. Assesses and immediately notifies the manager of any potential information security breach and security issues that may have a negative impact on business operations. - Identifies opportunities to improve the quality, efficiency, and effectiveness of the team. - Adheres to Client Information Security policies and departmental procedures, along with following industry best practices. - Works with other departments (within and outside of Information Security) to communicate appropriate and consistent security requirements. - Participates in the development of team and departmental objectives. - Participates in special projects and performs other duties as assigned. - Supporting the clients" team by acting as an interim team member (e.g. security officer, security manager, security analyst.) - Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager. **Qualifications:** - Undergraduate degree in information/cybersecurity, an information technology-related field, or equivalent combination of training, certifications, and experience. - 4-6 years related experience. - CompTIA Security+, ISC2 CISSP, SANS, or other similar certifications are a plus but not required. - Knowledge of security concepts, theories, and best practices. - Ability to analyze and demonstrate problem resolution skills. - Demonstrated ability to work collaboratively as well as independently, with attention to detail. - Demonstrated ability to be flexible and exercise good judgment. - Demonstrated strong organization and time management skills. - Strong verbal, written, and interpersonal communication skills. - Ability to deal effectively with various levels of business unit crew and management. - Experience on Elastic SIEM, Tines SOAR, and CrowdStrike EDR is good to have. **Special Factors:** - Willing to work in a hybrid model (3 days in the office) in a rotational shift. - Weekend availability/flexibility to work weekends is a MUST. - Willing to support the US shift (Night shift),

You will be responsible for delivering high-quality cybersecurity training sessions to individuals at various skill levels. Your role will involve preparing and presenting training materials, conducting hands-on labs, and providing ongoing support to ensure the success of our cybersecurity training programs. Key Responsibilities: - Develop, design, and deliver engaging cybersecurity training programs on various topics including network security, threat analysis, ethical hacking, risk management, data protection, and compliance. - Conduct theoretical and hands-on sessions using real-world examples and case studies to reinforce key concepts. - Evaluate the effectiveness of training programs and make improvements based on feedback. - Stay updated with the latest trends, threats, and best practices in the cybersecurity field to ensure training content is current. - Provide guidance and mentoring to participants, answering questions and offering solutions to cybersecurity challenges. - Develop training materials such as presentations, manuals, and lab exercises. - Administer exams or certifications to assess participants" understanding of the material. - Customize training solutions based on client or organizational needs. - Assist in creating documentation and resources for post-training reference. Qualifications: - Proven experience as a Cybersecurity professional with hands-on experience. - In-depth knowledge of cybersecurity principles, threat vectors, firewalls, encryption, vulnerability assessments, and incident response. - Relevant cybersecurity certifications such as CISSP, CEH, CISM, CompTIA Security+, or similar. - Prior experience in teaching or training, with the ability to explain complex technical concepts in an accessible manner. - Strong communication and presentation skills, with the ability to engage and motivate participants. - Ability to design and develop comprehensive training curricula. - Familiarity with various cybersecurity tools and technologies such as SIEM, penetration testing tools, firewalls, and antivirus software. - Experience with online learning platforms and delivering virtual training is a plus. - Strong problem-solving abilities and the capability to adapt to new challenges. Preferred Qualifications: - Bachelor's degree in Cybersecurity, Information Technology, or a related field. - Experience in corporate or enterprise-level cybersecurity training. - Knowledge of regulatory frameworks (e.g., GDPR, HIPAA, NIST) and compliance standards. - Experience with security certifications like CompTIA Network+, Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM). This is a full-time, permanent position with a day shift schedule at an in-person work location.,

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, our most valuable asset is our people. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage and passion to drive life-changing impact to ZS. Our most valuable asset is our people. At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systemsthe ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Senior Security Operations Analyst We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you'll do: - Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging - Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities - Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time - Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities - Perform proactive threat hunting to identify and mitigate advanced threats - Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation - Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats - Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership - Continuously improve SOC processes and playbooks to streamline operations and response efforts - Mentor junior SOC analysts and provide guidance on security best practices - This role requires participation in a rotational shift - Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed What you'll bring: - Strong analytical and problem-solving abilities - Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams - Proven ability to remain calm and efficient under a high-pressure environment - Proficient in using SIEM tools, such as Microsoft Sentinel - Experience with data migration strategies across SIEM platforms - Experience on Cloud Security Operations and Incident Response platforms such as Wiz - In-depth understanding of cyber threats, vulnerabilities, and attack vectors - Proficient in creating KQL queries and custom alerts within Microsoft Sentinel - Expertise in developing SIEM use cases and detection rules - Skilled in incident response and management procedures - Experienced in conducting deep-dive investigations and root cause analysis for incidents - Adept at collaborating with stakeholders to resolve complex cybersecurity challenges - Ability to automate routine SOC processes to enhance operational efficiency - Experienced in mentoring and guiding junior analysts in security operations - Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: - Excellent interpersonal (self-motivational, organizational, personal project management) skills - Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System - Ability to analyze cyber threats to develop actionable intelligence - Skill in using data visualization tools to convey complex security information Academic Qualifications: - Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) - 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management - Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks - Experience with SIEM migration - Expertise in incident response, threat detection, and security monitoring - Solid understanding of Windows, Linux, and cloud security concepts - Relevant certifications (e.g., CompTIA Security+, Microsoft Certified: Security Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred - Preferred Security Cloud Certifications: AWS Security Specialty Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment. An online application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At: www.zs.com,

Role & responsibilities : Level 2 SOC Analyst Role Overview: A Level 2 SOC Analyst is responsible for more advanced threat detection and incident response. They handle escalated incidents from Level 1 analysts and perform in-depth analysis to mitigate security threats. Key Responsibilities: Monitor security alerts and notifications generated by security tools and escalated by L1 team Conduct in-depth analysis of security events and incidents to determine their impact and severity, and escalate as necessary according to established procedures Investigate and triage security incidents, including analyzing log data, network traffic, and other relevant information to identify indicators of compromise (IOCs) and determine the root cause Develop and maintain incident response playbooks, procedures, and documentation to ensure consistency and efficiency in incident handling processes Collaborate with threat intelligence analysts to stay informed about emerging threats, vulnerabilities, and attack techniques, and incorporate this knowledge into security monitoring and response activities Configure and manage security tools and technologies to enhance threat detection and response capabilities. Skills and Qualifications: Education: Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field. Experience: 2-4 years of experience in SOC operations and incident response. Experience in CrowdStrike SIEM and EDR preferred. Google SecOps , Crowdstrike NGSIEM Analytical Skills: Strong ability to analyze complex security data and identify patterns or anomalies. Documentation: Maintain detailed records of incidents, including analysis, response actions, and lessons learned. Develop SOC Runbooks. Communication Skills: Excellent verbal and written communication skills for documenting incidents and collaborating with team members. Problem-Solving: Ability to think critically and solve complex security issues. Certifications (Preferred): Certifications such as CompTIA Security or Certified Ethical Hacker (CEH) or similar. Work Environment: Typically works in a security operations center. May require shift work to provide 24/7 monitoring.

Key Responsibilities : Threat Detection & Response Security Monitoring Incident Response Threat Intelligence: Vulnerability Management Security Automation Compliance & Risk Management Security Assessments Collaboration:

Key Responsibilities: Incident Detection & Response: Monitor security alerts and events through SIEM tools to identify potential threats. Investigate security incidents and respond in a timely and effective manner. Leverage EDR (Endpoint Detection and Response) solutions for threat detection and incident analysis. Threat Analysis & Mitigation: Conduct thorough threat and malware analysis to identify and mitigate risks. Work closely with internal teams to investigate malware, viruses, and ransomware threats. Use CrowdStrike , Defender , and other endpoint security tools to prevent attacks. Email Security Management: Monitor and manage email security systems to prevent phishing, spam, and other malicious email threats. Respond to suspicious email alerts and work with other teams to resolve them. Continuous Monitoring & Alerting: Actively monitor systems, networks, and applications for any signs of suspicious activities. Utilize Endpoint Security solutions to continuously track and protect endpoints across the network. Collaboration & Reporting: Work closely with the IT and security teams to assess, analyze, and resolve security incidents. Maintain detailed documentation of incidents, findings, and responses for future reference. Regularly report on the status of ongoing security incidents and trends to senior management. Research & Knowledge Enhancement: Stay updated with the latest security threats, vulnerabilities, and trends. Participate in security training and development to improve skills in SIEM , EDR , and other security tools. Required Skills and Qualifications: Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills. Preferred Qualifications: Security certifications like CompTIA Security+ , CISSP , CEH , or GIAC are a plus. Experience with incident response and forensic investigation. Familiarity with cloud security in AWS, Azure, or Google Cloud.

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary We are seeking a highly experienced and technically proficient Cloud Security Specialist to lead and advise on the implementation, optimization, and governance of cloud security solutions across Microsoft CASB and CSPM platforms. The ideal candidate will bring deep expertise in cloud security architecture, policy management, and incident response across AWS, Azure, and GCP environments. This role is critical in ensuring the organizations cloud infrastructure remains secure, compliant, and resilient.Roles and ResponsibilitiesCloud Access Security Broker Microsoft CASB:Provide subject matter expertise in the deployment and optimization of Microsoft CASB.Lead continuous and real-time monitoring to detect and mitigate malicious activity across cloud services.Oversee the development and refinement of built-in policies and templates.Manage configuration and policy lifecycle:additions, updates, and deletions.Support and guide security incident investigations using CASB insights and telemetry.Cloud Security Posture Management (CSPM):Continuously assess and monitor cloud assets in AWS, Azure, and GCP for misconfigurations and non-standard deployments using Divy Cloud.Define and enforce mandatory security policies for newly released cloud services.Maintain and evolve cloud compliance policies in alignment with enterprise security requirements.Analyze and prioritize alerts and incidents related to cloud workloads; guide resolution strategies.Manage the full lifecycle of cloud security incidents, including escalation and root cause analysis.Generate and present executive-level and technical reports on vulnerabilities and compliance posture.Govern RBAC policies and oversee cloud role entitlements across platforms.Maintain cloud network security policies and ensure alignment with architectural standards.Provide expert remediation guidance to DevOps and development teams, promoting secure-by-design practices.Deliver regular reporting and insights on cloud security posture and trends.Primary SkillCloud Security Architecture and Operations CASBExperience8+ years of experience in cybersecurity, including substantial hands-on expertise in cloud security as a Specialist or in an advisory capacity.Demonstrated ability to lead cross-functional initiatives and influence cloud security posture across large-scale environments.Strong analytical and communication skills with the ability to translate technical risks into business impact. Educational QualificationBachelors degree in computer science, Information Security, or related field (masters preferred).Industry certifications are strongly preferred:CCSP / CISM or other relevant cloud and security certifications.Security certifications such as AWS/Azure Security Specialty or Microsoft Defender for Cloud Apps. Professional & Technical SkillsCASB (Cloud Access Security Broker):Real-time threat monitoring, policy lifecycle management, incident triage and investigation using Microsoft CASB.Cloud Security Posture Management (CSPM):Continuous assessment of multi-cloud environments (Azure, AWS, Ali Cloud) for misconfigurations and compliance gaps using DivvyCloud; enforcement of cloud security policies and RBAC governance.Cloud Security Operations:Alert triage, incident lifecycle management, and remediation support for DevOps teams; generation of executive-level vulnerability and compliance reports.Cloud Network & Identity Security:Role-based access control (RBAC) policy management, cloud network segmentation, and enforcement of security baselines across cloud platforms.Tools & Platforms:Microsoft CASB, Divy Cloud, Tripwire, Azure, AWS, Ali Cloud.Must-Have Skills: Real-time monitoring of user activity in CASB and data movement in cloud apps.Policy enforcement for data loss prevention (DLP), access control, and threat protection.Integration with Microsoft Defender and other security tools for incident response.Continuous assessment of cloud resources for misconfigurations using Divvy Cloud.Automated remediation workflows and policy enforcement.Role-based access control (RBAC) and cloud network security management.Generating compliance and vulnerability reports for audits and executive review.Networking, encryption, and logging best practices.Good-to-Have Skills: Experience with containers and Kubernetes securityFamiliarity with Infrastructure as Code (IaC) securityCloud-native security tools (e.g., AWS Config, Azure Policy, GCP Security Command Center). Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Competitor Analysis Good to have skills : Security Architecture DesignMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :To drive competitive intelligence initiatives focused exclusively on cybersecurity services. This role supports strategic stakeholders by delivering deep-dive insights on peer organizations in the cybersecurity services space. The analyst will research, track, and interpret competitor strategies, offerings, market moves, and client positioning to inform go-to-market actions and service differentiation. Roles & Responsibilities:Conduct in-depth competitive research on global and regional cybersecurity service providers, including consulting-led firms, MSSPs, and niche players.Develop and maintain competitor profiles that include service offerings (e.g., MxDR, Identity & Access Management, Cloud Security, OT Security), delivery models, alliances, certifications, and client segments.Monitor market movements such as deal wins/losses, acquisitions, leadership changes, analyst rankings, investments, and capability launches.Support the creation of battle cards, SWOT analyses, benchmarking reports, and win-loss summaries tailored to specific cybersecurity service lines.Track and interpret positioning of competitors across analyst reports (e.g., Gartner, IDC, Forrester, ISG, HFS, Everest Group) and translate these insights for sales, marketing, and delivery teams.Collaborate with internal stakeholders (e.g., Client account teams, Cyber industry leads, MU leads) to refine competitive narratives and validate field intel.Contribute to periodic competitive landscape reports and newsletters focused on trends in the cybersecurity services market.Maintain an internal repository of intelligence assets, including slides, transcripts, and data extracts for easy consumption and reuse. Professional & Technical Skills: -Basic understanding of cybersecurity domains such as threat detection, managed services, incident response, IAM, and zero trust.Proficiency in secondary research techniques and comfort with navigating open-source and premium databases (e.g., Gartner, IDC, LinkedIn, company filings).Strong analytical mindset with the ability to structure insights from fragmented data points.Excellent PowerPoint and business writing skills able to write succinct, executive-ready outputs.Comfort working in a fast-paced environment, balancing ad hoc requests with structured deliverables.A collaborative mindset with a willingness to learn from technical and business stakeholders. Additional Information:- The candidate should have minimum 3 years of experience in Competitor Analysis.- This position is based at our Bengaluru office.- A 15 years full time education is required.Exposure to market intelligence or strategy support functions within a services organization is a plus.Understanding of cybersecurity services value chain:advisory, implementation, and managed services.Familiarity with analyst frameworks like Gartner Magic Quadrants, Forrester Waves, and ISG Provider Lens in cybersecurity. Qualification 15 years full time education