113 Malware Analysis Jobs

Position : Senior LeadEngineer SOC Incident Responder Grade :E1 Location :Chennai JobDescription: Support cyber incident response actions to ensureproper assessment, containment, mitigation and documentation Perform in-depth analysis and investigative effortswhen events are escalated and determine next appropriatecontainment / remediation / eradication efforts. Research and Evaluate new technologies like Anti APTsolutions, SOAR, ,Deception technologies, Big Data forensic analytic tools, andassist in implementation of the same. Assist with defining and updating incident responseplaybooks to ensure tasks align with best practice Identify and propose areas for improvement within theSecurity Operations Centre. Responsible for driving execution of daily, weekly,and monthly metrics for statistical threats and KPIs. Coordinate with global stakeholder along with theSenior management during contingency scenarios/ high severity incidents toensure responsive actions are communicated in timely manner. ProfileDescription: Should have 7-11 years of specific InformationSecurity experience. Should have subject matter expertise in relevantareas, such as Incident Response, Forensic analysis, Malware analysis,Intrusion analysis and Crisis Management. Strong working knowledge on security tools, such asSIEM,AV,Vulnerability scanners,Proxies,WAF,Net flow,IDS and Forensic Tools. In-depth knowledge of malware families and networkattack vectors Demonstrated experience in an enterprise-levelincident response team or security operations centre. Log (network, security, access, OS, application, etc.) analysis skills and experience in relation to identifying and investigatingsecurity incidents. Strong knowledge of Operating System Internals (Linux,Windows. Etc) Should be familiar with security engineeringpractises, web/Application security, Cloud Security. Should have Scripting knowledge () Have sound analytical and problem solving skills Preferable be a GIAC,CISSP, CEH certified Professional Experience in product suites like Mcafee, Fireye,Crowd Strike, Cylance etc.

Key Responsibilities: - Billing Preparation & Submission: - Prepare Running Account (RA) Bills, Milestone-based Invoices and Final Bills based on project progress Compile supporting documents JMC (Joint Measurement Certificate), BOQ-wise summary, test reports and site sign-offs. Coordinate with Project/site teams for progress data and billing certification. Ensure compliance with contact terms and Rates Apply applicable taxes (GST, TDS, WCT) & upload invoices to Customer portal (If required). Billing Compliance & Documentation : - Ensure all bills meet customer audit requirement & contract clauses. Prepare & maintain :- Billing register, Site-wise billing tracker, Invoice-wise dispatch & acknowledgement record. Ensure timely submission of bills to Customer & follow-up for certification. Preparation report & deviation statement for amendment in BOQ. Monitoring of unbilled Stock & WIP for prompt billing and inventory control. Revenue Recognition & MIS:- Coordinate with accounts/finance to ensure revenue recognized on billed milestone. Maintain detailed billing status reports (Raised, Certificate, paid & Pending) Track billing vs plan and highlight delays or discrepancies. Candidate Requirements: - Education: - Graduate/Post Graduate (Preferred MBA or M. Com) Experience: 5+ years in Customer billing rolls in EPC infrastructure or telecom project. Strong knowledge of tax rules (GST & TDS), Invoice formats and work certification procedures. Software Skill: -ERP (Oracle/SAP) & MS Excel. Other Skill:- Attention to details, record-keeping, communication and team coordination. Preferred Background: - Experience with rural broadband projects. Familiarity with Gov billing documentation & process. Understanding of EPC contract, LD clauses, Price escalation & variatiosn.

SOC Analyst / Security Engineer - Vacancies for FRESHERS (Level-1 / Those who completed the courses or learnt on their own) & EXPERIENCED (Level-1 & Level-2 / Those who have experienced in Cyber Security Domain only) SOC Analyst / Security Engineer who is familiar or interested to work with Windows, Linux, and cloud environments technical skills. Any courses/certification like CompTIA Security+, GSEC, EC-Council Certified SOC Analyst (CSA), Microsoft SC-200(Security Operations Analyst Associate), Cisco Cyber Ops Associate, Splunk Core Certified User / Analyst are preferable. Responsibilities Capable of understanding the training & Nature of works on Job Responsibilities. Monitor and assess alerts generated by security monitoring systems such as SIEMs and EDR platforms. Analyze logs, network activity, and endpoint behavior to detect suspicious or malicious activity. Execute initial incident triage and escalate complex threats to senior teams as needed. Collaborate with internal teams on containment, eradication, and recovery processes. Maintain detailed records of security events and actions taken in internal tracking systems. Continuously fine-tune detection rules and alert thresholds to improve incident accuracy. Stay informed on the latest tactics, techniques, and procedures (TTPs) used by threat actors. Support proactive initiatives like threat hunting and vulnerability assessments. Contribute to red/blue team simulations and post-incident reviews. Help develop and refine operational playbooks and standard response workflows. Capable for Rotational shifts (Morning / Forenoon / Evening / Night) as its 24 X 7 organization & Adoptable for the working environment & Night Shifts. Maintain the System Security, identify threats and install / configure Software. Solid grasp of network protocols, endpoint defenses, and common attack vectors. Familiar with one or more SIEM solutions (e.g., Splunk, Sentinel, QRadar). Comfortable navigating both Windows and Linux environment. knowledge of cloud platforms & Malware analysis is a plus. Understanding of TCP/IP, DNS, HTTP, and common attack vectors Understanding of cybersecurity frameworks such as MITRE ATT&CK or NIST. Strong Interpersonal and Oral/Non-Oral English Communication skills to Handle Chats & Mails if needed. 1 to 3 years of experience in a SOC or technical security role is an added advantage. To be Sincere and Honest towards the Job Responsibilities. Perks and Benefits Other Allowances Negotiable Based on Availability & Experience. For clarification Contact - HR +91 87543 01002 jobs@oryon.in

Cybersecurity Incident Manager is responsible for managing and mitigating enterprise-level cybersecurity incidents leading the coordination and communication of incident response efforts. The main priorities are ensuring timely detection, containment, eradication, and recovery from cyber threats while minimizing operational disruptions. Key Responsibilities Monitor, detect, and respond to security incidents using various security tools and technologies. Execute containment, eradication, and recovery procedures during incidents to minimize impact and restore normal operations. Develop and maintain incident response playbooks and escalation procedures to ensure a consistent and efficient response to incidents. Collaborate with other IT and security teams to remediate vulnerabilities and improve the overall security posture. Prepare detailed and accurate incident reports and documentation for internal use and for external stakeholders, if necessary. Stay current with the latest threats, vulnerabilities, and security technologies to ensure effective detection and response capabilities. Serve as the primary coordinator during cybersecurity incidents, aligning efforts across technical and business teams. Conduct real-time analysis and correlation of security events from multiple sources including SIEM, IDS/IPS, firewalls, and endpoint security solutions. Perform in-depth investigation and analysis of security incidents, including malware analysis, forensic investigations, and reverse engineering. Participate in threat hunting activities to proactively identify and mitigate potential security risks. Stay informed about new threats and trends in cybersecurity to enhance response skills. Ensure compliance with the organization's incident response framework and regulatory requirements. Coordinate with Enterprise Risk Management, SOC, Legal, IT, Data Privacy, and other functions for a unified response. Collaborate with third-party vendors and MSSPs as needed. Act as the primary contact for incident updates to executive leadership and stakeholders. Generate comprehensive reports during and after incidents, including root cause analysis and mitigation strategies. Supervise the creation of post-incident reports and ensure that lessons learned are integrated into future planning strategies. Propose security improvements to prevent the reoccurrence of incidents. Perform regular tabletop exercises and simulations to train and prepare teams. Qualifications Bachelors degree in Computer Science, Information Security, or a related field, or equivalent work experience. At least 12+8 years of experience in a SOC or similar security-focused environment. Experience in managing large-scale cybersecurity incidents. Understanding of regulatory requirements and industry standards (e.g. GDPR, HIPAA, PCI-DSS). Proficient written and verbal communication skills. Strong hands-on experience with SIEM platforms (e.g. Palo Alto XSIAM, Splunk, QRadar), IDS/IPS systems, firewalls, endpoint security tools and service management tools (e.g. ServiceNow) Proficiency in conducting forensic investigations and malware analysis. Experience with scripting and automation tools (e.g., Python, PowerShell) to streamline incident response tasks. Deep understanding of network protocols, operating systems, and common attack vectors. Relevant certifications such as CISSP, CISA, CISM, CEH, or GIAC are highly desirable. Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment. Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

What You'll Do. Avalara, Inc. is the leading provider of cloud-based software that delivers a broad array of compliance solutions related to sales tax and other transactional taxes.. What is it like to work at Avalara?. Come find out! We are committed to the following success traits that embody our culture and how we work together to accomplish great things: Fun. Passion. Adaptability. Urgency. Simplicity. Curiosity. Humility. Ownership. Optimism.. Avalara is looking for Detection Engineer to join the Detection and Response Team. The ideal candidate will have a track record in incident response, demonstrating advanced technical expertise and leadership capabilities. Your role will be of an Incident Response Analyst, you will help protect Avalara. This includes detecting, investigating, and mitigating security incidents. You will also be a key contributor in improving our incident response capabilities.. You will report to Security leadership at Avalara. This is a remote position.. What Your Responsibilities Will Be. You will perform incident response activities and workstreams as the Incident Response Senior Analyst.. You will monitor security systems, including Intrusion Detection Systems (IDS), Endpoint Detection and Response (EDR) platforms, software firewalls, and Security Information and Event Management (SIEM) platforms. Gather and analyze evidence from affected systems, logs, and network traffic.. You will conduct detailed investigations of security incidents to determine the root cause, scope, and impact. Document all aspects of security incidents, including timelines, actions taken, and lessons learned.. Perform forensic analysis of compromised systems to identify the techniques and tactics used by attackers, or as directed by Legal.. Collaborate with cross-functional teams including Engineering, IT, Security Operations, Legal, HR, and Compliance to manage and mitigate incidents.. Strengthen KPIs and metrics for measuring response effectiveness and provide clear and consistent reporting to internal stakeholders.. Participate in rotating On Call shifts that utilize a paging system in case a security event requires attention.. What You’ll Need To Be Successful. 5+ years experience in Security Incident Response.. Experience across the information security domain, including familiarity with endpoint, email, network, cloud security, vulnerability management, incident response, and threat intelligence.. Experience with log analysis, network security, digital forensics, and incident response investigations.. Ability to script / code using Python or an equivalent language.. Bachelor's degree in computer science, information security, or relevant experience.. Certifications related to digital forensics and incident response. How We’ll Take Care Of You. Total Rewards. In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses.. Health & Wellness. Benefits vary by location but generally include private medical, life, and disability insurance.. Inclusive culture and diversity. Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship.. What You Need To Know About Avalara. We’re Avalara. We’re defining the relationship between tax and tech.. We’ve already built an industry-leading cloud compliance platform, processing nearly 40 billion customer API calls and over 5 million tax returns a year, and this year we became a billion-dollar business. Our growth is real, and we’re not slowing down until we’ve achieved our mission to be part of every transaction in the world.. We’re bright, innovative, and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. Ownership and achievement go hand in hand here. We instill passion in our people through the trust we place in them.. We’ve been different from day one. Join us, and your career will be too.. We’re An Equal Opportunity Employer. Supporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.. Show more Show less

Analyst Level 3 Security Operations Centre (SOC) Ways of working Full-time with rotational shifts and mandatory Work from Office Location: Embassy Tesh Village, Bangalore Year of Experience: 5+ years in a SOC or security operations environment, with at least 2 years in a senior or advanced analyst role, About The Team & Role As a Level 3 Security Operations Centre (SOC) Analyst, you will be responsible for identifying, analyzing, and responding to security incidents and threats within an organization's IT infrastructure This senior role demands a high level of expertise in security operations, threat analysis, and incident response You will work closely with other teams, including Level 1 and Level 2 analysts, management, and engineering, to ensure the security of the organization's network and systems Your work will contribute to detecting and mitigating advanced cyber threats, ensuring that the organization remains protected against emerging risks, What will you get to do here Incident Response & Investigation Lead investigations of complex security incidents, including intrusion detection, malware analysis, and vulnerability exploitation, Perform in-depth analysis of security incidents to determine their scope, impact, and method of attack, Take immediate and appropriate action to contain, mitigate, and resolve security threats, Threat Hunting Proactively hunt for hidden threats and vulnerabilities within the organization's systems and networks, Analyze logs and data from multiple sources (e-g , firewalls, intrusion detection systems, antivirus solutions) to identify patterns indicative of malicious activity, Utilize advanced threat intelligence to stay ahead of potential attackers and new attack vectors, Security Monitoring & Analysis Oversee and manage security monitoring tools to detect potential security incidents and vulnerabilities, Analyze alerts and reports generated by various security tools, ensuring accuracy and appropriateness, Ensure the effective operation and tuning of SIEM (Security Information and Event Management) systems, IDS/IPS, and other security technologies, Identify and define new use cases as well as modify existing ones Collaboration & Knowledge Sharing Mentor and provide guidance to junior analysts (Level 1 and Level 2) in incident handling, investigation, and security best practices, Collaborate with IT, network, and engineering teams to resolve security issues and implement proactive security measures, Document incidents and maintain accurate records for reporting and auditing purposes, Reporting & Documentation Generate detailed post-incident reports that include findings, recommendations, and remediation steps, Assist in the development and maintenance of SOC procedures, playbooks, and security policies, Report trends and emerging threats to senior management and stakeholders, Create and maintain standard operating procedures (SOPs), playbooks, and runbooks, Lead root cause analysis and develop lessons learned documentation post-incident Continuous Improvement Stay up to date on the latest cybersecurity threats, trends, and technologies, Contribute to the development and improvement of incident response plans and security protocols, Participate in security training programs to continually enhance skills and capabilities, What qualities are we looking for Education: Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience, Experience: 5+ years of experience in a SOC or security operations environment, with at least 2 years in a senior or advanced analyst role, Technical Skills: Strong experience with security tools and SaaS Application, including SIEM (Splunk, Sentinel One, QRadar, etc ), IDS/IPS, firewalls, Endpoint Protection, DLP, Active Directory/Azure and vulnerability scanners, Expertise in incident response, digital forensics, and malware analysis, Deep understanding of security frameworks, methodologies, and best practices (NIST, ISO 27001, MITRE ATT&CK, etc ), Knowledge and experience of common operating systems (Windows, Mac, Linux) and networking protocols (TCP/IP, HTTP, DNS, etc ), Advanced understanding of cyber threats and attack vectors, including APTs (Advanced Persistent Threats), ransomware, DDoS, and insider threats, Familiarity with cloud security environments and services (AWS, Azure, GCP), Skills & Abilities: Strong written and verbal communication skills, with the ability to report findings to both technical and non-technical stakeholders, Ability to work well under pressure and manage multiple tasks simultaneously, Relevant certifications such as CISSP, CISM, CEH, GIAC, or similar are a plus, Desired Skills: Experience with threat intelligence platforms and frameworks, Proficiency in scripting or automation (Python, PowerShell, etc ) for threat detection and incident response tasks, Experience with network traffic analysis tools

About Us At SentinelOne, we re redefining cybersecurity by pushing the limits of what s possible leveraging AI-powered, data-driven innovation to stay ahead of tomorrow s threats. From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you re excited about solving complex challenges in bold, innovative ways, we d love to connect with you. What are we looking for? We are looking for talented detection engineers, people who look at the world differently, who explore, "hunt", live to beat the system and challenge it. People who can address tough security problems and deliver it fastly What will you do? You will be responsible for detecting the newest identity threats. The role includes an end to end responsibility for behaviour based detection capabilities, starting from researching attack techniques, designing new methods to detect or prevent those, and implementing it in the product in the end. You will be developing and using internal research tools, PoCs and discovering new ways to detect/prevent identity-based attacks (Pass the Hash, Silver ticket, MFA bypass and more)t. At the end of the day, your deliveries will enhance the security of dozens of millions of Windows endpoints which are protected by our platform. What skills and knowledge should you bring? 6+ years of experience in malware analysis (statically and dynamically) 6+ years of experience with C++ Excellent understanding of the Windows Internals - understanding how core system components (Process and Threads, Virtual Memory and more) work behind the scenes. Experienced with Identity-based attacks (Pass the Hash, Silver ticket, MFA bypass and more). Experienced with analysis tools, such as: IDA, WinDBG, SysInternals etc. Kernel development experience - advantage Advanced C++ - advantage Understanding of existing AVs internals - advantage. Why Us? You will be joining a cutting-edge company, where you will tackle extraordinary challenges and work with the very best in the industry. Flexible working hours and hybrid/remote work model. Flexible Time Off. Flexible Paid Sick Days. Global gender-neutral Parental Leave (16 weeks, beyond the leave provided by the local laws) Generous employee stock plan in the form of RSUs (restricted stock units) On top of RSUs, you can benefit from our attractive ESPP (employee stock purchase plan) Gym membership/sports gears by Cultfit. Wellness Coach app, with 3,000+ on-demand sessions, daily interactive classes, audiobooks, and unlimited private coaching. Private medical insurance plan for you and your family. Life Insurance covered by S1 (for employees) Telemedical app consultation (Practo) Global Employee Assistance Program (confidential counseling related to both personal and work life matters) High-end MacBook or Windows laptop. Home-office-setup allowances (one time) and maintenance allowance. Internet allowances. Provident Fund and Gratuity (as per govt clause) NPS contribution (Employee contribution) Half yearly bonus program depending on the individual and company performance. Above standard referral bonus as per policy. Udemy Business platform for Hard/Soft skills Training & Support for your further educational activities/trainings Sodexo food coupons.

Date 10 Jun 2025 Location: Kokata, WB, IN Company Astom At Astom, we understand transport networks and what moves peope. From high-speed trains, metros, monorais, and trams, to turnkey systems, services, infrastructure, signaing and digita mobiity, we offer our diverse customers the broadest portfoio in the industry. Every day, 80,000 coeagues ead the way to greener and smarter mobiity wordwide, connecting cities as we reduce carbon and repace cars. Coud you be the fu-time Weding Expert in Kokata were ooking for Your future roe Take on a new chaenge and appy your comprehensive weding process expertise in a new cutting-edge fied. You work aongside dedicated, innovative, and coaborative teammates. You' contribute to the exceence of our manufacturing process by ensuring the highest weding standards from tender to warranty phases. Day-to-day, you coaborate with teams across the business (Tech. Bid, Product Eng., Industria Quaity, etc.), oversee the preparation of wed pans, and much more. You specificay take care of the performance and assessment of Weding Procedure Quaification, but aso ensure the compatibiity and handing of weding consumabes & parent materias. We ook to you for: Participation in technica reviews and wed sequence definitions Conducting suppier audits and ensuring equipment suitabiity Aocation of quaified weders and preparation of wed pans Visua inspection before, during, and after weding Supporting the reduction of defects through root cause anaysis Ensuring compiance with heath, safety, and environmenta standards A about you We vaue passion and attitude over experience. Thats why we dont expect you to have every singe ski. Instead, weve isted some that we think wi hep you succeed and grow in this roe: Degree in Engineering (BE/B.Tech) or an IWE certification Experience or understanding of heavy meta weding in industries such as ocomotive or automotive Knowedge of internationa weding standards and technoogica advancements Famiiarity with MS Office toos (Word, Exce, PowerPoint) Proficiency in the Engish anguage Abiity to train engineers and weders A coaborative mindset with a goba vision Things you enjoy Join us on a ife-ong transformative journey the rai industry is here to stay, so you can grow and deveop new skis and experiences throughout your career. You aso: Enjoy stabiity, chaenges and a ong-term career free from boring daiy routines Work with the atest standards for rai weding quaity and safety Coaborate with transverse teams and hepfu coeagues Contribute to innovative projects that impact goba mobiity Utiise our fexibe working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your deveopment, through award-winning earning Progress towards eadership and advanced technica roes Benefit from a fair and dynamic reward package that recognises your performance and potentia, pus comprehensive and competitive socia coverage (ife, medica, pension) You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or famiy, you be proud. If youre up for the chaenge, wed ove to hear from you! Important to note As a goba business, were an equa-opportunity empoyer that ceebrates diversity across the 63 countries we operate in. Were committed to creating an incusive workpace for everyone.

Warm Greetings from SP Staffing!! Role :SOC Analyst Experience Required :3 to 8 yrs Work Location :Bangalore Required Skills, Security operations SOC1, SOC2 , FFIEC , GDPR Interested candidates can send resumes to nandhini.spstaffing@gmail.com

____________________________________________________________________________ - PLEASE SAVE WHATSAPP # 9315248639 - Nishant/Shreedevi is your POC from RexOreo Pvt Ltd. -Queries : All emails will come from id : team@rexoreo.com , so please keep an eye. _____________________________________________________________________________ Top Selection & Auto Elimination Criteria: Only Delhi NCR Candidates Need to apply as we need Only Immediate joiners (0-30 days) Rotational Shift Cab facility : Yes only late night pick or drop(1 side only for Gurgaon Employees) Location : Gurgaon Mode : 5 days work from Office only (NO Work from home) Relevant experience range 9+ Position : L3 SOC Analyst Experience : 9-14 years Only Current L2/L2+ (more than 2 years) or L3 candidates need to apply Experience in QRadar is mandatory Total Open Positions (as of 16-June 5.30pm) : 5 EMAIL @ team@rexoreo,com : A VOICE NOTE WHY YOU ARE FIT FOR THIS ROLE ___________________________________________________________________________ Position Description: The SOC Level 3 Analyst is a senior-level cybersecurity professional responsible for leading advanced threat detection, response, and mitigation activities within the Security Operations Center. This role acts as the final escalation point for complex security incidents and plays a crucial role in enhancing security monitoring, incident response procedures, and overall threat defense capabilities. The L3 Analyst collaborates with security engineers, incident response teams, threat intelligence analysts, and IT stakeholders to identify, investigate, and remediate security threats in real-time. Role and responsibilities: 1. Incident Response and Escalation Lead and coordinate end-to-end response for critical and high-severity security incidents. Perform advanced investigation and forensics on compromised systems, including log correlation, packet analysis, and endpoint review. Serve as a primary escalation point for SOC Tier 1 and Tier 2 analysts. Conduct root cause analysis and provide detailed incident reports with lessons learned and mitigation steps. 2. Threat Detection and Analysis Analyze and triage alerts generated by the SIEM and other security tools. Hunt for threats in the environment using threat intelligence and behavioral indicators (proactive threat hunting). Analyze and reverse-engineer malware, if required, to understand behavior and determine mitigation steps. Correlate threat intelligence feeds with internal data to identify indicators of compromise (IOCs) and advanced persistent threats (APTs). 3. Tooling and Automation Optimize and fine-tune detection rules and SIEM use cases to reduce false positives and enhance detection accuracy. Build automation scripts and workflows to improve efficiency in incident triage, correlation, and response. Collaborate with security engineers to integrate new data sources and tools into the SOC ecosystem. 4. Documentation and Reporting Maintain detailed and accurate documentation of incidents, investigations, and actions taken. Develop and update SOC standard operating procedures (SOPs) and playbooks. Prepare and present technical reports, dashboards, and metrics to senior management and stakeholders. 5. Mentorship and Leadership Mentor and guide SOC L1 and L2 analysts on technical skills and investigative processes. Provide training on new threats, tools, and techniques. Assist in evaluating and improving team workflows, processes, and overall SOC maturity. 6. Collaboration and Stakeholder Engagement Work closely with threat intelligence, vulnerability management, and risk teams to stay ahead of emerging threats. Communicate with IT, DevOps, and business units to coordinate responses and ensure secure configurations. Participate in red/blue team exercises and post-mortem reviews to enhance SOC readiness. Required Experience / Skills: Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black). Hands-on knowledge of packet capture analysis tools (e.g., Wireshark, tcpdump), forensic tools, and malware analysis tools. Familiarity with scripting or automation languages such as Python, PowerShell, or Bash. Deep understanding of networking protocols, OS internals (Windows/Linux), and security best practices. Familiar with frameworks such as MITRE ATT&CK, NIST, and the Cyber Kill Chain. Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 2+ years of Incident response Experience supporting 24x7x365 SOC operations and willing to operate in Shifts including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Expert in security incident response processes Required Certifications: Two of the following certifications are preferred: GIAC-GCIH Global Certified Incident Handler GIAC-GCFE - Global Information Assurance Certification Forensic Examiner GIAC-GCFA - Global Information Assurance Certification Forensic Analyst GIAC-GREM - GIAC Reverse Engineering Malware GIAC-GNFA - GIAC Network Forensic Analyst GIAC-GCTI - GIAC Cyber Threat Intelligence GIAC-GPen GIAC Certified Penetration Tester GIAC-GWAPT GIAC Certified Web Application Penetration Tester CEPT - Certified Expert Penetration Tester (CEPT) CASS - Certified Application Security Specialist (CASS) CWAPT - Certified Penetration Tester (CWAPT) CREA - Certified Reverse Engineering Analyst (CREA) Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support.

Role & responsibilities Primary Skill: Threat Intelligence, Threat Hunting, Threat Detection Engineers with experience in writing SPL (Splunk Processing Language), Mitre Framework. Secondary Skill: DataBricks, MDE Threat Intelligence, Threat Hunting, Splunk Enterprise Security, Cyber Security SME, Splunk Power User, Mitre Framework JD: • In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. • Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). • Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE) So to give you better picture, I will give some examples. Person needs to be able to navigate through Mitre framework to be able to assign correct technique to the rule that is worked on. Must be able to tell what Beaconing does or CnC channel means, methods to detect, logs to use (ofc not limited to, in general must know common attach techniques and how to detect them - external threat attacks on prem / cloud). Must be familiar with Cobalt Strike meaning (generic knowledge what it does, not how to use it). Manually write SPL / KQL / SQL rules in one of our tools, generated alerts and get them validated by asking Purple team to run a simulation. Talk to CDC on operationalizing the rule

Lead & focus: Demonstrate clear & calm leadership, setting the tone for each response Command and coordinate a response to security incidents, relevant threats, and high profile security events Scope a response to the next best actions Ensure response is sustainable for all resources involved Support beyond normal shift hours in an emergency or during times of staff shortage Coordinate & communicate: Delegate tasks in a timely manner and manage them to closure Facilitate incident / threat resolution through prompt communication across multiple teams Document status and regularly communicate updates to stakeholders and senior management Develop and track key metrics and reporting related to incident management Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Incident Response, Soc Management Preferred technical and professional experience Threat Hunting

Objective: Serve as L1/L2/L3 level core security domains. Lead architecture reviews, complex troubleshooting, performance tuning, threat modeling, and support design/implementation changes. Technologies Supported Domain Platform DDoS Protection Radware DefensePro / Cloud DDoS NGFW Palo Alto (Panorama, Cortex XSOAR) SIEM & IDAM OpenText ArcSight / CyberRes WAF & LB Radware AppWall / Alteon VX Endpoint Security Trend Micro Apex One / Vision One VAPT Tenable.io / SecurityCenter HSM Thales Luna / payShield APM & Logging Elastic Stack (ELK + Observability) Advanced Skill Set Expert in one or more: DDoS, NGFW, SIEM, WAF, VAPT Protocol-level packet analysis Threat intelligence and hunting workflows SIEM correlation strategy and content development Complex API integrations and automation scripting (Python/Shell) Familiarity with Zero Trust, MITRE ATT&CK, SOAR

Person should be responsible for administration & management of three or more technologies listed Firewall, F5 WAF, F5 SSLO, Ant-DDoS, Packet Broker, Anti-Apt, IPS, etc. Managing complete administration including but not limited of creation, modification of rules and configuration, system upgrades. Handling escalated calls and providing SME support on above technologies. On-boarding of new applications in F5 SSLO, F5 WAF, Packet Broker and handle critical issues for the same. Single point of contact for above mentioned technologies. Incident management & timely escalation of incident. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Overall 4+ years of experience in the field of network security Person should be able to manage the team. Person should have good understanding on SIEM IR & should be able to guide the team. Require advance level of network security devices troubleshooting knowledge, tcpdump, log analysis etc. B. E. / B.Tech in Computer Science or Electronics & Telecommunications Preferred technical and professional experience Person should have good understanding on SIEM IR & should be able to guide the team. Require advance level of network security devices troubleshooting knowledge, tcpdump, log analysis etc.

Dear Candidate, We are seeking a Security Operations Engineer to monitor, detect, investigate, and respond to security incidents and threats across systems and networks. Key Responsibilities: Monitor alerts and logs using SIEM tools (Splunk, QRadar, Sentinel). Analyze security incidents, conduct root cause analysis, and coordinate response. Support threat hunting and vulnerability assessments. Maintain and tune security tools (IDS/IPS, endpoint protection, firewalls). Document incident reports and provide remediation recommendations. Required Skills & Qualifications: Experience in a Security Operations Center (SOC) or similar role. Strong knowledge of cybersecurity concepts and incident response. Familiarity with EDR tools (CrowdStrike, Carbon Black) and log analysis. Scripting and automation skills for detection and response tasks. Security certifications such as CEH, CompTIA Security+, or GCIA are beneficial. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Plan, implement, configure, and migrate market-leading cyber security solutions (Qradar, Sentinel, Defender etc) Creation and implementation of new SIEM use cases (correlation rules), fine tuning, Defender policies etc Configuration, onboarding, and parsing of new log sources in SIEM solution, working on malware analysis, mail analysis, Threat intelligence/hunting etc Assessment of the effects of an attack, taking initial measures and making concrete recommendations for action, Improvement of response plans and incident playbooks Classification and investigation of alarms from different threat detection platforms and provision of the processed results to our customers Anomaly and attack pattern detection at all stages of the cyber killchain Tool-based and manual threat hunting to detect attacks after zero-day exploits or vulnerabilities with a potentially severe impact on customer environments become known Creation of security reports based on the security incidents within the reporting period Creation of reports and dashboards Ensure adherence to and implementation of best incident response procedures as well as internal and industry standards Participation in on-call duty to ensure incident response even outside of business hours 24*7 onsite cybersoc support to customer including weekends public holidays Skill Set Required: Mandatory skill set Good hands-on experience on SIEM tools like Qradar, MS Sentinel Knowledge on Microsoft Defender Good experience on Incident handling response Certification in IBM Qradar SOC Analyst/Administrator, SC-200 Secondary skill set Knowledge on Python, any scripting language Malware investigation and reporting Forensic investigation of SPAM / Phising email incidents Knowledge on threat intelligence threat hunting Experience: 4+ years related work experience in customer facing organizations within cybersoc services Degree / Diploma Holders with Cybersecurity knowledge Excellent verbal written communication skills in English language Global Delivery Operations

Roles and Responsibilities Conduct threat hunting activities to identify potential security threats and vulnerabilities. Analyze malware samples using various tools such as QRadar, Splunk, and ArcSight. Perform incident response duties including handling incidents, conducting root cause analysis, and implementing remediation measures. Monitor security event logs from multiple sources to detect anomalies and potential security breaches. Collaborate with other teams to develop threat intelligence reports and improve overall security posture. Desired Candidate Profile 7-12 years of experience in Security Operations Center (SOC) or related field. Strong understanding of incident response, threat analysis, threat intelligence gathering, log analysis, and security monitoring concepts. Proficiency in tools like QRadar, Splunk, ArcSight for malware analysis and incident response tasks.

Job Description: 5+ years of experience in Security Operations Center and Threat Hunting. Develop and refine threat hunting techniques and tools. Experience in monitoring and alert handling in QRadar SIEM. In-depth knowledge of advanced persistent threats (APTs) and attack vectors. Collaborate with threat intelligence teams to integrate new threat data into hunting processes. Security incident handling and reporting. Experienced in EDR alert analysis, preferably Sentinel One. Preferred candidate profile Bachelor's degree in computer science, Information Security, or related field. Should be flexible to work in 24/7 rotational shifts. Should possess good communication skills.

Qualification Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills.

Dear Candidate, We are seeking a Cybersecurity Analyst to detect, investigate, and prevent security threats across digital assets and systems. Key Responsibilities: Monitor and analyze security alerts, logs, and events. Perform threat intelligence, malware analysis, and incident response. Conduct vulnerability assessments and patch management. Support compliance and audit activities (ISO, NIST, GDPR). Educate staff on cybersecurity best practices and awareness. Required Skills & Qualifications: Experience with SIEM tools (Splunk, AlienVault, QRadar). Knowledge of firewalls, IDS/IPS, endpoint protection, and antivirus. Familiarity with scripting for automation and reporting. Strong analytical, investigative, and communication skills. Security certifications preferred (e.g., CompTIA Security+, SOC Analyst, CISSP). Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Job Summary: We are seeking an experienced Cyber Security Trainer to join our team. The ideal candidate will have a solid background in cybersecurity principles and practices, combined with a passion for teaching and helping students understand complex cybersecurity concepts. You will be responsible for delivering high-quality training sessions and supporting students as they develop skills essential to succeed in the cybersecurity field. Key Responsibilities: Deliver engaging and interactive training sessions on cybersecurity topics, including but not limited to network security, threat analysis, malware protection, digital forensic, and ethical hacking. Develop and update course materials, including presentations, handouts, and online resources, to reflect the latest cybersecurity trends and practices. Conduct hands-on labs and exercises to help students gain practical experience with cybersecurity tools and techniques. Assess students' understanding and progress through evaluations, assignments, and feedback sessions. Stay updated with the latest cybersecurity developments and incorporate new knowledge into training programs. Support and mentor students as they navigate their learning journey, answering questions, and providing guidance on cybersecurity career paths. Qualifications: Bachelors degree in Technology (BTech) or a Master’s in Computer Applications (MCA), or a Master's degree in Technology (MTech) 2-3 years of experience in cybersecurity or a related field, with proven knowledge of current cybersecurity threats, tools, and practices. Previous experience in teaching, training, or mentoring is highly desirable. Excellent communication skills, with the ability to simplify complex topics and engage a diverse audience. Strong knowledge of cybersecurity tools and technologies, such as firewalls, intrusion detection systems, SIEM, and vulnerability assessment tools. Preferred Skills: Relevant certifications in cybersecurity, such as CompTIA Security+, CISSP, CEH, or similar. Familiarity with e-learning platforms and digital training tools. Strong problem-solving skills and adaptability to different learning styles. Why Join Us: Opportunity to make a meaningful impact on the next generation of cybersecurity professionals. Collaborative and supportive work environment. Access to continuous learning and professional development opportunities.

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources.Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD,PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis.Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities.Identify log sources and examine system logs to reconstruct event histories using forensic techniques.Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging.Maintain and support the operational integrity of SOC toolsets.Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans.Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively.Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive.Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Min 4+ Years exp in Soc along with SIEM (Splunk). Min 2 years Hands on exp in Splunk. Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Active CEH certification is Must. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is Must. Workplace type : On-site Working