832 Sentinel Jobs

Join our Team About this opportunity: We are looking for a Security Specialist profile within the Cyber Defense Center (CDC) in Group Security. The Cyber Defense Center defends Ericsson from cyberattacks originating from external threat actors. It ensures we are one step ahead of adversaries, identify their plans and means to execute them, block and disrupt their execution, and remove their presence from within Ericsson. Its focus is on sophisticated antagonistic threat actors who can do the most harm to Ericsson as a company. In order to achieve this the cyber defense center consists of four teams: threat intelligence, the red team, a process and governance team, and cyber operations. What you will do: 24x7 Security monitoring and incident handling across a complex network. End-to-End triage & investigation of all the threat detections originating from technology. Participate in incident response. Support use case development of detection analytics. Conduct research into new threats, identifying new IOC/TTPs. Work in shifts with efficient and accurate handover procedures. Identify improvements in automation and investigation procedures. Work with the Red team to identify gaps or weaknesses in security coverage. Create threat hunting use cases through security research and threat intelligence. Adhere to SLAs for security investigations. The skills you bring: A minimum of 7 to 12 years of experience working within a Security Operations Center /Managed Security Services environment. Organization and project management skills, Good documentation skills, Positive can-do attitude. Ability to work at odd hours and work constructively under pressure. Worked across different cultures in a global setting and with many stakeholders. Impeccable integrity and track record of working with sensitive information. Technical Competences The Incident Response Process Core networking skills Live Windows, Linux and Memory Forensics Active Directory Analysis Network Threat Hunting Basics of Vulnerability Management Demonstrable experience with Incidence Response in leading public Clouds – Azure, AWS, GCP Experience with Microsoft Azure Cloud - Azure Sentinel, Microsoft security stack, MS Graph API, Entra ID Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS CloudTrail Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre Able to triage & investigate email threats using platforms like Microsoft EOP, Trellix, Proofpoint Working knowledge of `Security products like Endpoint Detection Response (EDR), Identity Threat Detection (ITDR) & Response, Network Detection & Response (NDR) from leading vendors like Trellix, CrowdStrike, MS Defender for Endpoint, Vectra Experience in IT Security and risk management. Security related certification like SANS GCIH, GCIA, GMON, GREM, CEH, CISSP, CHFI and Incident Response certification is an added advantage.

Azure, AWS, GCP, Sentinel, GRC, Threat Analyst, NIST, MITRE ATT&CK, SOC2, ISO27001, ISO27002, Identity, Access management, Security Engineering, Security Automation, Resiliency, DevSecOps, SSDLC, SDLC, Threat Modelling, Risk Assessor, Security Audit, zero trust, ZTNA, conditional access In this role, you will help architect, deploy security solutions, tools for Application, DevSecOps & SSDLC, and Public Cloud Security. You need to learn about Infosys business initiatives, products and business needs to drive clients' security projects. Develop technical solutions and advise security controls to mitigate security vulnerabilities. Partner with Security Engineers, Architects, and clients to drive security initiatives in technology and policy governance.

About The Company Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of Communications Experience Required: 4+ years in Cybersecurity, with 2+ years hands-on any threat intelligence platform Reports To: Security Operations Lead / SOC Manager Location: Jaipur Job Type: Full-time, Customer locations Job Summary We are seeking a skilled Threat Intelligence Engineer/Analyst with hands-on experience in managing and operating a Unified Threat Intelligence Platform (UIP). The ideal candidate will be responsible for integrating, enriching, analyzing, and disseminating threat intelligence across security systems (SIEM, SOAR, EDR) to enhance threat detection, hunting, and response efforts. Key Responsibilities Administer and maintain the Unified Threat Intelligence Platform (e.g., MISP, Anomali, ThreatConnect, EclecticIQ, TIP from commercial vendors). Should have worked on any of the TI platform. Experience in Recorded future preferred. Aggregate, normalize, and enrich threat intel feeds from internal, commercial, and open-source sources (OSINT). Map Indicators of Compromise (IOCs), TTPs, and threat actor profiles using frameworks such as MITRE ATT&CK and STIX/TAXII. Integrate UIP with SIEM, SOAR, and EDR platforms to enable automated threat correlation and alert enrichment. Analyze and prioritize threat intelligence based on relevance, risk level, and business impact. Coordinate with threat-hunting and SOC teams to enable actionable use of threat intelligence. Create and manage threat intelligence dashboards, reports, and alerts. Continuously improve threat ingestion, enrichment pipelines, and integration workflows. Required Skills And Qualifications Solid understanding of Threat Intelligence lifecycle: collection, processing, analysis, dissemination. Experience with commercial or open-source TIP/UIP tools (e.g., MISP, ThreatConnect, Anomali, EclecticIQ). Strong knowledge of STIX/TAXII, OpenIOC, YARA, Sigma rules. Experience integrating threat intel into SIEM (e.g., Splunk, QRadar, Sentinel) and SOAR platforms. Familiarity with threat actor behavior, campaigns, malware families, and IOC tracking. Working knowledge of scripting (Python preferred) for automation and data transformation. Ability to analyze complex data and present threat intelligence in clear, actionable formats. Education Requirements BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification CEH/CSA/ NBAD certification

Arise Virtual Solutions has created a disruptive technology platform that connects the world’s biggest brands with the largest network of gig-economy Service Partners in the BPO industry. Innovations in dynamic scheduling can deliver up to 200% intraday flex so Brands can be there for their customers. Highly innovative virtual learning programs keep Brands aware of customers’ needs so they offer new solutions that grow share of wallet and increase revenue. Service Partners select brands they love and deliver empathetic, personal care that creates enduring relationships, keeping Brands essential and growing. Arise is using the most innovative technology in the BPO industry to transform CXM for Brands and their customers. The Customer Success Manager plays a central role at Arise Virtual Solutions, ensuring that our clients and Service Partners are able to maximize the value they obtain through use of our Platform. Each Customer Success Manager (“CSM”) serves our portfolio of clients by developing an intimate understanding of their business needs and offering subject matter expertise to support them in achieving their contact center objectives. Additionally, the CSM is responsible for KPI performance, contracts, and vendor relationship management for the hundreds of small independent businesses that provide services to Arise. ** Contact center/BPO experience at a manager level required ** Responsibilities Managing vendor contract compliance Participating in new vendor implementation Ensuring that Arise achieves and exceeds all client metrics Program analysis and reporting through strong analytical reports to illustrate results and achievement of program metrics Overseeing goal setting, monitoring of program trends Participating in client meeting and calibration sessions on a daily/weekly basis Developing and implementing improvement action plans that can be offered to vendors Initial point of escalation on the program. Responsible for escalation tracking and resolution Budget management Coordinate with the Director, Customer Success to achieve client metrics Related duties as required Special projects as assigned by Senior Manager, Customer Success or Director, Customer Success Responsible for other reports, analysis or other duties as assigned Works independently to drive client program metrics Requires little supervision to successfully deliver the core responsibilities Qualifications Minimum 5 years related Operations Management work experience in Contact Center/ BPO required. Knowledge of vendor management Strong Quality Assurance experience Bachelor’s degree or equivalent combination of education and/or work experience 24/7 client focus mentality. Flexible with schedule to attend clients’ needs Ability to facilitate/conduct virtual meetings in a one-on-one and/or group setting Proficient in Microsoft applications with a strong emphasis on Word, Excel (Pivot tables and V-lookups), Outlook and Microsoft Project. A self-motivated and proactive team-player, working quickly and accurately under pressure and time constraints, with minimal supervision Desire to roll-up your sleeves and assist with any project Extreme attention to detail Passion for helping people achieve their goals Data driven decision maker Must possess excellent interpersonal, oral, and written communication skills. Professionalism and the ability to work well with others are extremely important, as well as the ability to maintain confidentiality of information Competitive Compensation and Benefits which include: Medical Benefits through Cigna Remote working Flexible Time Off Plan! Take ownership of your time, workload, and results Great Place to Work - Sun Sentinel 2015, 2016, 2017, 2018, 2019! Empowerment Squad Activities - Philanthropy/Volunteering, Team Challenges, Fun Events! When smart creative and passionate people get together, the results are astounding and the opportunities limitless. Achieve your potential at Arise. Diversity creates a healthier atmosphere: equal opportunity employer M/F/D/V

It has been more than 60 years since SYSTRA has garnered expertise that spans the entire spectrum of Mass Rapid Transit System. SYSTRA India’s valuable presence in India roots back to 1957, where SYSTRA worked on the electrification of Indian Railways. Our technical excellence, holistic approach and the tremendous talent provides a career that puts people who join us at the heart of improving transportation and urban infrastructure efficiency. Understand better who we are by visiting www.systra.in Context In India, SYSTRA is an international consulting and engineering company operating in the fields of Metros, High Speed Rail, Railways, Roads, Buildings, Urban planning, and Water Infrastructure for public and private organizations. CTR – Regional Technical Centre of Systra India takes care of the international production of major projects at Systra Group level. CTR team has expertise in design of High-Speed Rail, Metro, Conventional Rail, Bridges, Highways, Depots, Stations and Transport Planning. Starting from Feasibility/Concept stage to Detailed Design to IFC/Shop drawings, the disciplines involved have experience of designing in accordance with various international codes and delivered projects across the world. CTR team has successfully delivered some major projects in UK, UAE, Tanzania, KSA, Australia, Canada and Denmark. One of the major achievements of India CTR team has been the design of HS2 project in UK. We played an instrumental role in delivering 3 major Sublots on HS2 with our teams proactively engaging with Front Office in UK and delivering beyond client expectations. This resulted in India team receiving many accolades from the contractor BBV and client HS2. CTR team in India is proficient in working on multi-disciplinary projects integrating Design, BIM and Drawing production in a seamless workflow incorporating different software. The technical and management teams within CTR get an opportunity to work and interact with other CTR teams within Systra Group from Paris, Poland, Dubai, Philippines and Brazil. Missions/Main Duties Job Summary We are seeking a competent and motivated Railway Signaling Engineer to contribute to the delivery of signaling design and implementation across international projects in Australia, the UK, and Sweden. The ideal candidate should have solid knowledge of regional signaling practices, tools, and standards—especially related to ERTMS/ETCS systems and conventional interlocking technologies. Key Responsibilities Support the design and development of signaling systems in accordance with applicable standards: ARTC/Aurizon (Australia), Network Rail (UK), and Trafikverket (Sweden). Assist in the preparation and verification of signaling drawings, interlocking data, control tables, and interface documentation. Collaborate in ERTMS Level 1/2 and legacy system design, including elements like RBCs, balises, LEUs, and GSM-R. Participate in safety compliance activities, including CENELEC standards (EN 50126/8/9). Work closely with multidisciplinary teams and execution. Maintain clear communication with clients, team members, and external stakeholders. Assist senior engineers and contribute to continuous improvement in design workflows. Profile/Skills Qualifications & Skills Bachelor’s degree in Electrical, Electronics, or Railway Engineering (Master’s preferred). 4–7 years of professional experience in railway signaling design. Experience in at least one or more of the following country-specific standards: Australia: ARTC/MTM standards, Microlok II, Westrace MkII, ATP. UK: Network Rail standards, SSI/Westlock, TPWS, axle counters. Sweden: Trafikverket standards, ERTMS Level 2, Eurobalise, ETCS components. Familiarity with design tools such as MicroStation, AutoCAD, and signaling simulation platforms. Good understanding of safety-critical design and regulatory compliance for signaling systems. Excellent English communication skills. Swedish language proficiency is a plus. Preferred Certifications IRSE License (UK) or equivalent national certification. OEM-specific training in signaling systems (e.g., Siemens, Alstom, Bombardier). Rail safety worker certifications like RIW (Australia) or Sentinel (UK) are a plus. We commit to put people who join us at the heart of improving transportation and urban infrastructure efficiency. As we are growing, this is time to be a part of this challenging adventure.It’s not a job - it’s a career!

Join our Team About this opportunity: We are looking for a Security Specialist profile within the Cyber Defense Center (CDC) in Group Security. The Cyber Defense Center defends Ericsson from cyberattacks originating from external threat actors. It ensures we are one step ahead of adversaries, identify their plans and means to execute them, block and disrupt their execution, and remove their presence from within Ericsson. Its focus is on sophisticated antagonistic threat actors who can do the most harm to Ericsson as a company. In order to achieve this the cyber defense center consists of four teams: threat intelligence, the red team, a process and governance team, and cyber operations. What you will do: 24x7 Security monitoring and incident handling across a complex network. End-to-End triage & investigation of all the threat detections originating from technology. Participate in incident response. Support use case development of detection analytics. Conduct research into new threats, identifying new IOC/TTPs. Work in shifts with efficient and accurate handover procedures. Identify improvements in automation and investigation procedures. Work with the Red team to identify gaps or weaknesses in security coverage. Create threat hunting use cases through security research and threat intelligence. Adhere to SLAs for security investigations. The skills you bring: A minimum of 7 to 12 years of experience working within a Security Operations Center /Managed Security Services environment. Organization and project management skills, Good documentation skills, Positive can-do attitude. Ability to work at odd hours and work constructively under pressure. Worked across different cultures in a global setting and with many stakeholders. Impeccable integrity and track record of working with sensitive information. Technical Competences The Incident Response Process Core networking skills Live Windows, Linux and Memory Forensics Active Directory Analysis Network Threat Hunting Basics of Vulnerability Management Demonstrable experience with Incidence Response in leading public Clouds – Azure, AWS, GCP Experience with Microsoft Azure Cloud - Azure Sentinel, Microsoft security stack, MS Graph API, Entra ID Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS CloudTrail Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre Able to triage & investigate email threats using platforms like Microsoft EOP, Trellix, Proofpoint Working knowledge of `Security products like Endpoint Detection Response (EDR), Identity Threat Detection (ITDR) & Response, Network Detection & Response (NDR) from leading vendors like Trellix, CrowdStrike, MS Defender for Endpoint, Vectra Experience in IT Security and risk management. Security related certification like SANS GCIH, GCIA, GMON, GREM, CEH, CISSP, CHFI and Incident Response certification is an added advantage.

Exigo Tech specialises in proving end-to-end technology solutions in Infrastructure, Cloud, Enterprise Application Development, Networks and Internet, Digital Transformation, Business Communication and Modern Workplace. We have forayed into the Security domain as well. We have a team of certified professionals who bring both defensive and offensive cyber security solution to all levels of Enterprise and Government customers for risk mitigation. At Exigo Tech we have a firm commitment to our clients for delivering solutions which enables them to increase their business efficiency and productivity while ensuring the security of their data. Role Objective We’re looking for a Senior Cloud Engineer (Azure) who thrives in a fast-paced MSP environment, is passionate about automation, and takes ownership of cloud infrastructure across multiple clients. You’ll be responsible for designing, deploying, and managing secure Azure environments using modern DevOps and DevSecOps practices, with a strong focus on Infrastructure as Code (IaC), governance, and scalability. Key Responsibilities Design and implement automated Azure infrastructure using Infrastructure as Code (IaC) tools across multiple client environments. Deploy and manage Azure Landing Zones aligned with enterprise-scale architecture and governance standards. Apply Microsoft’s Cloud Adoption Framework (CAF) to guide cloud strategy, readiness, governance, and management. Collaborate with internal teams and client stakeholders to translate business needs into secure, scalable technical solutions. Build and maintain CI/CD pipelines using Azure DevOps or GitHub Actions, integrating security and compliance checks. Automate infrastructure provisioning and configuration using tools such as Terraform, Bicep, and Ansible. Apply DevSecOps principles to embed security into every stage of the deployment lifecycle. Implement and manage cloud security controls using Azure-native tools like Defender for Cloud, Sentinel, Azure Policy, and Key Vault. Conduct security assessments and audits to ensure compliance with industry standards and client-specific requirements. Enforce cloud governance policies across client environments, ensuring secure and compliant operations. Monitor performance, availability, and security posture using Azure Monitor, Log Analytics, and Application Insights. Optimize resource usage and costs through effective scaling, automation, and proactive management strategies. Respond to incidents and service requests across multi-tenant environments, ensuring timely resolution and client satisfaction. Stay current with Azure innovations, DevOps trends, and emerging technologies to enhance service delivery. Propose and implement improvements to automation, security, and operational efficiency. Participate in retrospectives and service reviews to identify areas for improvement and drive continuous excellence. Technical Skills 5+ years in enterprise infrastructure and cloud operations, preferably in an MSP or multi-tenant environment. 3+ years hands-on experience with Microsoft Azure. Strong experience with infrastructure-as-code and automation tools. Proficiency in scripting (PowerShell, Azure CLI) and cloud-native DevOps workflows. Hands-on experience with cloud security, compliance, and monitoring. Familiarity with containerization and cloud-native architecture. Experience deploying and managing Azure Landing Zones and enterprise-scale environments. Understanding of Microsoft’s Cloud Adoption Framework (CAF) and its practical application. Experience with other cloud platforms (AWS, GCP) is a plus. Desirable Skills: Terraform, Bicep, Ansible Azure DevOps, GitHub Actions Microsoft Defender for Cloud, Azure Policy, Sentinel, Key Vault Azure Monitor, Log Analytics, Application Insights AKS, Azure Container Apps, Docker Azure Landing Zones, Azure Arc, Enterprise Scale Framework Soft Skills: Passionate about automation and infrastructure as code, with a hands-on and can-do mentality. Strong sense of ownership and accountability in client-facing environments. Team player with excellent communication and presentation skills in English. Able to express ideas effectively in both individual and group settings. Customer-focused with a proactive problem-solving attitude and strong customer-facing skills. Able to execute tasks independently and deliver high-quality results with limited supervision. Committed to continuous learning, long-term contribution, and a mindset of continuous improvement. Certification: Azure Administrator Associate Azure Solutions Architect Expert Azure DevOps Engineer Expert Azure Security Engineer Associate Azure Virtual Desktop Specialty Azure Network Engineer Associate (a plus). Education: Bachelor’s/Master’s degree in IT, Computer Science or related field Location: Vadodara, Gujarat, India

Overview: The Information Security Specialist ensures the seamless functioning of security operations by emphasizing proactive incident management. This role requires a mix of technical expertise, analytical thinking, and a proactive approach to improve operational efficiency. Key Responsibilities: · Incident Identification and Escalation: · Detect and log incidents with detailed and timely documentation. · Analyze, assign, and escalate high-complexity tickets as needed. · Problem Resolution: · Investigate third-line support calls and determine root causes. · Escalate unresolved issues to third-party vendors when necessary. · Vulnerability Analysis and Risk Assessment · Perform vulnerability analysis and asses the vulnerability risk by analyzing existing security controls · Stakeholder Reporting: · Prepare and deliver regular updates on security activities and incident reports to senior stakeholders. · Collaboration: · Partner with IT and security teams to create a cohesive security strategy. · Ticket Queue Management: · Monitor and action ticket queue, rapidly resolve technology incident issues for internal users. · Security Platform Maintenance: · Maintain/monitor security platforms and services, resolve issues and support SOC/IR (Incident Response) as needed. · Provide analysis, review, and reporting of the operating state for security platforms, make recommendations for any environmental changes to reduce incident volumes and downtime. · Maintain, test, and implement security policies and procedures to ensure compliance with company policy, industry standards, and regulatory requirements. · Rapidly fulfill any SOC/IR requests in response to security incidents. · Cross-Functional Collaboration: · Collaborate with cross-functional teams to integrate security solutions into existing infrastructure and workflows. · Mentorship: · Mentor junior team members to enhance their skills. · Continuous Learning: · Stay up to date with the latest cybersecurity threats, trends, and technologies, and recommend appropriate security controls and countermeasures. Experience Requirements: · 4-6 years of experience with SIEM tools like MS Sentinel, Splunk, QRadar, or LogRhythm. · Proficiency in, EDR tools, Email Security tools. · Strong background in SOC analysis, including triage, alert investigation, and incident qualification. · Demonstrated expertise in incident prioritization and in-depth analysis. · In-depth knowledge of most of the following security technologies: Network DLP, IDS/IPS, Email Security, SWG/Proxy, CASB, CSPM, SASE, SSE, SIEM and forensic network · Understanding of operating system technology, including Microsoft Windows, MacOS and various Linux distributions. · Knowledge of virtualization platforms both centrally managed as well as locally managed as well as the means to provide visibility and control to guest systems. · An understanding of cloud-based endpoint security solutions and experience with public cloud platforms such as AWS, Azure, or Google Cloud Platform. · Excellent analytical and problem-solving skills, with the ability to troubleshoot complex network security issues. · Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Skills and Competencies: · Proficient in SIEM tool, Email Security Tool (ProofPoint, FireEye), Incident Response, and CrowdStrike EDR · Strong leadership and stakeholder management skills. · Ability to analyze and optimize SOC operations effectively. · Proficiency in MS Office. · CEH/Security+ certification. Qualifications: · Bachelor’s degree in computer science, Information Security, Electronics & Communication or related field. · 8+years of proven experience in operating and managing security solutions in enterprise environments.

SUMMARY Our client is IT MNC part of one of the major insurance groups based out of Germany and Europe. The Group is represented in around 30 countries worldwide, with Over 40,000 people worldwide, focusing mainly on Europe and Asia. Our client offers a comprehensive range of insurances, pensions, investments and services by focusing on all cutting edge technologies majorly on Could, Digital, Robotics Automation, IoT, Voice Recognition, Big Data science, advanced mobile solutions and much more to accommodate the customers future needs around the globe thru supporting millions of internal and external customers with state of-the-art IT solutions to everyday problems & dedicated to bringing digital innovations to every aspect of the landscape of insurance. Job Location: Hiranandani Gardens, Powai, Mumbai Mode: Work from Office Requirements Key Responsibilities: : Business-Cybersecurity Alignment: o Work closely with business stakeholders, IT security teams, and cross-functional teams to ensure cybersecurity initiatives align with the organization’s broader business goals. o Translate business needs into technical security requirements that can be effectively executed by the security and IT teams. Risk Analysis & Security Assessments: o Conduct risk assessments in the context of hybrid IT environments (cloud, on-premises, and edge) to identify security gaps and vulnerabilities. o Collaborate with security teams to evaluate existing security controls and recommend solutions to mitigate identified risks, balancing business needs with security requirements. Cybersecurity Frameworks & Compliance: o Ensure that all business and technical security requirements comply with relevant regulatory compliance frameworks (e.g., NIST CSF, ISO 27001, GDPR, HIPAA). o Support audits and compliance assessments, identifying any gaps between current practices and regulatory standards. (must have) Security Process Improvement: o Identify opportunities for process improvements within the cybersecurity function, including streamlining security incident response, access management processes, and threat detection workflows. o Develop business cases for proposed security improvements, including cost-benefit analyses and risk assessments. The Business Analyst will have comprehensive responsibilities spanning multiple cybersecurity domains, and should have expertise in at least 5 of the following areas o SIEM Sentinel & Security Operations: Manage and optimize SIEM solutions, particularly Sentinel, for effective monitoring, incident detection, and security event correlation across hybrid environments. Collaborate with security operations teams to ensure proper configuration, tuning, and reporting within SIEM platforms to support proactive threat management. o Security Tools & Technology Integration: Work with security teams to implement and optimize security tools such as SIEM (e.g., Splunk, Microsoft Sentinel), EDR (e.g., CrowdStrike, MS Purview/Defender), SOAR platforms, CASB (Cloud Access Security Broker), and Threat Intelligence systems. Help define and document requirements for the integration of cybersecurity tools into the broader security ecosystem. o User Access Management (UAM) & RBAC: Work closely with identity and access management teams to ensure the implementation of UAM and RBACsystems that align with the organization's security policy and business requirements. Support the development of processes for managing user roles, privileges, and access rights across enterprise systems. o Cloud & Encryption Security: Ensure that security policies and controls are applied across both on-premises and cloud environments(AWS, Azure, Google Cloud), addressing challenges related to cloud security, data encryption, and access management. Collaborate with technical teams to implement strong encryption methods for data - in - transit, data-at-rest, and data-in-use in line with organizational security policies. o AI & ML in Cybersecurity: (Good to have) Contribute to the use of AI/ML technologies to enhance threat detection, anomaly identification, and predictive analytics within the organization’s security operations. Collaborate with data scientists and security teams to define requirements for AI/ML-based security models and incident response automation. o SOAR Integration & Incident Response: Assist with the integration of Security Orchestration, Automation, and Response (SOAR) solutions into the incident response lifecycle to streamline response times and automate repetitive tasks. Support the continuous improvement of incident response procedures and playbooks, ensuring a consistent, rapid, and efficient approach to security incidents. Benefits

We are seeking a highly experienced Azure Systems Architect to lead the design and delivery of enterprise-level cloud solutions. This role offers the opportunity to shape and implement cutting-edge infrastructure strategies, focusing on scalability, security, and performance while collaborating across multiple teams to ensure success in a dynamic environment. Responsibilities Design enterprise-scale Azure infrastructure solutions across compute, storage, networking, identity, and security Lead architecture efforts for new systems and modernization/migration of existing on-premises infrastructure to Azure Define and implement Azure Landing Zone architectures using best practices in governance, policy, and security Architect hybrid connectivity using ExpressRoute, VPN Gateways, Azure Arc, and on-premise integrations Implement infrastructure automation using ARM/Bicep, Terraform, PowerShell, and Azure DevOps pipelines Ensure high availability, disaster recovery, backup, and monitoring configurations across environments Establish best practices for resource governance, cost control, tagging, and subscription management Collaborate with InfoSec, DevOps, and Application teams to ensure secure and compliant deployments Provide technical leadership and mentorship to engineering teams during delivery and implementation phases Requirements 13+ years in IT infrastructure and systems engineering roles 5+ years of hands-on architecture experience on Microsoft Azure Background in landing zone design, management group hierarchy, and enterprise governance Competency in Azure services including Virtual Networks, NSG, UDR, ExpressRoute, VPN, and Azure Firewall Expertise in identity management tools such as Azure AD, RBAC, Conditional Access, and Key Vault Familiarity with storage solutions such as Storage Accounts, Azure Files, Azure Backup, and Site Recovery Proficiency in Infrastructure as Code tools including Terraform, ARM Templates, or Bicep Capability to use automation tools like PowerShell, Azure CLI, and Azure DevOps effectively Background in governance and security technologies including Azure Policy, Blueprints, Security Center, and Sentinel

We are seeking a highly experienced Azure Systems Architect to lead the design and delivery of enterprise-level cloud solutions. This role offers the opportunity to shape and implement cutting-edge infrastructure strategies, focusing on scalability, security, and performance while collaborating across multiple teams to ensure success in a dynamic environment. Responsibilities Design enterprise-scale Azure infrastructure solutions across compute, storage, networking, identity, and security Lead architecture efforts for new systems and modernization/migration of existing on-premises infrastructure to Azure Define and implement Azure Landing Zone architectures using best practices in governance, policy, and security Architect hybrid connectivity using ExpressRoute, VPN Gateways, Azure Arc, and on-premise integrations Implement infrastructure automation using ARM/Bicep, Terraform, PowerShell, and Azure DevOps pipelines Ensure high availability, disaster recovery, backup, and monitoring configurations across environments Establish best practices for resource governance, cost control, tagging, and subscription management Collaborate with InfoSec, DevOps, and Application teams to ensure secure and compliant deployments Provide technical leadership and mentorship to engineering teams during delivery and implementation phases Requirements 13+ years in IT infrastructure and systems engineering roles 5+ years of hands-on architecture experience on Microsoft Azure Background in landing zone design, management group hierarchy, and enterprise governance Competency in Azure services including Virtual Networks, NSG, UDR, ExpressRoute, VPN, and Azure Firewall Expertise in identity management tools such as Azure AD, RBAC, Conditional Access, and Key Vault Familiarity with storage solutions such as Storage Accounts, Azure Files, Azure Backup, and Site Recovery Proficiency in Infrastructure as Code tools including Terraform, ARM Templates, or Bicep Capability to use automation tools like PowerShell, Azure CLI, and Azure DevOps effectively Background in governance and security technologies including Azure Policy, Blueprints, Security Center, and Sentinel

About Northern Trust Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. Job Profile Summary Expert responsible for developing and administering solutions that meet system expectations relative to scalability, performance, fault tolerance, usability, and data integrity for the Information Security Operations and Architecture function. This position will collaborate extensively with business, technology, risk and other corporate teams to establish and strengthen adoption of security by design. We operate within a complex landscape driven by client expectations and the diverse needs that comes with operating in countries across the globe. This role is part of the Information Security organization, aligning to Business Information Security Officer (BISO) for Asset Servicing and Chief Operating Office. This role will report to the BISO who reports to the Global Chief Information Security Officer (CISO). Responsibilities Works with management and the architecture team to develop the security strategy and plan and ensures objectives are met. Provides leadership and guidance to staff, fostering an environment that encourages employee participation, teamwork, and communication. Participate in Architecture Review Boards and help teams create secure design. Evaluates proposals to determine if proposed security solutions effectively address enterprise requirements. Displays a balanced, cross-functional perspective, constantly liaising with the business to improve efficiency, effectiveness and productivity. Work with Enterprise Security Architecture team to develop Security blueprints and patterns. Good understanding of vulnerability management. Interfaces frequently with information security industry groups to stay abreast of emerging security trends. Focus of role is on execution of strategic direction of business function activities. Identifies alternative functional security strategies to balance organizational IT security concerns and business requirements. Description Guides the development, specification and communication of application or infrastructure architectures used by business or application systems. Security architect primarily focused on technologies related to authentication, authorization, access management, governance, controls, regulatory requirements etc. As a key member of Workforce authorization and authentication team this candidate will play a vital role in ensuring the secure and compliant implementation of various solutions (Hybrid and Cloud). Provides extensive, in-depth, technical consultation to the clients, partners, and IT Management to develop plans and directions to assure the integration of corporate business area requirements. Thoroughly understands decision process issues of technology choice, such as design, data security, client server communication, etc. Evaluates and selects from existing and emerging technologies those options best fitting business/project needs Promotes sharing of expertise through consulting, presentations, and documentations, etc. Experienced, functional expert with technical and/or business knowledge and functional expertise Carries out complex initiatives involving multiple disciplines and/or ambiguous projects Displays a balanced, cross-functional perspective, liaising with the business to help improve efficiency, effectiveness, and productivity Qualifications Knowledge of network architecture concepts including topology, protocols, components and the application of Defense-In-Depth principles Ten years of experience in the Information Security roles preferred; wide range of technical experience across multiple Cyber Security domains. Five years of experience as a Security Architect In-depth knowledge and experience on Entra ID, EPM, Sentinel, Azure, M365, AWS Security is required Excellent communication skills with the ability to convey complex technical and non-technical concepts in verbal products & excellent writing skills Thoroughly understands and provides solutions considering Security technology choices, such as design, protocols support, secrets management, data security, client server communication, token handling, Session management, credential vaulting, OIDC/ OAuth flows, Okta usage and implementations, authorization patterns, identity federation, cloud architectures, cryptography, cloud native services, cloud security etc. Good understanding of Cloud Infrastructure Entitlement Management solution (CIEM) to ensure continuous improvement in Security Posture by providing consultations to application teams Exposure to API Management, Firewalls, DLP, VPNs, DNS, Azure Defender, MCAS, Sentinel, WAFs, Application Gateways, NSGs, App Proxy, Radius clusters, CDN etc. Deep understanding of Applications security, OWASP standards, security best practices, browser compatibilities/storages/cookies Displays a balanced, cross-functional perspective under information security, liaising with other towers and business to help improve Security centric designs Strong knowledge on Identities management on Azure AD with OAuth, OIDC, SAML, SSO, MFA, Conditional access policies, MFA, Kerberos, LDAP, Identity Federations etc. Strong knowledge of: Security architecture patterns, requirements, and security controls; Security controls like Authentication, Authorization, Data Security, IAM; Threat modeling frameworks and methodologies Secure code reviews and utilizing outputs Common frameworks and standards such as CRI and NIST Knowledge of penetration testing tools and techniques (e.g., metasploit, neosploit, etc.) Working With Us As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.

We are seeking a highly experienced Azure Systems Architect to lead the design and delivery of enterprise-level cloud solutions. This role offers the opportunity to shape and implement cutting-edge infrastructure strategies, focusing on scalability, security, and performance while collaborating across multiple teams to ensure success in a dynamic environment. Responsibilities Design enterprise-scale Azure infrastructure solutions across compute, storage, networking, identity, and security Lead architecture efforts for new systems and modernization/migration of existing on-premises infrastructure to Azure Define and implement Azure Landing Zone architectures using best practices in governance, policy, and security Architect hybrid connectivity using ExpressRoute, VPN Gateways, Azure Arc, and on-premise integrations Implement infrastructure automation using ARM/Bicep, Terraform, PowerShell, and Azure DevOps pipelines Ensure high availability, disaster recovery, backup, and monitoring configurations across environments Establish best practices for resource governance, cost control, tagging, and subscription management Collaborate with InfoSec, DevOps, and Application teams to ensure secure and compliant deployments Provide technical leadership and mentorship to engineering teams during delivery and implementation phases Requirements 13+ years in IT infrastructure and systems engineering roles 5+ years of hands-on architecture experience on Microsoft Azure Background in landing zone design, management group hierarchy, and enterprise governance Competency in Azure services including Virtual Networks, NSG, UDR, ExpressRoute, VPN, and Azure Firewall Expertise in identity management tools such as Azure AD, RBAC, Conditional Access, and Key Vault Familiarity with storage solutions such as Storage Accounts, Azure Files, Azure Backup, and Site Recovery Proficiency in Infrastructure as Code tools including Terraform, ARM Templates, or Bicep Capability to use automation tools like PowerShell, Azure CLI, and Azure DevOps effectively Background in governance and security technologies including Azure Policy, Blueprints, Security Center, and Sentinel

Introduction Introduction* A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Roles & Responsibilities: Handling alerts and incident on XDR platform Alert & incident triage and analysis Proactively investigating suspicious activities Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. Adhere to established policies, procedures, and security practices. Follow-up with tech team for incident closure Participating in daily standup and review meeting L1 Analyst has responsibility to closely track the incidents and support for closure. Escalate more complex incidents to L2 analysts for deeper analysis. Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) Handle XDR alerts and followup with customer team for agent updates Key Responsibilities Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred Education Master's Degree Required Qualifications Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred Certifications Preferred technical and professional experience GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Introduction Introduction* A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Roles & Responsibilities: Handling alerts and incident on XDR platform Alert & incident triage and analysis Proactively investigating suspicious activities Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. Adhere to established policies, procedures, and security practices. Follow-up with tech team for incident closure Participating in daily standup and review meeting L2 Analyst has responsibility to closely track the incidents and support for closure. Working with logsource and usecase management in integrating log sources and developing & testing usecase Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) Developing SOP / instruction manual for L1 team Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents Handle XDR alerts and followup with customer team for agent updates Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred Education Master's Degree Required Qualifications Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred Certifications Preferred technical and professional experience GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Job Summary Role: Senior Security Analyst Base Location: Hinjewadi, Pune. Job Description Responsible for operationalization of new security platforms to enable security operations Center to stay ahead of emerging and current threats. Troubleshoot Splunk SIEM components and related functionalities. Integration of Splunk SIEM with other security Tools. Perform regular Health check of the Splunk core components. Act as a Subject Matter Expert for Splunk solution. Stay updated with latest Features, enhancement, security updates for Splunk. Deep log analysis skills on Splunk SIEM. Security Information Event Management & Analytics Platforms integration ¿ Splunk Build use cases that drive security analytics and incident response. Custom integration of Log sources and SIEM content development. Act as a Subject Matter Expert for Splunk solution. Implement and optimize security detection rules, queries, and playbooks within Splunk. Configure and troubleshoot Splunk SIEM components and related functionalities. Plan and onboard different data sources such as: Windows, linux, AD, Firewall, other security tools integration. Knowledge of various security methodologies and technical security solutions, Firewall, IPS, Antivirus, Proxy, WAF, Load balancer, DDOS, EDR (Sentinel One) and DLP solutions. Candidates with prior experience of setting up security operations from scratch would have added advantage. Identify automation opportunities in the incident response workflow and implement them with the help of automated playbooks in Microsoft Sentinel SIEM. Understand business requirements from the client and translate them into technical deliverables within Cyber Security domain. Deep log analysis skills on Splunk SIEM. Manage the daily/weekly/monthly SOC metrics reporting for the assigned set of clients. Build custom use cases, dashboards, reports as per the requirement from client and internal stakeholders. Demonstrate SOC differentiators and new capabilities to the prospect clients as part of RFP/RFI defense discussions. Proven history of maturing SOC from Initial to Optimised level of CMM maturity model. Skills Required Must Have 10+ years of experience in IT and 8+ years in Cyber Security. Hands on experience on Splunk including creation of custom queries, detection rules and automated response playbooks. SIEM ¿ Splunk (Must Have), QRadar, LogRhythm Thorough understanding of various industry leading cloud native SIEM architecture, pricing and technical knowhow. Knowledge about various threat vectors and attackers TTPs. In depth knowledge of Active Directory. Excellent communication skills with ability to lead discussions with C level executives. Key Attribute Ability to work collaboratively in a fast paced environment. Continuous learner with a proactive approach to stay updated on industry trends. Strong problem solving skills and ability to make sound decisions under pressure. Customer facing with good written skills and strong communication skills at all levels. May be required to participate in out of hours on call rota. Ability to consistently deliver to deadlines while prioritizing competing demands for time. Qualifications Bachelor¿s degree in information technology or related field. Relevant certifications (CISSP, CEH, CISM, CISA) Working knowledge on any other SIEM tool viz Microsoft Sentinel, Splunk, QRadar etc. Splunk Enterprise Certified Admin,

Job Summary Role: Senior Security Analyst Base Location: Hinjewadi, Pune. Job Description Responsible for operationalization of new security platforms to enable security operations Center to stay ahead of emerging and current threats. Troubleshoot Splunk SIEM components and related functionalities. Integration of Splunk SIEM with other security Tools. Perform regular Health check of the Splunk core components. Act as a Subject Matter Expert for Splunk solution. Stay updated with latest Features, enhancement, security updates for Splunk. Deep log analysis skills on Splunk SIEM. Security Information Event Management & Analytics Platforms integration ¿ Splunk Build use cases that drive security analytics and incident response. Custom integration of Log sources and SIEM content development. Act as a Subject Matter Expert for Splunk solution. Implement and optimize security detection rules, queries, and playbooks within Splunk. Configure and troubleshoot Splunk SIEM components and related functionalities. Plan and onboard different data sources such as: Windows, linux, AD, Firewall, other security tools integration. Knowledge of various security methodologies and technical security solutions, Firewall, IPS, Antivirus, Proxy, WAF, Load balancer, DDOS, EDR (Sentinel One) and DLP solutions. Candidates with prior experience of setting up security operations from scratch would have added advantage. Identify automation opportunities in the incident response workflow and implement them with the help of automated playbooks in Microsoft Sentinel SIEM. Understand business requirements from the client and translate them into technical deliverables within Cyber Security domain. Deep log analysis skills on Splunk SIEM. Manage the daily/weekly/monthly SOC metrics reporting for the assigned set of clients. Build custom use cases, dashboards, reports as per the requirement from client and internal stakeholders. Demonstrate SOC differentiators and new capabilities to the prospect clients as part of RFP/RFI defense discussions. Proven history of maturing SOC from Initial to Optimised level of CMM maturity model. Skills Required Must Have 10+ years of experience in IT and 8+ years in Cyber Security. Hands on experience on Splunk including creation of custom queries, detection rules and automated response playbooks. SIEM ¿ Splunk (Must Have), QRadar, LogRhythm Thorough understanding of various industry leading cloud native SIEM architecture, pricing and technical knowhow. Knowledge about various threat vectors and attackers TTPs. In depth knowledge of Active Directory. Excellent communication skills with ability to lead discussions with C level executives. Key Attribute Ability to work collaboratively in a fast paced environment. Continuous learner with a proactive approach to stay updated on industry trends. Strong problem solving skills and ability to make sound decisions under pressure. Customer facing with good written skills and strong communication skills at all levels. May be required to participate in out of hours on call rota. Ability to consistently deliver to deadlines while prioritizing competing demands for time. Qualifications Bachelor¿s degree in information technology or related field. Relevant certifications (CISSP, CEH, CISM, CISA) Working knowledge on any other SIEM tool viz Microsoft Sentinel, Splunk, QRadar etc. Splunk Enterprise Certified Admin,

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Job Summary U2 Band (2 to 5 Years of experience) ¿ Soc Analyst Have an overall 2 to 5 years of experience in SIEM SOC operations. Expertise in SIEM Technology, Endpoint threat detection, Incident investigation and Antivirus. Experienced in SIEM ¿ Splunk, LogRhythm, Microsoft Sentinel. Experienced in EDR, Antivirus and threat detection. Experienced in email gateway targeted attack protection. Strong knowledge of the different attack techniques Hands on experience on Microsoft Sentinel Incident monitoring; KQL hunting queries; Dashboards and reports Experienced in analyzing, researching Windows / Unix Security Logs as well as logs form IDS/IPS, DLP tools, Anti Virus/Malware Strong in Incident response and mitigation False positive identification and report for the finetuning SOC shift handover , daily and weekly report preparation etc.

Greetings from Datamark !!! Position: Information Security Analyst Experience: 5+years Position Overview: The Information Security Analyst is responsible for the administration of the organization's information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Information Security Analyst must Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Information Security Analyst should Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Information Security Analyst must Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelor's degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals Requirements Nessus / Tenable.IO Scanning and must check for Vulnerability to come up with incidence report Must have knowledge Vulnerability Patching EndPoint Detection and Response / EDR Experience in any Antivirus solution is good SIEM Tools - SolarWinds (Log Event Manager) is preferred, MS Sentinel Must have a strong tab on meta data and email Data Loss Prevention / DLP Must have Knowledge in network security and Vulnerability Management Scanning, Vulnerability and Infosec Audit are the key aspects Compliance Auditing or any other Information Security related Auditing experience can also be considered Other Qualifications Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Preferred Certifications Experience in an IT Security related environment preferred Sec+ / CISA / CISM / A+ Cyber

Shift timings- 2 PM -11 PM Primary skills Azure Security Defender, Sentinel,(identity, Endpoint, etc.) Secondary skills Azure Infrastructure, Office 365 collab workloads Required Skills & Experience: Technical Expertise: Strong understanding of Azure security offerings, including but not limited to: Microsoft Defender for Cloud / Endpoint / Identity Microsoft Sentinel (SIEM/SOAR) Microsoft Entra (Identity Governance, Conditional Access) Hands-on experience with cloud security assessments, PoC deployments, and client workshops. Familiarity with Zero Trust architecture and related best practices. Professional Experience: 5+ years in IT security roles, with 2+ years focused on Azure or cloud security. Proven track record of leading technical engagements independently. Soft Skills: Excellent communication and presentation skills. Ability to articulate technical concepts to both technical and business audiences. Self-starter who thrives in a fast-paced, client-facing environment. Preferred Qualifications: Microsoft certifications (e.g., SC-100, AZ-500, SC-200) Experience working with Microsoft partners or within funded engagement programs. Exposure to regulatory compliance frameworks (e.g., ISO, NIST, GDPR) Key Responsibilities: Client Engagements: Conduct security assessments and discovery workshops to understand client environments, security gaps, and cloud readiness. Deliver technical Proof of Concepts (PoCs) and hands-on demonstrations of Microsoft Azure security solutions. Host and facilitate technical workshops on Zero Trust, Microsoft Defender, Sentinel, Entra, and related technologies. Provide technology walkthroughs, highlight use cases, and share practical experience to illustrate business value. Solution Design & Implementation: Design and recommend secure architectures and configurations using Azure-native tools and services. Collaborate on solution development, documentation, and client readiness for security modernization. Internal & Cross-Functional Collaboration: Work closely with Sales, PreSales, and regional delivery teams to align on customer needs, technical strategy, and success metrics. Contribute to proposal development and client presentations from a technical security standpoint. Thought Leadership & Enablement: Stay updated on Azure security advancements and share knowledge internally and with clients. Support internal enablement sessions and mentor junior team members, where applicable.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-TDR Senior As part of our EY-cyber security team, who shall work as SOC Senior consultant who will assist clients in Administration and management of security solutions. The opportunity We’re looking for Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Administration and management support of CrowdStrike Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing CrowdStrike Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-TDR Senior As part of our EY-cyber security team, who shall work as SOC Senior consultant who will assist clients in Administration and management of security solutions. The opportunity We’re looking for Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Administration and management support of CrowdStrike Perform as the subject matter expert on any of the above solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Experience in managing CrowdStrike Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Minimum 4 years of Hands-on experience of operating/implementing the above security tools. Certification in any of the SIEM platforms is a plus Knowledge of RegEx, Perl scripting and SQL query language. Certification - CCSA, CEH, CISSP, GCIH, GIAC. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.