565 Incident Response Jobs - Page 9

Role & responsibilities Incident Management: Lead the end-to-end incident response lifecycle, including detection, analysis, containment, eradication, and recovery. Threat Investigation: Analyze and investigate a variety of attack vectors, such as: Identity attacks include credential abuse, privilege escalation, and MFA bypass. Web Attacks: SQL injection, cross-site scripting (XSS), remote code execution. Network Attacks: DDoS, lateral movement, traffic manipulation. Cloud Threats: IAM misconfigurations, exposed services, container security vulnerabilities. Collaboration & Coordination: Work closely with SOC analysts, threat intelligence teams, forensics, and engineering groups during and after security incidents. Root Cause Analysis: Conduct comprehensive investigations to determine the root cause of incidents and provide actionable remediation recommendations. Preferred candidate profile A minimum of 5 years of hands-on experience in cybersecurity incident response or security operations. Proven expertise in investigating and mitigating incidents across one or more areas: identity, web, network, or cloud. Proficiency with SIEM, EDR, and SOAR tools (e.g., Splunk, Sentinel, CrowdStrike). Experience in hybrid or cloud-first environments (AWS, Azure, or GCP). Strong understanding of frameworks and methodologies such as MITRE ATT&CK, the cyber kill chain, and threat modeling.

Level 3 SOC Responder Role Overview: A Level 3 SOC Analyst is responsible for advanced threat detection, incident response, and continuous monitoring of security events. They lead investigations, coordinate responses, and mentor junior analysts, ensuring the security and integrity of information systems. Key Responsibilities: Lead the investigation and response to complex security incidents, including advanced persistent threats (APTs), malware outbreaks, and insider threats Liaison between SOC and customer Incident response team to handle complex incidents Document security incidents, investigative findings, and remediation activities in accordance with established incident response procedures and protocols Suggest SIEM rule finetuning to reduce false positive alerts Develop standard operating procedures (SOPs) Perform quality review of the alerts handled by L1 and L2 Track KPIs and create dashboards for executive briefing Provide guidance and mentorship to junior SOC analysts, imparting knowledge and best practices in incident detection, analysis, and response. Conduct training sessions and workshops to enhance the skills and capabilities of SOC team members Skills and Qualifications: Education: Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field. Experience: 7+ years of experience in SOC operations, incident response, and threat hunting. Experience in CrowdStrike SIEM and EDR preferred. Certifications (Preferred): Relevant certifications such as CISSP, CEH, GCIH, or similar. Problem-Solving Skills: Excellent problem-solving skills and attention to detail. Communication Skills: Strong communication skills, both written and verbal. Work Environment: Typically works in a security operations center. May require shift work to provide 24/7 monitoring. Looking for immediate joiner

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : Microsoft Azure SentinelMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security expertise to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will also monitor security systems and respond to incidents, all while staying updated on the latest cyber threats and security technologies to effectively safeguard the organizations information and infrastructure. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance the organization's security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM).- Good To Have Skills: Experience with Microsoft Azure Sentinel.- Strong understanding of security protocols and best practices.- Experience in incident response and threat hunting.- Familiarity with network security technologies and tools. Additional Information:- The candidate should have minimum 3 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Senior Security Engineer your typical day will involve security platform related activities on Microsoft Sentinel, providing end to end investigation on health monitoring and platform monitoring. You will also engage in proactive monitoring of security systems to analyze and respond to incidents effectively and normalize the log source and use case finetuning activities. Roles & Responsibilities:- Develop and deploy use case -New log source onboarding to SIEM-Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify gaps in the configuration and detections of false positives.- Develop and implement security policies and procedures to safeguard information, inclusive of optimization of analytic rules. Professional & Technical Skills- Microsoft Sentinel:Hands-on experience with SIEM/SOAR, including KQL query development, alert tuning, and automation with Logic Apps.- Expertise in Devops and Terraform to mange pipeline and infrastructure deployment.-Platform and Healthmonitorng incident investigation and deployment. -Required knowledge Entra ID management.-Managing Cribl and Logstash pipeline for log source onboarding.-Strong understanding of incident response and threat management.-Experience with security monitoring tools and technologies.-Able to manage requests, incidents, and changes on ServiceNow as per service management process.-Familiarity with scripting (PowerShell, KQL), infrastructure-as-code, and automation tools is a plus.-Required active participation/contribution in team discussions-To be a part of audits and service improvement activities within the team- threat hunting, MDE and use case engineering experience- Knowledge of security frameworks like MITRE.- Deliver security solutions using Microsofts security stack, with a focus on Microsoft Defender for Cloud, Endpoint, Identity, Azure Firewall, and Microsoft Sentinel.-Implement and operationalize MDC for cloud security posture management and workload protection.-Support deployment and ongoing management of MDE for endpoint threat detection and response.-Integrate MDI into customer environments to monitor identity-related threats and provide remediation recommendations.- Ability to analyze security incidents from L2/L3 perspective as well as developing effective response strategies.-Knowledge of network security protocols and best practices. Additional Information:- The candidate should have minimum 6 years of experience in Microsoft Azure Security suite.- This position will be operated from Bengaluru location.-A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure and efficient cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on cloud security practices.- Monitor and evaluate the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of identity governance and administration.- Experience with risk assessment and management methodologies.- Familiarity with security incident response and management. Additional Information:- The candidate should have minimum 7.5 years of experience in SailPoint IdentityIQ.- This position is based at our Coimbatore office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for an experienced and detail-oriented Security Delivery Associate Manager to support the planning, implementation, and delivery of cybersecurity services across Microsoft security technologies. will play a key role in delivering secure, scalable, and compliant security solutions for internal stakeholders or clients. Roles & responsibilities:The ideal candidate will have practical expertise in Microsoft Sentinel, Cribl, Logstash, Devops, Terraform, Logsource onboarding, ASIM Parsing Deliver security solutions using Microsofts security stack, with a focus on Microsoft Sentinel Platform Management.Translate business and technical requirements into well-architected security solutions and support delivery from design to deployment.Managing Cluster with multiple clients Lead and manage cross-functional teams, ensuring effective collaboration, communication, and alignment with business objectives. Responsible for team decisions.Engage with multiple teams and contribute on key decisions.Develop and implement security strategies.Conduct security assessments and audits.Stay updated on the latest security trends and technologies.Configure and fine-tune Microsoft Sentinel, develop analytics rules, workbooks, playbooks, and maintain alerting mechanisms.Coordinate with engineering, operations, and risk teams to ensure consistent and secure delivery of services.Create technical documentation, deployment guides, and knowledge transfer materials for clients or internal teams.Collaborate with project managers and stakeholders to ensure timely and successful delivery of security services.Contribute to continuous improvement initiatives and automation of delivery processes. Professional & Technical Skills: Strong client-facing and stakeholder engagement capabilities.Excellent organizational and project coordination skills.Ability to clearly communicate technical information to both technical and non-technical audiences.Proactive mindset with a focus on security service quality and consistency.Experience working in delivery frameworks such as Agile, ITIL. Microsoft Sentinel:Hands-on experience with SIEM/SOAR, including KQL query development, alert tuning, and automation with Logic Apps.Configure and fine-tune Microsoft Sentinel, develop analytics rules, workbooks, playbooks, and maintain alerting mechanisms.Able to manage key vault and secret rotation Required knowledge Entra ID management.Required knowledge in Log source optimizationASIM parsing and normalizationManaging Cribl and Logstash pipeline for log source onboarding.Strong understanding of incident response and threat management.Familiarity with scripting (PowerShell, KQL), infrastructure-as-code, and automation tools is a plus.Able to manage requests, incidents, and changes on ServiceNow as per service management process.Required active participation/contribution in team discussionsTo be a part of audits and service improvement activities within the teamSentinel data modelling experienceExperience in designing and implementing security solutions. Deliver security solutions using Microsofts security stack, with a focus on Microsoft Defender for Cloud, Endpoint, Identity, Azure Firewall, and Microsoft Sentinel.Implement and operationalize MDC for cloud security posture management and workload protection.Support deployment and ongoing management of MDE for endpoint threat detection and response.Integrate MDI into customer environments to monitor identity-related threats and provide remediation recommendations.Knowledge of network security protocols and best practices.Hands-on experience with security tools and technologies. Additional Information:The candidate should have a minimum of 10+ years of experience in Managed Cloud Security Services.This position will be operated from Bengaluru location.A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the architecture aligns with organizational objectives, while also addressing any emerging security challenges in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate and recommend new security technologies and tools to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and best practices.- Experience with threat detection and incident response methodologies.- Familiarity with security frameworks such as NIST, ISO 27001, and CIS.- Ability to analyze security incidents and develop effective remediation strategies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Governance, Email Security Good to have skills : Security Information and Event Management (SIEM)Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Expand your expertise in security governance and contribute to enhancing organizational security measures. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Enhance security protocols for data protection- Conduct regular security audits and risk assessments- Implement and maintain security governance policies Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Governance, Email Security- Good To Have Skills: Experience with Security Information and Event Management (SIEM)- Strong understanding of security frameworks and compliance standards- Knowledge of threat intelligence and incident response- Experience in implementing security controls and measures- Ability to analyze and mitigate security vulnerabilities Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Governance.- This position is based at our Chennai office.-A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the architecture aligns with organizational objectives, while also addressing any emerging security challenges in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Monitor and evaluate the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and frameworks.- Experience with security incident response and threat intelligence.- Familiarity with security compliance standards and regulations.- Ability to analyze security risks and develop mitigation strategies. Additional Information:- The candidate should have minimum 5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Platform engineering lead you will design, implement, and manage Microsoft Sentinel security solutions including analytics rules and automation workflows. Collaborate across teams to align threat detection and response with compliance, while ensuring integration with Microsoft and third-party security tools. Roles & Responsibilities:-Design and implement Microsoft Sentinel solutions including workspace configuration, data ingestion, and role-based access control.-Develop and tune analytics rules, workbooks, and hunting queries using KQL (Kusto Query Language).-Integrate various log sources (Azure, Microsoft 365, on-premise systems, third-party security tools) using built-in and custom connectors.-Create custom workbooks and dashboards for security visibility, KPIs, and executive reporting.-Build and maintain automation workflows using Logic Apps for incident enrichment, notification, and response.-Collaborate with SOC teams, cloud architects, and compliance teams to align monitoring with threat models and regulatory requirements.-Participate in incident response by investigating and analyzing alerts and security events within Sentinel.-Ensure integration with Microsoft Defender Suite (MDE, MDI, MDC, O365) and third-party SIEM/SOAR tools as needed.-Provide documentation, knowledge transfer, and ongoing Sentinel tuning and support. Professional & Technical Skills: - Must Have Skills: Proficiency in Microsoft Azure Security, including Microsoft sentinel, Microsoft Defender XDR and KQL and have a good understanding of Microsoft Defender solution platform for MDE, MDI, XDR, MDA and MDO. Must have capability to develop sentinel bases solutions with KQL queries.- Good to have Skills: Google SecOps MxDR solution.- Strong understanding of cloud security principles and best practices.- Experience with security tools and technologies on Microsoft Azure. Multi-Cloud experience will be additional.- Knowledge of security frameworks like MITRE.- Ability to analyze and develop use cases L3 perspective as well as developing effective response strategies. Additional Information:- The candidate should have minimum 5 years of experience in Microsoft Azure Security suite.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for an experienced and detail-oriented Security Delivery Specialist to support the planning, implementation, and delivery of cybersecurity services across Microsoft security technologies. The ideal candidate will have practical expertise in Microsoft Sentinel, Cribl, Logstash, Devops, Terraform will play a key role in delivering secure, scalable, and compliant security solutions for internal stakeholders or clients. Roles & responsibilities:Deliver security solutions using Microsofts security stack, with a focus on Microsoft Sentinel Platform Management.Translate business and technical requirements into well-architected security solutions and support delivery from design to deployment.Configure and fine-tune Microsoft Sentinel, develop analytics rules, workbooks, playbooks, and maintain alerting mechanisms.Coordinate with engineering, operations, and risk teams to ensure consistent and secure delivery of services.Create technical documentation, deployment guides, and knowledge transfer materials for clients or internal teams.Collaborate with project managers and stakeholders to ensure timely and successful delivery of security services.Contribute to continuous improvement initiatives and automation of delivery processes. Professional & Technical Skills: Strong client-facing and stakeholder engagement capabilities.Excellent organizational and project coordination skills.Ability to clearly communicate technical information to both technical and non-technical audiences.Proactive mindset with a focus on security service quality and consistency.Experience working in delivery frameworks such as Agile, ITIL.Microsoft Sentinel:Hands-on experience with SIEM/SOAR, including KQL query development, alert tuning, and automation with Logic Apps.Able to manage key vault and secret rotation Azure Devops, Github, CICD, Terraform.Required knowledge Entra ID management.Managing Cribl and Logstash pipeline for log source onboarding.Strong understanding of incident response and threat management.Experience with security monitoring tools and technologies.Able to manage requests, incidents and changes on ServiceNow as per service management process.Familiarity with scripting (PowerShell, KQL), infrastructure-as-code, and automation tools is a plus.Required active participation/contribution in team discussionsTo be a part of audits and service improvement activities within the teamthreat hunting, MDE and use case engineering experienceKnowledge of network security protocols and best practices.Experience in designing and implementing security solutions. Deliver security solutions using Microsofts security stack, with a focus on Microsoft Defender for Cloud, Endpoint, Identity, Azure Firewall, and Microsoft Sentinel.Implement and operationalize MDC for cloud security posture management and workload protection.Support deployment and ongoing management of MDE for endpoint threat detection and response.Integrate MDI into customer environments to monitor identity-related threats and provide remediation recommendations.Knowledge of network security protocols and best practices. Additional Information:The candidate should have a minimum of 7+ years of experience in Managed Cloud Security Services.This position will be operated from Bengaluru location.A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure that security architecture aligns with business objectives and regulatory requirements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat detection methodologies.- Knowledge of compliance requirements related to cloud security. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:1)Design and implement Microsoft Sentinel architecture, including data connectors, analytics rules, and workbooks.2)Integrate Sentinel with various data sources, including Azure services on-premises systems, and third-party security products.3)Develop and maintain data connectors, APIs and custom integrations.4)Configure and optimize incident response workflows, including automated response actions and playbooks.5)Collaborate with security operations teams to implement Sentinel-based security monitoring and incident response processes.6)Provide training and support to security teams on Sentinel features and functionality7)Continuously monitor and optimize Sentinel performance, scalability, and reliability8)Develop and maintain custom dashboards, reports, and workbooks to provide security insights and metrics. 9)Integrate Azure Logic Apps with Azure Sentinel to automate security workflows and incident response.10)Develop custom connectors for Logic apps to integrate with Azure Sentinel and other security tools. 11)Collaborate with security teams, developers, and operation teams to ensure seamless integration and deployment of Logic Apps with Azure Sentinel12)Configure and maintain Sentinel workspaces, including data connectors, analytics rules. 13)Optimize Sentinel workspace performance, scalability, and security.14)Develop and maintain reports and dashboards to provide visibility into security metrics and trends.15)Strong knowledge of KQL and experience writing complex queries. Proficiency in Microsoft Sentinel, Azure Security Center and Azure Monitor- Experience with data analytics, machine learning, and threat intelligence. Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Sentinel SIEM & KQL query- Strong understanding of cloud security principles- Experience in designing and implementing security solutions for cloud environments- Knowledge of security compliance standards and regulations- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Splunk Security Information and Event Management (SIEM)- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :This Role is responsible for leading SOC operations, focusing on threat detection, incident response, and security monitoring using Microsoft Sentinel as the primary SIEM platform. This role demands deep expertise in Sentinel architecture, rule creation, workbook/reporting, and playbook orchestration (Logic Apps), along with proven experience in m anaging SOC analysts, ensuring SLA adherence, and driving continuous improvement in security operations Roles & Responsibilities:-Lead 24x7 SOC operations using Microsoft Sentinel.-Develop and tune KQL analytics rules, workbooks, and SOAR playbooks (Logic Apps).-Manage Sentinel data connectors (M365, Azure, Defender suite).-Respond to and lead major incidents and investigations.-Guide and mentor L1-L3 analysts.-Collaborate with threat intel and compliance teams.-Own reporting, metrics, and client governance interactions.-Improve SOC processes and reduce false positives. Professional & Technical Skills: --Cybersecurity experience with at least 3+ years in SOC leadership.-Hands-on expertise with Microsoft Sentinel, KQL, Logic Apps, Microsoft Defender Suite.-Strong understanding of incident lifecycle, MITRE ATT&CK, and SOAR workflows.-Familiarity with regulatory standards like ISO 27001, NIST, and Azure security best practices.-Excellent communication, reporting, and team management capabilities. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

We have excellent opening for the position of Incident Coordinator (Thane) Qualification : Any graduate Experience: 2 to 6 Yrs Job Location: Mumbai (Thane) JD as follows Receiving and logging incidents. Categorizing and prioritizing incidents. Facilitating communication between different teams. Monitoring the progress of incident resolution. Verifying the resolution of incidents with end-users. Ensuring incidents are closed properly. Creating and maintaining knowledge articles based on incident resolution. Conducting regular reviews of incident management processes. Assisting in the development of incident response plans. Ensuring compliance with Service Level Agreements (SLAs). About Company Team Computers is a bridge between business needs and the world of IT solutions. We see ourselves as trusted solutions partner.We understand your needs, Identify-Integrate-Support High quality, affordable IT Solutions in Hardware, Software, Services, Mobility, Analytics and Cloud with Speed, Flexibility and an attitude of Sewa. Founded in 1987 by Ranjan Chopra , an alumnus of IIT-Kanpur, it has emerged as a leading IT Infrastructure and Information Solution Provider in the last three decades. With a turnover of 3000+ Cr , having 25+ offices across India and 4,000+ members, we have served 2500+ customers over a span of 36+ years. If you are interested in this opening please send your updated resume with following details on rahul.bhole@teamcomputers.com Experience Current CTC Expected CTC Notice Period Thanks & Regard, Rahul Bhole

Role & responsibilities : Process Must be honest and hard working with a high degree of integrity. Must be of good character and display loyalty towards Linfox. Must possess good communication skills. Must be able to read & write in both English and Local language. Must be in good health and possess a basic level of physical fitness. Must be capable of performing in a disciplined environment (able to follow and comply with written or verbal lawful instructions). Must be capable of working in a team environment. Must be able to propagate and ensure the Linfox Safety Standards are being always complied to. Must have a clear understanding of anti -bribery legislation and be able to deal confidently with enforcement bodies. Capable of motivating personnel under your control. Capable of providing confidence in others that they have the ability to provide good, high-level of Leadership and direction. Must be able to perform duties to a high standard when under pressure or in stressful situations. Must possess sound judgment and good decision-making skills. Must be capable of establishing and maintaining good relationships with Local Police, Government Officials and Customers. Must be capable of providing verbal briefings to various interested parties. Able to record lagging indicators/ root cause for accidents & incidents involving the following against set targets, and corrective actions taken: Third parties. Vehicles and fleet Operators. Carries out site Security reviews / security audits. Carry our detailed audit process on subcontract transport companys giving accurate findings to senior management. Establishes regular communication with Site Manager / National Security Operations & Compliance Manager to share best practices. Meets regularly with unit Operations team to track and monitor Compliance. Maintains regular dialogue with Unit Management to communicate the Security agenda and goals. Make sure that all Incidents, accidents & near miss are reported & investigated. To transform Vision Zero” to reality”. this includes Security Inductions for new site staff that covers the above points. Customer Works In partnership with Unit Managers, ensure that all Security & Safety processes are in place. Conducts detailed investigations in line with Linfox Standards. People Works closely with Site Operations Manager / National Security Operations & Compliance Manager to identify and mitigate Risks. Influences and ensures that Unit Operation processes comply with LINFOX Group and related local Legal requirements, as well as Industry best practices. Ensures unit line personnel understand these Standards and gain commitment from staff to these Standards. Work closely with Site Manager to develop plans, programmes, and performance measures. Meets regularly with key stakeholders to track progress and identify areas for improvement; ensures local practices are in line with LINFOX Group practices and local legislation. Regularly meets with Unit Operations Management/ Supervisory team to track Safety Kannad Language is mandatory

Incident Response - security incidents detection platforms SIEM, IDS/IPS, endpoint tools Threat intelligence - Collect, analyze, and process from internal and external sources to identify and track emerging threats Monitor cyber threat trends Required Candidate profile 6+ years exp Cybersecurity, incident response threat intelligence. Attack frameworks MITRE ATTACK, Diamond Model, Unified Kill Chain APT actors and their TTPs Threat intelligence platforms

About Qylis Qylis is a leading provider of innovative cybersecurity solutions. We are committed to empowering organizations to safeguard their digital assets, mitigate cyber threats, and optimize their operations. Job Description As the Cybersecurity Department Head, you will play a pivotal role in driving the growth and success of our cybersecurity practice. You will be responsible for overseeing a wide range of services, including Security Operations Center (SOC), Managed Detection and Response (MDR), Extended Detection and Response (XDR), Vulnerability Assessment and Penetration Testing (VAPT), Digital Forensics, Pre-sales, Client Management, and Cyber Forensics. Key Responsibilities: • Strategic Leadership: Develop and execute a comprehensive cybersecurity strategy aligned with Qylis' overall business objectives. Identify emerging trends and technologies in cybersecurity to drive innovation and competitive advantage. Foster strong relationships with key stakeholders, including clients, partners, and industry experts. Practice Development: Build and scale high-performing cybersecurity teams through effective recruitment, training, and development. Ensure the cybersecurity team delivers high-quality services across SOC, MDR, XDR, VAPT, Cyber Forensics, and Incident Response (IR). Sales and Business Development: Lead pre-sales activities, including solution demonstrations, proposals, and RFP responses, for cybersecurity services. Identify and pursue new business opportunities, leveraging your deep understanding of the cybersecurity market. Collaborate with the sales team to drive revenue growth and achieve sales targets. Customer Success: Ensure high levels of customer satisfaction through exceptional service delivery and proactive support for cybersecurity services. Manage client relationships, address concerns, and identify upsell and cross-sell opportunities. Conduct regular business reviews with key clients to assess performance and identify areas for improvement. Technical Expertise: Possess a deep understanding of cybersecurity principles, technologies, and industry best practices. Stay up to date with the latest threats, vulnerabilities, and mitigation techniques in the cybersecurity domain. Provide technical guidance to the team and contribute to the development of innovative security solutions. Qualifications and Experience: • Proven track record in leading and growing successful cybersecurity practices. • Extensive experience in SOC, MDR, XDR, VAPT, Cyber Forensics, and Incident Response (IR). • Strong technical expertise in cybersecurity technologies and frameworks. • Experience in managing client relationships and delivering pre-sales solutions. • Excellent communication, presentation, and interpersonal skills. • Strong leadership and team management skills. • A passion for cybersecurity and a commitment to delivering exceptional results. • Advanced certifications (e.g., CISSP, CISM, CISA) are highly valued.

Implement, monitor, and enhance IT security infrastructure; manage SIEM, endpoint protection, vulnerability scanning, and incident response within IT environments. Required Candidate profile Experienced IT security professionals with strong knowledge of enterprise cybersecurity tools, SIEM, firewalls, and security standards like NIST, ISO 27001.

Role & responsibilities Content Specialist, along with Assessment Process Specialist, is expected to prepare incident documents. Forecasting Less focus on data analysis; more on coordination, collating program components from various teams. Project & Workflow Management (with Tools) Streamline and monitor operational workflows for efficiency. Plan and track development activities and deliverables. Use tools like Power BI, Smartsheet, Microsoft Project, and Jira for scheduling, reporting, and issue tracking. Align project timelines with master schedules and update key stakeholders. Lead or participate in team meetings to communicate progress and resolve issues. • Meeting & Committee Coordination Plan and schedule committee meetings and facilitator training. Coordinate preparation and shipping of meeting materials. • Stakeholder Communication & Liaison Liaise with ETS staff, vendors, clients, and internal teams. Serve as a contact for business units, professional services, and operations. May support clients and candidates with program guidance and representation. • Schedule & Budget Tracking Prepare and monitor project timelines and deliverables (e.g., recordings, test forms, exports). Support budget development (cost and staffing estimates). Track project expenses and revise monthly forecasts. • Documentation & Quality Management Support documentation and tracking in the Quality Management System. Assist with test-related materials (reports, proposals, surveys). Oversee copyright activities for assigned groups. Preferred candidate profile Strong communication skills are essential. Assessment Process Specialist, along with Content Specialist, is expected to prepare incident documents. Academia or EdTech background is preferred. Power BI preferred (though not mandatory). Forecasting Less focus on data analysis; more on coordination, collating program components from various teams.

Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune . We are looking for candidates with 3 + years of experience in below skills - Primary skills : GSOC SIEM Splunk Incident Response Interested candidates for above position kindly share your CVs on chitralekha.so@peoplefy.com with below details - Experience : CTC : Expected CTC : Notice Period : Location :

Dear Candidate, Seeking a Security Automation Engineer to automate detection and remediation of threats. Key Responsibilities: Build SOAR workflows and automated playbooks. Monitor logs and alerts using SIEM tools. Respond to security incidents and conduct root cause analysis. Required Skills & Qualifications: Experience with tools like Splunk, XSOAR, Sentinel. Scripting in Python or Bash. Familiar with SOC and threat intel operations. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Novo Nordisk Global Business Services ( GBS) India DepartmentGlobal Information Security Advisory Are you passionate about IT security and eager to make a difference in safeguarding critical sys-temsDo you thrive in a global, collaborative environment where your exper-tise can help protect a leading healthcare organisationIf so, we invite you to join us as a Security Operations Analyst at Novo Nordisk. Read on and apply today for a life-changing career! About the Department The Global Information Security Advisory department is part of Digital, Data, and IT (DD&IT) at Novo Nordisk. Based in Denmark, our team operates globally with colleagues in India, Denmark, and the USA. We are a diverse group of experts specializing in areas such as network security, white hat hacking, cloud security, cryptography, and security operations. Our mission is to part-ner with the business to build security into processes and manage risks effectively. The atmos-phere is collaborative, innovative, and driven by a shared goal of protecting Novo Nordisks digital assets. The position As a Cybersecurity Analyst I, you will play a pivotal role in enhancing and maintaining the IT security posture at Novo Nordisk. Your responsibilities will include: Effectively monitor and manage IT security incidents by analyzing logs, identifying vulnerabilities, managing unauthorized user activity, and handling security notifications from users and regional teams to ensure timely resolution and ad-herence to SLAs. Analyzing and responding to suspicious and malicious emails received through the Phish alarm solution. Provide support to the Vulnerability Management Office (VMO) in the Critical Vul-nerability Response (CVR) process while collaborating with the GSO Data Analyt-ics team to en-hance the SIEM system's accuracy by reducing false positives, demonstrating strong analytical skills and a commitment to cybersecurity excel-lence Managing the Global Intrusion Defense (GID) system, ensuring services like log collection, intrusion detection, and vulnerability assessment are operational. Actively participates in incident response drills and the Major IT Security Incident Response Process (MSIRP), while engaging stakeholders to communicate risks, facilitate vulnera-bility remediation, and support global security initiatives. Qualifications Bachelor of Engineering with relevant IT experience and business experience. Overall 5+ years of core IT security experience with at least 3+ years in relevant security tool. Demonstrated proficiency in Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR) platforms, coupled with expertise in Windows Operating Systems and enterprise network security. Solid knowledge of Security Operations Center (SOC) operations with Standard Operating Procedure (SOP). Familiarity with forensics, Email Analysis and Cloud. Coordinate with internal teams and external stakeholders to manage the incident response process and collaborate cross-functionally to ensure adherence to secu-rity policies and procedures. Respond to and investigate security incidents such as data breaches, malware in-fections, and unauthorized access attempts while analyzing incidents to deter-mine root cause, scope, and impact. Develop and implement comprehensive incident response plans and procedures for timely and effective responses to security incidents. Security certifications like CEH etc (Good to have). About the Department The Global Information Security Advisory department is part of Digital, Data, and IT (DD&IT) at Novo Nordisk. Based in Denmark, our team operates globally with colleagues in India, Denmark, and the USA. We are a diverse group of experts specializing in areas such as network security, white hat hacking, cloud security, cryptography, and security operations. Our mission is to part-ner with the business to build security into processes and manage risks effectively. The atmos-phere is collaborative, innovative, and driven by a shared goal of protecting Novo Nordisks digital assets.

We are looking for a skilled Team Manager - IT Security with 5-8 years of experience to lead our team in Chennai. The ideal candidate will have a strong background in IT security and management.Roles and Responsibility Manage and oversee the implementation of IT security measures to ensure data integrity and confidentiality. Develop and implement incident response plans to mitigate potential security threats. Conduct regular security audits and risk assessments to identify vulnerabilities. Collaborate with cross-functional teams to ensure compliance with security policies and procedures. Provide training and guidance on security best practices to employees. Monitor and analyze security event logs to detect potential security incidents. Job Strong knowledge of IT security principles, including threat analysis and mitigation strategies. Experience with security information and event management (SIEM) systems. Excellent leadership and communication skills, with the ability to motivate and guide team members. Strong problem-solving skills, with the ability to analyze complex security issues. Ability to work in a fast-paced environment and adapt to changing priorities. Familiarity with industry standards and regulations related to IT security, such as HIPAA or PCI-DSS. Omega Healthcare Management Services Private Limited is a leading provider of healthcare management services, committed to delivering high-quality patient care and innovative solutions. We leverage technology and expertise in CRM/IT enabled services/BPO to drive business growth and improvement.

Lead Security Operations Engineer is a technical subject matter expert responsible for executing key functions of CDKs Security Monitoring and Response strategy with an automation first mindset. This individual plays a key technical role in our Security Operations organization and enables effective incident response via automated workflows and efficient threat detection content. Key Responsibilities : 1. Technical Leadership: Exemplify security principles and culture Develop, implement, and tune automation playbooks that enable incident response Effectively partner across security, technology, and business teams Provide technical leadership to the security operations team Develop effective metrics and use them to drive meaningful improvements 2. Automated Detection & Response Work with security operations team members to identify response actions which can be automated to drive efficiency throughout response Build automation workflows to contribute to auditable and efficient incident response Drive continuous improvement in CDKs detection capability using automation, threat and anomaly detection, coverage assurance, and external threat intelligence Build threat detection queries based on attacker techniques and threat intelligence Support and tune threat detection content and automation workflows based on metrics and security operations feedback 3. Incident Response: Develop incident response playbooks and drive response playbook automation, regularly test playbook effectiveness and drive improvement Lead response to medium or higher criticality impact security incidents in accordance with the incident response plan, and effectively coordinate with internal and external parties Effectively triage and identify root cause of security alerts and incidents Serve as a technical leader for significant security incidents Assure 24x7x365 incident response coverage and escalation processes Regularly update the list of likely security incident scenarios using external threat intelligence, collaboration with internal technology teams, and other data sources 4. Security Posture Improvement Use offensive security techniques and exercises to identify detection and response gaps and drive remediation Regularly practice incident response plans and procedures in collaboration with internal and external stakeholders Required Qualifications: Education: Bachelors degree in computer science, information security, or an equivalent experience Experience: Minimum of 6 years in cybersecurity, with at least 3 years in a developer role Expert technical expertise in python, javascript, and powershell Experience building SOAR workflows Experience building and tuning threat detection content Experience leading the response to enterprise security alerts and incidents Strong background in security monitoring, automation, and incident response, preferably in a complex SaaS environment Experience with SIEM tools, process automation, cloud environment monitoring, IDS/IPS, firewalls, EDR solutions, MDR/MSSP providers