844 Sentinel Jobs - Page 3

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. The team will be responsible for building and maintaining the core services that form the Control Plane of Microsoft Sentinel Graph (MSG). This crucial mission supports Microsoft's Security business, meeting the immense scale demands that few companies in the industry face. By leveraging cutting-edge technologies, we aim to deliver comprehensive protection to a global user base. The MSG Foundations Control Plane Engineering team is responsible for developing and implementing control plane services that coordinate the setup & interaction between various 1P & internal components needed to onboard an end user and provide complete experience of the Modern Security Data Lake. As a senior engineer, you will contribute to these services by designing and developing solutions that establish the platform's core functionality. . You will work in a forward-looking product as part of an agile, collaborative, and cross-discipline team. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities We are looking for someone who is a highly motivated, self-starter who thrives in a bottoms-up, fast paced, highly technical environment, has a strong customer focus and understands the importance of Live Site, has a demonstrated ability to establish and manage relationships across organizational boundaries, has proven experience dealing with large scale data architecture, operational architecture and or network Architecture and proven experience creating distributed systems tools of moderate-to-high complexity. You will be responsible to perform investigations and investments in complex areas; designing and delivering features end to end - including system architecture, code, deployment, scale, performance and quality, from conception to delivery. In short, you will be responsible for all aspects of a feature area including design Design and implement scalable, reliable, maintainable services Demonstrate strategic understanding of the timing and rationale for design choices, within the scope of work. Consistently contribute key ideas to the product or service design and vision that meets the customer's needs - Drive design reviews across the team and apply expertise in available technologies Apply metrics to drive the quality and stability of code - Have a sense of pride, commitment, and personal accountability for the service quality, completeness and resulting user experience for the life of the product or service Work closely with geographically distributed team, including Product Managers and developers, to drive key improvements in backend Engineering System. Qualifications 8+ years of experience in software development. (Required) BS in Computer Science or higher, equivalent industry experience. Experience in handling large software engineering projects, modularizing them into deliverables for the team, shepherding them to quality delivery, and working closely with engineering partners across the globe. (Required) Demonstrated problem solving and debugging skills. (Required) Breadth and depth technical knowledge in software engineering. Experience in building, shipping, and operating reliable system software preferably with experience in large scale high availability distributed systems. Other Requirements Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter. Hastags: #MSFTSecurity #sde Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Hi, Hope you are doing well. This is Marudhu from Wall Street. our client is looking for a Systems Administrator in Madhapur, HY (Onsite). Your experience and skills match the client's needs; please share your updated resume if you are interested. If not, kindly ignore. Job Title: Systems Administrator Location: Hyderabad, IN (Onsite) Project: Long Term Contract Interview: In-person Must have: Single Sign-On (SSO), Google Workspace, AWS, Endpoint Detection and Response (EDR), MS Office, Okta, and Bitbucket. Job Description: Minimum Requirements: Strong understanding of Single Sign-On (SSO) solutions, particularly Okta, and experience with Google Workspace. Experience with Amazon Web Services (AWS) or other cloud platforms. Proficiency with collaboration tools such as Slack and Microsoft Office Suite. Knowledge of Endpoint Detection and Response (EDR) solutions and Mobile Device Management (MDM) systems. Familiarity with Microsoft Entra, including Azure Active Directory, Conditional Access, and its various components. Excellent troubleshooting skills with the ability to work in fast-paced environments. Key Responsibilities: Implement and maintain SSO solutions (Okta, Google Workspace, etc.) for seamless access across multiple platforms. Monitor and optimize Microsoft Office 365 and other SaaS applications for performance and security. Configure and manage EDR and MDM systems to secure endpoints and mobile devices. Manage and optimize Microsoft Entra configurations to ensure secure access controls. Provide technical support, respond to user requests, troubleshoot issues, and escalate when necessary. Stay informed on the latest IT trends and implement best practices. Okta SSO and SCIM Configuration: Configure and maintain Okta SSO integration with applications like Office 365, AWS, and Google Workspace. Implement SCIM (System for Cross-domain Identity Management) for efficient user provisioning and de-provisioning. Ensure a smooth login experience for employees and partners. RBAC Rule Maintenance: Define and maintain Role-Based Access Control (RBAC) policies in Okta. Update RBAC rules based on new hires or role changes. Monitor RBAC logs for potential security issues and adjust policies as needed. Endpoint Protection: Configure and manage Mobile Device Management (MDM) solutions (Entra, Mosyle, etc.) to enforce security compliance. Set up and manage EDR tools (e.g., Sentinel One) for detecting and responding to endpoint security threats. Analyse and monitor EDR logs to identify and mitigate security risks. Endpoint Troubleshooting: Investigate system and event logs to diagnose and troubleshoot endpoint issues (Mac and PC). Work with users to identify problems and provide resolutions or escalate to higher-level support when necessary. Application Provisioning and De-provisioning: Manage application provisioning, ensuring correct access controls and authentication mechanisms. Handle de-provisioning for departing employees or role transitions, ensuring timely revocation of access. Other Tasks: Track IT service desk metrics like ticket resolution rates and response times. Collaborate with other IT teams, including Security Operations, for integrated systems management. Stay updated with emerging technologies and industry best practices to enhance IT services. Thanks & Regards, Marudhu Pandian Sr. Technical Recruiter Direct India: +91 8977727370 Email: mpandian@wallstreetcs.com Wall Street Consulting Services, LLC | 100 Overlook Center,2nd Floor, Princeton, NJ 08540 | www.wallstreetcs.com

Job Description: We are seeking a proactive and detail-oriented Endpoint Security Engineer to manage and enhance our endpoint protection technologies. This role focuses on deploying, tuning, and monitoring Microsoft Defender products (such as Defender for Endpoint, Defender for Identity, Defender for O365 and Defender Antivirus ) with a strong emphasis on SCCM\Intune platform expertise to ensure comprehensive visibility, compliance, and rapid threat response. Key Responsibilities: Administer, monitor, and optimize Microsoft Defender suite deployments across the enterprise . Serve as an escalation point for complex endpoint and infrastructure-related incidents. Design and manage endpoint detection and response (XDR) policies using Defender for Endpoint. Develop threat-hunting hypotheses and implement new detection logic in Defender XDR. Provide mentorship and guidance to Tier 1/2 SOC analysts. Develop and maintain configuration baselines, health checks, and compliance reporting using Tanium. Investigate and remediate security alerts and endpoint incidents. Collaborate with SOC and IR teams for threat hunting, forensic analysis, and response automation. Document processes, configurations, and incident response procedures. Automate compliance and remediation workflows using PowerShell and Intune configuration profiles. Manage and monitor Microsoft Defender for Office 365 to protect users from phishing, malware, and other threats across Exchange, SharePoint, OneDrive, and Teams. Requirements: 3–5 years of experience in endpoint security or a related cybersecurity role. Deep knowledge of Microsoft Defender for Endpoint, Defender for Identity, and related Defender XDR tools. Strong Experience With Intune Platform. Experience with scripting (PowerShell,Python) for automation and remediation. Familiarity with SIEMs (e.g., Splunk, Sentinel) and EDR integrations. Strong analytical and troubleshooting skills.

Join DAZN's Security Operations team as a Security Operations Analyst and help protect the world's leading global sports streaming platform. You'll be part of a dynamic team responsible for detecting, investigating, and responding to security threats across our diverse technology stack, from cloud infrastructure to broadcasting systems that deliver live sports to millions of fans worldwide. ## What You'll Do Threat Detection & Response Configure, maintain, and monitor security alerts and escalations from various tools including Microsoft Sentinel SIEM, Defender for Endpoint, WIZ, AWS WAFv2, Tenable, and other security platforms Lead and drive incident response activities from initial detection through remediation to prevention Conduct thorough incident root cause analysis and recommend actionable steps to prevent future occurrences Triage and investigate security alerts, determining true positives from false positives Threat Intelligence & Analysis Monitor and analyze global threat intelligence trends with potential impact on DAZN's business operations Get hands-on with threat feeds and real-time attack data, with particular focus on threats targeting broadcasting and streaming environments Configure new detection rules and alerts based on emerging threats, hunt results, or lessons learned from incident analysis Security Operations Enhancement Identify, develop, and implement new processes and procedures to strengthen our security operations program Contribute to the development of custom automation tools to enhance monitoring and response capabilities Collaborate with the team to continuously improve security monitoring across our cloud and on-prem environments Stakeholder Support Respond to internal security-related questions and requests from teams across DAZN Provide security and privacy expertise to support multiple business units and technical teams Participate in security awareness initiatives and help educate colleagues on security best practices What We're Looking For Essential Requirements Strong passion for cybersecurity, particularly threat detection and response Experience handling complex security incidents and conducting investigations Knowledge across multiple cybersecurity domains (network security, identity security, endpoint protection, cloud security, etc.) Familiarity with SIEM platforms (Microsoft Sentinel experience preferred) Understanding of security tools such as EDR, CASB, CSPM solutions Ability to work independently with minimal guidance while managing multiple tasks within set timeframes Strong analytical and problem-solving skills with attention to detail

Consultant Hyderabad, Telangana, India Date posted Jul 23, 2025 Job number 1849920 Work site Up to 50% work from home Travel 0-25 % Role type Individual Contributor Profession Consulting Services Discipline Technology Consulting Employment type Full-Time Overview At Microsoft, our core mission is empowering every person and every organization on the planet to achieve more. Industry Solutions (IS) is a global organization of over 16,000 strategic sellers, industry experts, elite engineers, architects and consultants, who along with delivery experts are working together to bring Microsoft’s mission of empowerment – and cutting-edge technology - to life for the world’s most influential customers. We are on the front lines of innovation, working side-by-side with customers to drive value across the entirety of their digital transformation journey. Our team prides itself on embracing a growth mindset, inspiring excellence, and encouraging everyone to share their unique viewpoints and be their authentic selves. Qualifications Required qualifications for Consultants include: Highly proficient, customer-facing experience involving project envisioning, planning, design, development, and deployment of complex solutions 7+ years of software development: automation-related experience is valued. Scripting languages such as bash, python, and PowerShell, or compiled languages such as C, C# and Go are most relevant, but others are acceptable. Awareness of, and ability to reason about, modern software & systems architectures, including load-balancing, queueing, caching, distributed systems failure modes generally, microservices, and so on Associated troubleshooting skills, including the ability to follow RPC call-chains across arbitrary network steps. Consequent understanding of monitoring in distributed systems Deep understanding of operating system level concepts such as processes, memory allocation, and the network stack; understanding of how applications are affected by the above, and ability to debug same Experience with working in a team, including coordinating large projects, communicating well, and exercising initiative when presented with problems Strong understanding of customer and partner business and IT environments, with proven record of delivering successful technical solutions Practical experience running large scale online systems is always an advantage Demonstrated ability to focus on the development of customer business agility and business value, while simultaneously providing deep experience with specific technologies Strong communication, consulting, analytical and problem-solving skills Growth mindset Flexible work approaches with strong proactivity and inclination to resolving customer situations Demonstrated skills designing and developing technology in area(s) of specialization to solve business problems and help customers in enhancing existing applications; core skills must include Microsoft technology, with open-source experience helpful Degree in Computer Science Engineering, MCA or equivalent with work experience; higher relevant education preferred MCSD/MCSE/MCAD/Azure certification is a plus Required Skills: Strong Object-Oriented Programming and Design experience Understanding of Technical Design Patterns SQL Programming knowledge .Net 4.0/Core (ASP.Net, Web API, PowerShell script. MVC, TFS/GitHub) Azure (Deep technical understanding of PaaS, Good experience in Azure services like Service Fabric, Web Apps, Cosmos DB, Azure Storage, Azure Service Bus, Azure Functions, and API management, SQL. with Azure Application Dev experience)Deep technical and architectural knowledge of at least 3 of the following areas, as well as broad understanding across the Microsoft Development toolset: Cloud Technologies (preferably Azure Full Stack) Skills on projects targeting a variety of form factors (e.g. Mobile, IoT) Development Languages (e.g. C#, JavaScript, Java, Front end skills like React, Angular etc.) Application Lifecycle Management (e.g. Agile, TFS etc.) Solution Architecture (e.g. SOA, Enterprise Architecture) Identity and Access Management (IAM), Conditional Access Policies, Strong Authentication, Risk-Based Access, Encryption, Backup & Disaster Recovery, Data Loss Prevention (DLP), Secure Coding Practices, Input Validation, Output Encoding, Authentication and Password Management, Session Management, Cryptography, Threat and Vulnerability Identification, Security Breach Response. Techniques :Implementing modern authentication providers (like EntraID), simulating attacks, writing resilient code, using encryption algorithms, hashing techniques, secret management with key vault, cryptographic protocols. Tools : Azure Security Center, Azure Sentinel, Metasploit, Burp Suite, custom scripts. Good to have skills: Industry vertical knowledge – Retail, Banking and Finance, Telecom etc. Middleware technologies used for integrations Knowledge of Azure DevOps, Docker, Kubernetes etc. Responsibilities Candidates must understand customer and partner business and IT environment and have demonstrated skills designing and developing technology in area(s) of specialization to solve business problems. Candidates must have experience developing software for the Microsoft platform using programming languages and development platforms including C# or any modern programming language and Microsoft SQL Server. Participates in the delivery of complex solution as technical individual contributor or as a team member under coaching/guidance of senior team members. Strong knowledge of the Software Development Life Cycle methodology, technical design, development and implementation decisions on the use of technology in area(s) of specialization. Contribution to overall Release and Sprint planning Overall Application Design (HLD) Validate planned velocity of the feature teams Provide user story estimates in refinements to deliver quality and on time delivery Drive team to Code Metrics like Style Cop, FXCop, CC, Class Coupling are met as defined by the project Drive team to ensure code complies with security and performance standards Track and monitor the feature team’s delivery progress Track team sprint bug's RCA for quality improvement in subsequent sprints and take action Track quality reports like Build and Sonarqube Conduct User story ready meeting DoD once Sprint ends Lead Sprint planning and task distribution Track creation of LLD for relevant user story Review LLD for relevant user story Ensure Unit Test, Integration test Automation as per the acceptance and P1, P2 test cases Ensure UI Automation for validation scenarios and 80% P1, P2 Validate Performance Test Scenarios and Execution Validate Environment Readiness Ensure Functionality is verified to be working in the DEV Integration environment against the test cases identified by the test team. Ensure UI verification and validation Ability to understand and analyze issues and use judgment to make decisions. Strong problem solving & troubleshooting skills Strong communication and leadership skills Responsible for self-development according to professional development plan Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Qualifications Required . Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent professional experience is acceptable. Minimum 5+ years of experience in Azure cloud operations, with a demonstrated focus on security and vulnerability management. Proven track record of managing and securing large-scale Azure environments in production. Hands-on experience with vulnerability scanning, remediation, and compliance in enterprise cloud environments. Extensive experience in responding to and managing security incidents and threat mitigation in Azure. Technical Skills Azure Expertise : In-depth knowledge of Azure services, including but not limited to: Azure Security Center Azure Defender Azure Key Vault Azure Policy Azure Sentinel (SIEM) Azure Active Directory (Azure AD) Security and Vulnerability Tools : Proficiency with vulnerability scanning and management tools like Qualys, Tenable Nessus, or Rapid7. Experience with Azure-native security tools for threat detection and remediation. Infrastructure Hardening : Strong knowledge of security best practices for securing virtual machines, storage accounts, AKS, and network components. Familiarity with zero-trust architecture principles and implementation in Azure. Automation & Scripting : Advanced skills in scripting languages such as PowerShell , Azure CLI , Python , or other automation tools to remediate vulnerabilities and improve operational efficiency. Experience in integrating security checks into CI/CD pipelines. Certifications (Preferred or Mandatory) Azure Cloud Certifications: Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) Security Certifications: Certified Information Systems Security Professional ( CISSP ) Certified Ethical Hacker ( CEH ) CompTIA Security+ GIAC certifications (e.g., GCIH, GSEC, or GCED) Other Requirements Familiarity with regulatory and compliance standards, such as ISO 27001 , SOC 2 , GDPR , or HIPAA . Experience in performing and supporting audits related to cloud security. Proven ability to stay current with evolving cloud and cybersecurity trends.

Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads. Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive , threat-informed , risk-based , intelligence-driven approach to detecting and responding to threats. Our mission is to help our customers: Defend against new and emerging risks that impact their business. Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments. Reduce their exposure to risks that impact their identity and brand. Develop operational resilience. Maintain compliance with legal, regulatory and compliance obligations. What were looking for To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspaces strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection & Response (EDR) services to customers. The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection & Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers. You will also be required to liaise closely with the customers key stakeholders, which may include incident response and disaster recovery teams as well as information security. Skills & Experience Should have 8+ years experience in Security Engineering. Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection & Response. Experience of working with cloud native Endpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud. Experience of working in two (or more) of the following additional security domains: SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc. AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail . Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc. Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell. Knowledge of Malware reverse engineering, threat detection and threat hunting. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - Microsoft Certified: Azure Security Engineer Associate (AZ500) Microsoft Certified: Security Operations Analyst Associate (SC-200) Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) GIAC Certified Incident Handler (GCIH) GIAC Security Operations Certified (GSOC) CrowdStrike admin Certified A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail. A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture. Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure. An individual who shows a willingness to go above and beyond in delighting the customer. A good communicator who can explain security concepts to both technical and non-technical audiences. Key Accountabilities Ensure the Customers operational and production environment remains healthy and secure at all the times. Assist with customer onboarding customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s). Advance platform administration. Critical platform incident handling & closure. As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection & Response. Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams. Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s) Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc. Co-ordinate with vendor for issue resolution. Required to work flexible timings.

Role Overview The OT Security Analyst – Level 2 (L2) plays a pivotal role in defending operational technology (OT) environments against evolving cyber threats. This role requires a deep understanding of security incident analysis, threat detection, and incident response, specifically tailored to Industrial Control Systems (ICS) and OT networks. The analyst will investigate complex security incidents within the OT infrastructure, collaborate with IT/OT teams, and enhance security posture through actionable insights. ________________________________________ Key Responsibilities Conduct in-depth analysis of security events and incidents within OT environments, leveraging SIEM and OT-specific monitoring tools. Perform root cause analysis and develop incident timelines to support forensics and remediation efforts. Apply standard incident response frameworks (e.g., NIST, MITRE ATT&CK for ICS, Cyber Kill Chain) for threat classification and response. Use threat intelligence platforms and sandbox environments to investigate malware and suspicious artifacts in OT networks. Analyze access logs, network traffic, and protocol behaviours across OT systems (e.g., SCADA, DCS, PLCs). Support investigations related to unauthorized device communications, anomalous behaviours, or compromised industrial assets. Collaborate with OT security engineers and external vendors to escalate and remediate incidents. Refine alert rules and detection logic to reduce false positives and improve signal-to-noise ratio in OT SOC operations. Document incident findings and support continuous improvement of the OT SOC playbooks and knowledgebase. Liaise with the IT SOC and CIR (Cyber Incident Response) teams to align incident handling and cross-domain investigations. Participate in threat hunting activities tailored for OT environments using behavioural analysis and attack-path simulation. ________________________________________ Technical Skills & Knowledge Strong understanding of OT/ICS protocols (Modbus, DNP3, OPC, etc.) and industrial network topologies. Hands-on experience with OT cybersecurity tools and platforms (e.g., Nozomi Networks, Claroty, Dragos). Familiar with ISA/IEC 62443, NIST SP 800-82, NIST CSF, and ISO 27001 compliance requirements for OT. Proficiency in using SIEM systems (e.g., Microsoft Sentinel, Splunk, QRadar) for log correlation and event triage. Understanding of firewalls, WAFs, proxies, and network segmentation principles in OT. Working knowledge of tools such as THOR Scanner, VMRay, or Recorded Future is a plus. Experience in vulnerability management and patch advisory for OT assets with limited patch cycles. ________________________________________ Nice To Have Exposure to Red Team/Blue Team exercises focused on OT/ICS. Familiarity with GRC platforms and risk assessment tools tailored to OT.

Job Summary/Objective Set up & Maintain On-premises Active Directory, Azure Hybrid Cloud Infrastructure Windows Administration on VMWARE/Hyper-V in Datacenter & Backup Administrator Skills On-premise Active Directory Administrator & ADFS Administration Configure and manage Microsoft Intune for MDM and MAM Support hybrid Azure AD joined and Azure AD joined devices. Manage synchronization between on-premises Active Directory and Azure AD using Azure AD Connect. Window Server Administration in Data Center patching via WSUS or configuration management tools SCCM/Manage Engine Proficient PowerShell Scripting /.NET Programming Experience on VMWARE, Hyper-V Admin & Backup Tools, Work Experience on Azure Security Centre, Azure Defender, and Azure Sentinel (nice to Have) Work Experience in ISO27001/SOC2/GDPR Compliant Organization(Nice to Have) Good Document writing Skill on Microsoft Excel & PowerPoint Preparation Certifications Exam AZ-800: Administering Windows Server Hybrid Core Infrastructure Exam AZ-801: Configuring Windows Server Hybrid Advanced Services SC-300: Microsoft Identity and Access Administrator Experience: Relevant 6 Years Personal Attributes Good Communication skills specially written, Excel and PowerPoint Preparation Team Leader, Effectively articulation of ideas, convey information. Addresses customer inquiries or issues promptly & professionally. Clear and concise communication is essential for understanding requirements & expectations. Work Environment : 5 Days in-office working, Posting at Faridabad/Greater Noida, May have to travel Chennai & Overseas

Role & responsibilities Monitor OT security alerts and events through SIEM and OT monitoring platforms (e.g., Splunk, Forescourt, Sentinel One) Perform initial triage and prioritization of security incidents Escalate complex or high-severity events to L2 analysts or SOC management Support basic containment and mitigation steps following incident playbooks Document incidents, observations, and response actions in ticketing systems Assist with compliance reporting and vulnerability assessments Maintain awareness of OT-specific threats and attack vectors Participate in 24/7 shift-based operations if required Skills & Competencies Familiarity with industrial control systems (ICS), SCADA, PLCs, DCS, and OT protocols Understanding of network security principles and OT cybersecurity standards Hands-on experience with SIEM platforms such as Splunk Knowledge of device visibility/control solutions like Forescout Knowledge of endpoint detection & response platforms such as SentinelOne Good teamwork and communication skills Ability to work under pressure and in a 24/7 shift environment (if required) Analytical skills to identify patterns and security threats Certifications Preferred GICSP (Global Industrial Cyber Security Professional) - preferred CEH ICS-CERT CompTIA Security+ Splunk Certified User/Analyst Forescout certifications SentinelOne certifications Any relevant OT/ICS cybersecurity or industrial security certifications Qualifications & Experience 1-3 years' experience in SOC or security monitoring, preferably with exposure to OT/industrial environments

As a Qualcomm Hardware Engineer, you will play a crucial role in planning, designing, optimizing, verifying, and testing electronic systems across a range of technologies, including circuits, mechanical systems, and digital/analog/RF/optical systems. Your work will contribute to the launch of cutting-edge, world-class products that drive digital transformation and enable next-generation experiences. Collaboration with cross-functional teams will be key to developing solutions that meet performance requirements and exceed expectations. To qualify for this role, you should hold a Bachelor's degree in Computer Science, Electrical/Electronics Engineering, or a related field with at least 2 years of Hardware Engineering experience. Alternatively, a Master's degree with 1 year of relevant experience or a PhD in a relevant field will also be considered. Your responsibilities will include supporting Qualcomm's customers in designing solutions using Qualcomm hardware and software, contributing to end product designs, and working closely with internal partners to define products. Your expertise in designing industry standard form factor modules, utilizing schematic capture and PCB layout tools, and implementing Power Distribution Network methodologies will be crucial for success in this role. Candidates for this position should possess excellent communication skills, both oral and written, to effectively engage with external customers across different geographies. Experience in running PDN simulations of PCBs, as well as knowledge of analog, power, digital, and RF PCB layout aspects, will be highly valuable. Proficiency in reviewing schematics & PCB layouts, hands-on experience with multilayer PCBs, and familiarity with PCB layout tools like Altium Designer and Mentor PADS are desired. Additionally, exposure to general purpose prototyping platforms and electrical test & measurement equipment will be advantageous. Preferred qualifications include a strong understanding of HW and PCB design, signal integrity, and electromagnetic compatibility principles. Experience with Design for Manufacturability (DFM) and Design for Testability (DFT) practices, as well as familiarity with IPC standards for PCB design and manufacturing, will be beneficial. Effective problem-solving skills, attention to detail, and the ability to manage multiple projects and meet deadlines are essential for this role. If you are seeking a challenging opportunity to work on cutting-edge technologies and drive digital innovation, we encourage you to apply for this position at Qualcomm India Private Limited.,

As a Senior Staff DevOps Engineer at Zscaler, you will play a crucial role in the Product Security Team, reporting directly to the Director, Software Engineering. Your primary responsibilities will involve designing and implementing a robust secrets and key management infrastructure that seamlessly integrates with the entire company ecosystem. This will include leveraging tools such as HashiCorp Vault and creating automation for secret management, rotation, revocation, and audits to ensure compliance. Furthermore, you will be enhancing secrets management using policy-as-code, AI security automation, and IaC, as well as enforcing secrets management policies and mentoring teams on best practices. To excel in this role, you should have a minimum of 7 years of experience in DevOps, infrastructure automation, and secrets management for large-scale distributed systems. Proficiency in scripting/programming languages like Python, Go, Bash, and CI/CD tools such as Jenkins, GitLab CI, and CircleCI is essential. Strong knowledge of Kubernetes, Terraform, Helm, ArgoCD, Spinnaker, and secrets injection is also required. Additionally, experience in designing and implementing secure pipelines, least privilege access control, and audit logging for compliance is highly valued. In addition to the minimum qualifications, hands-on experience with integrating HashiCorp Vault, AWS KMS, Azure Key Vault, Google Cloud KMS, or similar technologies is a plus. Expertise in infrastructure automation, secrets management, proficiency in policy-as-code frameworks like OPA, Sentinel, and security-as-code best practices will make you stand out as a candidate. At Zscaler, we are dedicated to creating an inclusive environment that values diversity and collaboration. Join us in our mission to make business seamless and secure. Our comprehensive Benefits program includes various health plans, time off plans, parental leave options, retirement benefits, education reimbursement, and in-office perks, among others. If you are passionate about cloud security, automation, and innovation, and if you thrive in a collaborative and fast-paced environment, Zscaler is the place for you. Make your next career move with us and be a part of our dynamic team that is shaping the future of cloud security worldwide.,

As an L3 SOC Analyst at CyberProof, a UST Company, you will be a key member of our Security Operations Group, dedicated to helping enterprises react faster and smarter to security threats. With 5 to 7 years of experience under your belt, you will play a crucial role in maintaining secure digital ecosystems through automation, threat detection, and rapid incident response. Your must-have skills include expertise with SIEM vendors such as QRadar, Sentinel, and Splunk, incident response capabilities, and a strong understanding of attack patterns, Tools, Techniques, and Procedures (TTPs). You are experienced in writing procedures, runbooks, and playbooks, possess strong analytical and problem-solving skills, and have hands-on experience with system logs, network traffic analysis, and security tools. Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) is essential for this role. Additionally, good-to-have skills involve experience in setting up SIEM solutions, troubleshooting connectivity issues, familiarity with security frameworks and best practices, and the ability to collaborate effectively with IT and security teams. Your responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting in-depth investigations to assess impact and understand the extent of compromise, analyzing attack patterns, and providing recommendations for security improvements. You will be responsible for proactive threat hunting, log analysis, providing guidance on risk mitigation, improving security hygiene, identifying gaps in security processes, and suggesting enhancements. Ensuring end-to-end management of security incidents, documenting incident response processes, defining future outcomes, participating in discussions, meetings, and briefings, as well as training team members on security tools and incident resolution procedures are also part of your role.,

Position Overview: We are seeking a highly skilled Senior Security Operations Analyst with significant hands-on experience in Microsoft Sentinel, as well as proficiency in Intune and Microsoft Defender for Endpoint. The ideal candidate will possess a minimum of five years’ direct experience with Sentinel, alongside a robust working knowledge of both Windows and UNIX operating systems. Familiarity with the Microsoft 365 E5 product suite, expertise in Kusto Query Language (KQL), experience developing workbooks and logic apps, and a proven history of collaboration with Security Operations Center (SOC) teams are essential. This individual will play a vital role in tuning security offenses, conducting threat hunting activities, and contributing to the proactive defense of our digital assets. Core Responsibilities: · Sentinel Expertise: Leverage at least five years of hands-on experience to manage, maintain, and optimize Microsoft Sentinel for security monitoring and incident response. Configure and fine-tune data connectors, analytics rules, and playbooks to increase detection capabilities and reduce false positives. · Intune and Microsoft Defender for Endpoint: Demonstrate medium-level experience implementing, administering, and troubleshooting Microsoft Intune and Defender for Endpoint. Collaborate with IT and security teams to ensure endpoint security policies are enforced and devices are correctly enrolled, monitored, and protected. · Cross-Platform Security Operations: Apply familiarity with both Windows and UNIX operating systems to monitor, assess, and respond to threats in a heterogeneous environment. Analyze operating system logs and security events across diverse platforms to ensure comprehensive threat coverage. · Microsoft 365 E5 Product Suite: Utilize knowledge of M365 E5 products, including advanced security, compliance, and collaboration tools, to support and enhance security operations. Integrate Microsoft 365 telemetry and intelligence into Sentinel for comprehensive monitoring. · Kusto Query Language (KQL): Develop and maintain complex queries and detection logic using KQL to drive advanced threat detection and analytics in Sentinel. Continuously refine query logic to improve incident triage and investigation workflows. · Workbooks and Logic Apps: Design, implement, and optimize Sentinel workbooks for custom dashboards, reporting, and visualization of security data. Build and maintain automation workflows using Azure Logic Apps to streamline response activities and efficiently remediate threats. · SOC Collaboration and Threat Hunting: Actively engage with the SOC team to tune alerting rules, reduce noise, and ensure offenses are actionable. Lead or support proactive threat hunting missions using Sentinel and Defender for Endpoint telemetry, providing detailed analysis, documentation, and recommendations on findings. · Continuous Improvement: Stay abreast of evolving threat trends and advancements in security technologies. Participate in internal and external training to maintain and enhance skills pertinent to Sentinel, Intune, Defender for Endpoint, and related security domains. · Documentation and Knowledge Sharing: Author and maintain comprehensive documentation covering detection rules, incident response procedures, tuning activities, and lesson-learned reports. Contribute to the team's knowledge base and mentor junior analysts as required. Required Qualifications: · Bachelor’s degree in Information Security, Computer Science, or a related field; or equivalent professional experience. · Minimum 5 years of direct, hands-on experience with Microsoft Sentinel, including configuration, rule development, alert tuning, and playbook automation. · Strong practical expertise in the use of Kusto Query Language (KQL) for security analytics and threat detection. · Medium-level experience with Microsoft Intune and Microsoft Defender for Endpoint in enterprise environments. · Demonstrated ability to design and maintain Sentinel workbooks and Azure Logic Apps. · Familiarity with both Windows and UNIX/Linux operating systems, including log analysis, system configuration, and threat response procedures. · Good understanding of Microsoft 365 E5 product features, especially advanced security and compliance capabilities. · Track record of working collaboratively with SOC teams for alert tuning, threat hunting, and incident response. · Strong analytical, troubleshooting, and problem-solving abilities. · Excellent written and verbal communication skills, including the ability to document processes and communicate findings to technical and non-technical audiences. Preferred Skills and Certifications: · Relevant certifications such as Microsoft Certified: Security Operations Analyst Associate, Microsoft Certified: Azure Security Engineer Associate, or similar. · Experience with additional EDR, SIEM, and SOAR platforms. · Background in scripting or programming (e.g., PowerShell, Python) for process automation. · Knowledge of compliance frameworks (e.g., SOC 2, ISO 27001, GDPR) and security best practices. · Experience in security incident investigation and digital forensics. Primary Duties and Day-to-Day Activities: · Daily monitoring and triage of security alerts within Sentinel and Defender for Endpoint. · Development and fine-tuning of analytic rules and automation playbooks to optimize threat detection and response. · Collaboration with SOC analysts and incident handlers to investigate and remediate security incidents. · Routine threat hunting using advanced queries and correlation of data from multiple sources. · Preparation and delivery of reports on security posture, incident trends, and detection efficacy to management and key stakeholders. · Continuous review and enhancement of security configurations in Intune, Defender for Endpoint, and associated infrastructure.

Job Summary: We are seeking a highly skilled and motivated SOC Analyst / Detection Engineer to join our Security Operations Center. This role requires expertise in developing advanced KQL and Splunk queries, detection engineering, and incident response within complex enterprise environments. The ideal candidate will bring hands-on experience with SIEM, EDR, cloud security, incident playbooks, and OSINT tools, while also showing a passion for mentoring junior team members. Key Responsibilities: Develop and fine-tune detection rules and analytics using KQL (Microsoft Sentinel) and SPL (Splunk). Lead threat hunting activities leveraging EDR telemetry, SIEM logs, and threat intelligence sources. Design and implement detections based on behavioral patterns and MITRE ATT&CK mappings. Investigate security alerts and incidents, triage threats, and provide detailed incident reports and root cause analysis. Build and maintain incident response playbooks, SOPs, and runbooks to streamline SOC operations. Collaborate with internal teams to continuously improve detection logic and incident workflows. Mentor and train junior analysts, promote knowledge sharing, and support SOC skill development. Develop integrations and use cases with various log sources from on-prem, cloud, and hybrid environments. Utilize OSINT tools and frameworks (e.g., VirusTotal, Shodan, Censys, MISP, AbuseIPDB, Whois, etc.) during threat investigation and enrichment. Drive automation and orchestration where applicable using SOAR technologies. Stay up to date on threat intelligence, emerging tactics, techniques, and procedures (TTPs). Technical Skill Requirements: Detection Engineering: Strong expertise in writing detection queries (KQL/SPL), developing use cases, and tuning alerts. SIEM: Hands-on experience with Microsoft Sentinel and Splunk (Enterprise Security). EDR/XDR: CrowdStrike Falcon, Microsoft Defender for Endpoint. Cloud Security: Security monitoring in Azure, AWS, and GCP. Microsoft 365 Security: Defender for Office 365, Entra ID (Azure AD), Purview (compliance). Web Security Filtering: Experience or knowledge of Zscaler and similar solutions. Incident Response: Playbook development, SOPs, runbook creation, triage, and remediation. OSINT Tools: Practical usage of VirusTotal, URLScan.io, MISP, Shodan, Censys, GreyNoise, AbuseIPDB, Whois, etc. Log Analysis: Deep understanding of log formats from servers, network devices, cloud services, and applications. Automation/SOAR: Familiarity with automation frameworks (Logic Apps, Sentinel Playbooks, Splunk SOAR) is a plus. Scripting: PowerShell, Python, or equivalent scripting for enrichment and automation. Additional Expectations: Willingness to mentor and train junior SOC team members. Ability to work independently in a fast-paced SOC environment. Excellent analytical, communication, and problem-solving skills. Strong attention to detail and a proactive security mindset. Preferred Certifications (Nice to Have): SC-200: Microsoft Security Operations Analyst Splunk Core/Enterprise Security certifications CrowdStrike CCFR / CCFH Zscaler ZCCA/ZCCP Azure/AWS/GCP security certifications GIAC (GCIA, GCED, GCIH) or other relevant SANS certifications

Job Summary: We are seeking a proactive and technically skilled information security (SOC) Engineer/Analyst to monitor, detect, and respond to cybersecurity threats in real-time. The ideal candidate will have strong analytical skills, be detail-oriented, and possess a sound understanding of threat landscapes, SIEM tools, and incident response. The ideal candidate will possess a strong foundational understanding of cybersecurity governance, robust technical skills in security operations, and a commitment to staying abreast of the evolving threat landscape and internal security requirements. Key Responsibilities Monitor security events and alerts from SIEM and other security tools. Perform initial triage and investigation of potential threats or anomalous behavior. Escalate incidents according to severity and defined procedures. Document incidents, provide root cause analysis, and maintain detailed logs. Analyze threat intelligence feeds and correlate with internal data. Assist in threat hunting and vulnerability management activities. Support continuous improvement of SOC processes and playbooks. Collaborate with other IT and Security teams for incident resolution. Assist in developing and tuning SIEM rules, queries, and dashboards for threat detection. Contribute to vulnerability management and secure configuration of internal systems and cloud environments. Support the testing and execution of recovery plans for security systems and data. Document incident findings, remediation steps, and contribute to post-incident reviews. Required Skills & Qualifications: Bachelors degree in Computer Science, Cybersecurity, or related field. 13 years of experience in a SOC environment or similar security operations role. Familiarity with SIEM tools (e.g., Splunk, QRadar, Sentinel). Understanding of TCP/IP, firewalls, IDS/IPS, and common attack vectors. Knowledge of malware, phishing, ransomware, and social engineering tactics. Hands-on experience with endpoint protection, network monitoring, and forensic tools. Excellent communication and documentation skills. Preferred Certifications: CompTIA Security+ or CySA+ Vendor-specific SIEM certifications.

Role Overview: The OT Security Analyst – Level 2 (L2) plays a pivotal role in defending operational technology (OT) environments against evolving cyber threats. This role requires a deep understanding of security incident analysis, threat detection, and incident response, specifically tailored to Industrial Control Systems (ICS) and OT networks. The analyst will investigate complex security incidents within the OT infrastructure, collaborate with IT/OT teams, and enhance security posture through actionable insights. ________________________________________ Key Responsibilities: • Conduct in-depth analysis of security events and incidents within OT environments, leveraging SIEM and OT-specific monitoring tools. • Perform root cause analysis and develop incident timelines to support forensics and remediation efforts. • Apply standard incident response frameworks (e.g., NIST, MITRE ATT&CK for ICS, Cyber Kill Chain) for threat classification and response. • Use threat intelligence platforms and sandbox environments to investigate malware and suspicious artifacts in OT networks. • Analyze access logs, network traffic, and protocol behaviours across OT systems (e.g., SCADA, DCS, PLCs). • Support investigations related to unauthorized device communications, anomalous behaviours, or compromised industrial assets. • Collaborate with OT security engineers and external vendors to escalate and remediate incidents. • Refine alert rules and detection logic to reduce false positives and improve signal-to-noise ratio in OT SOC operations. • Document incident findings and support continuous improvement of the OT SOC playbooks and knowledgebase. • Liaise with the IT SOC and CIR (Cyber Incident Response) teams to align incident handling and cross-domain investigations. • Participate in threat hunting activities tailored for OT environments using behavioural analysis and attack-path simulation. ________________________________________ Technical Skills & Knowledge: • Strong understanding of OT/ICS protocols (Modbus, DNP3, OPC, etc.) and industrial network topologies. • Hands-on experience with OT cybersecurity tools and platforms (e.g., Nozomi Networks, Claroty, Dragos). • Familiar with ISA/IEC 62443, NIST SP 800-82, NIST CSF, and ISO 27001 compliance requirements for OT. • Proficiency in using SIEM systems (e.g., Microsoft Sentinel, Splunk, QRadar) for log correlation and event triage. • Understanding of firewalls, WAFs, proxies, and network segmentation principles in OT. • Working knowledge of tools such as THOR Scanner, VMRay, or Recorded Future is a plus. • Experience in vulnerability management and patch advisory for OT assets with limited patch cycles. ________________________________________ Nice to Have: • Exposure to Red Team/Blue Team exercises focused on OT/ICS. • Familiarity with GRC platforms and risk assessment tools tailored to OT.

Summary Looking for a candidate who has in depth knowledge in SIEM (Security Information and Event Management) implementation and administration. Successful candidate must have a blend of expertise in Log sources integration, Custom parser development and Usecase development. Required Qualifications Hands-on experience in SIEM implementation and administration of either Sentinel or XISAM. Knowledge of data ingestion methods in SIEM along with custom parsers and API integrations. Ability to integrate different log sources with SIEM and ensuring proper parsing and normalization. Ability to create correlation rules in SIEM tool to improve threat detection. In-depth knowledge of KQL (Sentinel) and XQL (XSIAM), which is used in Sentinel and XSIAM for querying log data. Understanding of security concepts, incident detection, and response to identify and parse relevant security events from logs. Skills to debug and troubleshoot issues with log data collection, parsing, and query performance. Good experience in ITSM/ITIL/ITAM process design/process improvement. Excellent interpersonal, written, and verbal communication skills. Experience and comfort in producing project deliverables to include project plans, project status, test plans/results, training materials and release notes. Preferred Qualifications Security certifications CEH, Security+ etc. Proficiency in regular expressions (regex) for pattern matching and extracting specific data from log entries. Familiarity with scripting languages like PowerShell, Python, Cortex Query Language (XQL) ,or Kusto Query Language (KQL) for writing custom parsing scripts.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Splunk SOAR) - Senior KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Working with the customer to identify security automation strategies and provide creative integrations and playbooks. Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs. Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks Management and administration of Splunk SOAR platform Developing custom scripts and playbooks to automate repetitive tasks and response actions. Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge. Knowledge on Incident Response and Threat Intelligence tools. Creation of reusable and efficient Python-based Playbooks. Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Partner with security operations teams, threat intelligence groups and incident responders. Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers. Good grasp in conceptualizing and/or implementing automation for business process workflows Knowledge in Network monitoring technology platforms such as Fidelis XPS or others Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others Should be able to assist, support and mitigate production issues. Should have the capability to work with partners and client stack holders to full fill their asks Ability to Coordinate with Vendor to incident closure on according to the severity Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement. Qualification & experience: Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments. Experience working in ServiceNow SOAR is also an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc. Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field Minimum 2 years of working in SOAR (Splunk) Experience in Process Development, Process Improvement, Process Architecture, and Training Quick to apprehend and adapt new applications. Knowledgeable in Cybersecurity and Incident Response Management Certification in Splunk will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMS-TDR Staff As part of our EY-cyber security team, who shall work as SOC analyst who will assist clients in detecting and responding to security incidents with support of their SIEM, EDR and NSM solutions. The opportunity We’re looking for Security Analyst with experience in SIEM, EDR and NSM solutions. Your key responsibilities Operational support using SIEM solutions (Splunk, Sentinel), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. First level of monitoring and triaging of security alerts Initial data gathering and investigation using SIEM, EDR, NSM solutions. Provide near real-time analysis, investigation and, reporting security incidents for customer Skills and attributes for success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security analyst’s point of view Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response Knowledge in Network monitoring technology platforms such as Fidelis XPS, ExtraHop Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender ATP etc. To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Ability to work in 24x7 shifts Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Hands-on experience in SIEM, EDR and NSM solution Certification in any of the SIEM platforms Knowledge of RegEx, Perl scripting and SQL query language. Certification - CEH, ECSA, ECIH, Splunk Power User What working at EY offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Solution Engineer - Cloud & AI Apps Bangalore, Karnataka, India Date posted Jul 21, 2025 Job number 1849058 Work site Up to 50% work from home Travel 25-50 % Role type Individual Contributor Profession Technology Sales Discipline Solution Engineering Employment type Full-Time Overview Are you insatiably curious, deeply passionate about the realm of AI & applications, and ready to tackle complex challenges in a dynamic environment? If so, we invite you to join our team as a Cloud & AI Solution Engineer in AI Applications for commercial customers at Microsoft. Here, you'll be at the forefront of innovation, working on cutting-edge projects that leverage the latest technologies to drive meaningful impact. Join us and be part of a team that thrives on collaboration, creativity, and continuous learning. Microsoft is transforming the developer experience for AI applications across the development lifecycle. With AI Foundry and seamless integration with Azure AI, we’re leading the way in Agentic AI development where AI agents streamline development and operations. As an AI Apps Solution Engineer, you’ll help customers adopt these innovations to boost productivity, drive innovation, and become AI-native As an AI Applications Solution Engineer (SE), you will play a pivotal role in helping enterprise AI developers unlock the full potential of Microsoft’s AI-powered stack across every stage of the development lifecycle. You’ll collaborate closely with engineering leaders and platform teams to accelerate AI Foundry, Azure AI, and Responsible AI, through hands-on engagements like Proof of Concepts, hackathons, and architecture workshops. This opportunity will allow you to accelerate your career growth, develop deep business acumen, hone your technical skills, and become adept at solution design and deployment. You’ll guide customers through secure, scalable solution design, influence technical decisions, and accelerate AI applications development into their deployment workflows. In summary, you’ll help customers modernize their applications and realize the full value of Microsoft’s AI platform, all while enjoying flexible work opportunities. As a trusted technical advisor, you’ll guide customers through secure, scalable solution design, influence technical decisions, and accelerate AI applications and agents into their development workflows. In summary, you’ll help customers modernize their applications leveraging AI and realize the full value of Microsoft’s platform. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications 5+ years technical pre-sales or technical consulting experience OR Bachelor's Degree in Computer Science, Information Technology, or related field AND 4+ years technical pre-sales or technical consulting experience OR Master's Degree in Computer Science, Information Technology, or related field AND 3+ year(s) technical pre-sales or technical consulting experience OR equivalent experience Expert on full stack App architecture design / modernization and cloud native dev (e.g., APIs, containerization, microservices, event-driven, Python, Java, .NET) Expert for AI & ML models (e.g., Agentic AI framework, AI Foundry, Semantic Kernel, Foundry SDK, Responsible AI, fine-tuning/inferencing, etc.) Proven ability to lead technical engagements (e.g., hackathons, PoCs, MVPs) that drive production-scale outcomes. 6+ years technical pre-sales, technical consulting, or technology delivery, or related experience OR equivalent experience 4+ years experience with cloud and hybrid, or on premises infrastructure, architecture designs, migrations, industry standards, and/or technology management Proficient on Agentic framework, AI Management & Security (e.g., Gen AI Ops, Sentinel, Responsible AI, orchestrator, monitoring) Skilled with 1 or more frameworks, tools, languages (e.g., GitHub, Copilot Studio, VS Code, Jupyter, PyCharm, Node.js, Python, Java, C#, C++, AI Assisted Dev Tools) Responsibilities Drive technical sales with decision makers using demos and PoCs to influence solution design and enable production deployments. Lead hands-on engagements—hackathons, code-with sessions, and architecture workshops—to accelerate adoption of Microsoft’s developer tools and cloud platforms. Build trusted relationships with developers and platform leads, co-designing secure, scalable architectures and solutions Resolve technical blockers and objections, collaborating with engineering to share insights and improve products. Maintain deep expertise in AI Foundry & App architecture (Agentic AI framework, Semantic Kernel, Foundry SDK, Responsible AI) and App architecture/cloud native dev (APIs, containerization, microservices, event-driven, Python, Java or .NET). Maintain and grow expertise in AI Management & Security (Gen AI Ops, Sentinel, orchestrator, monitoring). Represent Microsoft through thought leadership in developer communities and customer forums Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. We are looking for solid Azure Cloud Software Engineer who has a good understanding of cloud concepts and able to deliver US, large scale feature in cloud technology from end-to-end perspective. This individual provides patterns, design, implements PoC & right frameworks in a faced paced environment. Responsibilities include building cloud components, doing PoC on oracle components, terraform automation, cloud migration from OFE, deployment, fixing vulnerabilities, managing cloud infra, security etc. Primary Responsibility: Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Undergraduate degree or equivalent experience Skills in Terraform, Containerization (Dockers, Kubernates), CI/CD, Azure DevOps, Unix and Power Shell scripting, Cloud-native architectures, including public cloud PaaS / IaaS, micro-services, Sentinel, Microsoft Defender, Functional App, Cloud Security, Event Hub, LAW, Cloud Storage, Active Directory, Virtual Scale Sets, VM, AKS, ACR, Storages, Virtual Network, Load Balancers, NSG, Security Groups, Firewall, Monitoring Preferred Qualification: Knowledge of Ansible, Python, Java, Spring, WebServices, Databases At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission.