844 Sentinel Jobs - Page 6

Job Description: Azure Cloud Engineering Design, deploy, and manage Azure-based infrastructure and services (IaaS, PaaS). Implement and maintain virtual machines, Azure networking, storage, and security controls. Automate cloud deployments and updates using PowerShell, ARM templates, or Terraform. Monitor cloud performance and optimize cost, availability, and scalability. Ensure compliance with cloud security best practices and corporate policies. Office 365 Administration Manage and maintain Exchange Online, SharePoint Online, Teams, OneDrive, and other O365 services. Administer O365 tenant including user licensing, group management, and security policies. Monitor health, usage, and service changes through the Microsoft 365 Admin Center. Implement email security policies including DKIM, SPF, DMARC, and advanced threat protection. Intune Implementation & Endpoint Management · Lead the setup and deployment of Microsoft Intune for MDM (Mobile Device Management) and MAM (Mobile Application Management). · Configure and deploy policies for Windows, Android, and iOS devices. · Enforce security compliance policies, app protection policies, and conditional access. · Troubleshoot Intune-related issues and provide end-user support during onboarding. Required Skills & Qualifications: 2+ years of experience in cloud engineering, preferably within the Microsoft ecosystem. Proven experience in Azure services (VMs, VNets, Azure AD, Storage, NSG, etc.). Expert-level knowledge of Microsoft 365 admin center, Exchange Online, Teams, and SharePoint. Hands-on experience with Microsoft Intune and Endpoint Manager. Strong PowerShell scripting skills for automation and reporting. Understanding of identity and access management (Azure AD, MFA, Conditional Access). Knowledge of security best practices and compliance (ISO preferred). Certifications (Preferred but not mandatory): Microsoft Certified: Azure Administrator Associate (AZ-104 and AZ-900) Soft Skills: Excellent troubleshooting and problem-solving skills. Strong communication and documentation abilities. Team player with a proactive and ownership-driven mindset. Ability to manage multiple projects and shifting priorities effectively. Nice to Have: Experience with Microsoft Defender, Sentinel, or other security tools. Knowledge of hybrid Exchange environments.

We are seeking a skilled and experienced Information Security Analyst/ SOC Administrator to join our team in Tripura. In this critical role, you will be instrumental in safeguarding our Data Centre Infrastructure, ensuring the continuous protection of our digital assets from evolving cyber threats. You will lead our cybersecurity operations, providing expert guidance and fostering a robust security posture. Key Responsibilities: Cybersecurity System Management: Manage, monitor, and analyze cybersecurity systems to proactively protect Data Centre Infrastructure from intrusions. Incident Management & Reporting: Prepare daily, weekly, and monthly analysis reports for DIT, detailing incident severity, root causes, and recommended remedial measures to prevent reoccurrence. Manage CSOC event and information intake, including intelligence gathering, monitoring ticket queues, investigating reported incidents, and liaising with security and network groups. Team Leadership & Mentorship: Monitor the performance of Level 1 and Level 2 analysts by thoroughly investigating incoming events using CSOC tools. Ensure timely resolution of Level 1 and Level 2 events through available reporting and metrics. Approve and, if necessary, further investigate Level 1 and Level 2 escalated events. Mentor and guide Level 1 and Level 2 analysts to enhance their detection capabilities within the CSOC. Expert Analysis & Research: Function as a Subject Matter Expert (SME) in incident detection and analysis techniques, offering guidance to junior analysts and strategic recommendations to organizational managers. Conduct security research and intelligence gathering on emerging threats and exploits. Investigate new vulnerabilities and share the latest industry-level responses and best practices. Risk Management & Consulting: Perform risk assessments and develop mitigation strategies. Provide network and security consulting and training to internal teams. Operational Excellence & Business Continuity: Monitor overall SOC performance. Serve as a backup analyst for potential coverage gaps to ensure seamless business continuity. Stakeholder Engagement: Liaise effectively with various internal and external stakeholders during incident response. Additional Responsibilities: Perform other auxiliary cybersecurity responsibilities as required. Required Skills and Qualifications: Education: B.E / B-Tech / MCA / MSc. IT. Experience: Minimum 2 years of experience in SOC services, specifically conducting security device administration & management. Minimum 2 years of hands-on experience with SIEM tools and other security tools. Certifications (at least one of the following): Certification in at least one industry-leading SIEM product (e.g., Splunk Certified Admin/Architect, IBM QRadar Certified Analyst/Administrator, Arc Sight Certified Analyst/Administrator, Microsoft Azure Sentinel certifications). Certification in ISO 27001:2013 or later version.

Job Description Qualifications Required . Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent professional experience is acceptable. Minimum 5+ years of experience in Azure cloud operations, with a demonstrated focus on security and vulnerability management. Proven track record of managing and securing large-scale Azure environments in production. Hands-on experience with vulnerability scanning, remediation, and compliance in enterprise cloud environments. Extensive experience in responding to and managing security incidents and threat mitigation in Azure. Technical Skills Azure Expertise : In-depth knowledge of Azure services, including but not limited to: Azure Security Center Azure Defender Azure Key Vault Azure Policy Azure Sentinel (SIEM) Azure Active Directory (Azure AD) Security and Vulnerability Tools : Proficiency with vulnerability scanning and management tools like Qualys, Tenable Nessus, or Rapid7. Experience with Azure-native security tools for threat detection and remediation. Infrastructure Hardening : Strong knowledge of security best practices for securing virtual machines, storage accounts, AKS, and network components. Familiarity with zero-trust architecture principles and implementation in Azure. Automation & Scripting : Advanced skills in scripting languages such as PowerShell , Azure CLI , Python , or other automation tools to remediate vulnerabilities and improve operational efficiency. Experience in integrating security checks into CI/CD pipelines. Certifications (Preferred or Mandatory) Azure Cloud Certifications: Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) Security Certifications: Certified Information Systems Security Professional ( CISSP ) Certified Ethical Hacker ( CEH ) CompTIA Security+ GIAC certifications (e.g., GCIH, GSEC, or GCED) Other Requirements Familiarity with regulatory and compliance standards, such as ISO 27001 , SOC 2 , GDPR , or HIPAA . Experience in performing and supporting audits related to cloud security. Proven ability to stay current with evolving cloud and cybersecurity trends.

About The Role We’re hiring Software Development Engineers (SDEs) to join our product engineering team. You will play a pivotal role in building secure, reliable integrations with platforms such as SOAR, SIEM and TIP , amongst others. If you enjoy working at the intersection of engineering and cybersecurity, this is a chance to work on real-world problems with direct industry impact. This is a hands-on development role with a strong emphasis on ownership, problem-solving, and scalability. What You’ll DO Design and develop backend systems and integrations with external APIs (e.g., threat intelligence, dark web monitoring). Build data ingestion pipelines for cloud-based SIEM platforms such as MS Sentinel, Google Chronicle, Palo Alto, etc. Write clean, maintainable, and testable code following best practices. Collaborate with product owners, architects, and cross-functional teams to translate requirements into technical solutions. Participate in code reviews, system design discussions, and deployment planning. Take ownership of features from development to deployment and maintenance. Maintain detailed documentation of the developed components and APIs Must-Have What You’ll Need: Strong programming skills in Python, PHP (Node.js or Go is a plus). Experience developing APIs and working with third-party REST APIs. Familiarity with event-driven architecture, message brokers (e.g., Kafka, Redis), and asynchronous processing. Knowledge of relational and NoSQL databases (PostgreSQL, MongoDB, etc.). Proficiency with containers and CI/CD tools (Docker, GitHub Actions, etc.). Understanding of cybersecurity concepts, especially around threat intelligence or log analysis. Nice-to-Have Experience integrating with SIEM/SOAR platforms such as Sentinel, Splunk, XSOAR, QRadar, ServiceNow. Exposure to Threat Intelligence feeds (STIX/TAXII, MISP, AlienVault, etc.). Knowledge of cloud security tools and platforms (AWS Security Hub, Azure Defender, etc.). Familiarity with security automation and orchestration workflows. Prior contributions to cybersecurity products or platforms. Strong debugging and problem-solving skills. About Cyble Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India Our mission is clear: to provide visibility, intelligence and cybersecurity protection using cutting-edge advanced technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities, enabling organizations to take proactive measures and maintain robust cybersecurity. We strive to make the digital world a safer place for everyone. At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary. To learn more about Cyble, visit www.cyble.com.

5+ yrs Exp in Azure cloud infrastructure AZ -104/305 certified Infrastructure as Code - Terraform, Bicep/ARM Azure Compute Networking Kubernetes Azure PaaS services Azure Active Directory RBAC Security tools Powershell/Python CI/CD Sentinel Defender

What is special about Lighthouse? Lighthouse is built on a foundation of unique, compassionate, highly driven individuals. We elevate the strengths and talents of those around us while leveraging opportunities for growth. We offer the experience of solving complex problems while continuing to grow multiple facets of your career. Lighthouse is where innovation meets support and where collaboration is the key ingredient to success. We grow together and are stronger together. What’s unique about this role? This role is responsible for maintaining and developing optimum cloud network infrastructure that ensures stability, scale and performance. This will require working with tools such as Docker, Kubernetes and automating pipelines through Azure DevOps & Terraform. This role focuses on building and maintaining secure, scalable, and efficient cloud systems. The ideal candidate will have hands-on expertise in software development, infrastructure, automation and container orchestration. As a Senior Lead Cloud Engineer, you will design and implement solutions for complex, large-scale systems. You will collaborate across teams to deliver innovative, reliable cloud infrastructure while maintaining a strong focus on scalability, security, and cost efficiency. This role offers opportunities to lead technical initiatives and continuously enhance your expertise. This role will collaborate closely with development, IT, and operations teams to ensure seamless integration and scalability of systems, focusing on performance, security, and automation. What will this person do? Leadership & Strategy Provide technical leadership and mentorship to cloud networking engineers. Collaborate with architecture, security, and application teams to define network standards and best practices. Drive strategic decisions on network modernization, automation, and zero trust networking in Azure. Cloud Architecture & Implementation Design and implement scalable, secure, and highly available cloud infrastructure solutions using Microsoft Azure services. Define and evolve cloud reference architectures, best practices, and technical standards aligned with enterprise needs. Lead the architecture, deployment, and optimization of Azure-based network infrastructure, including VNETs, ExpressRoute, VPN Gateways, Azure Firewall, Application Gateway, Private Link, and Load Balancers. Design and enforce hub-and-spoke, virtual WAN, and multi-region topologies to ensure secure, scalable, and high-performing networks. Infrastructure as Code & Automation Develop and maintain Infrastructure as Code (IaC) using tools like Terraform, Bicep, or ARM templates. Automate provisioning, configuration, and deployment processes using Azure DevOps, GitHub Actions, or PowerShell. Implement and maintain CI/CD pipelines for infrastructure and application delivery. Security, Governance & Compliance Define and enforce Azure governance policies using Azure Policy, Management Groups, RBAC, and Blueprints. Ensure compliance with security and regulatory standards (e.g., ISO, SOC2, HIPAA, NIST) through policy-driven automation. Integrate Azure-native security tools such as Microsoft Defender for Cloud, Azure Key Vault. Enforce network security policies, data protection measures, and role-based access controls. Work closely with the Cloud Security team to implement Zero Trust principles, DDoS protection, and network threat detection. Ensure compliance with industry standards (e.g., ISO 27001, HIPAA, SOC 2) in network configurations and access. Operations & Monitoring Manage operational health, cost, and performance of Azure workloads using Azure Monitor, Log Analytics, and Application Insights. Optimize cloud spend and resource utilization with Azure Cost Management and reserved instances planning. Implement backup, disaster recovery, and high-availability solutions using Azure Site Recovery and Availability Zones/Sets. Bring your passion and together we will shine. It would also be great if you had the following: Bachelor of Science Degree in Computer Science or Engineering, or a related field. 10+ years of experience in cloud operations, cloud networking, cloud security, SRE or software development with a strong focus on automation and cloud infrastructure management. Azure certifications (e.g., Microsoft Certified: Azure DevOps Engineer Expert, Azure Solutions Architect). Experience in agile development environments and working with Cloud Governance, Monitoring, SRE (Site Reliability Engineering) practices. Strong understanding of cloud-native architecture and containerization (AKS, ACR, Helm). Proficient in scripting and automation using PowerShell, Bash, and Azure CLI. Experience with Azure Policy, Blueprints, and management groups for governance. Knowledge of Azure landing zone architecture and enterprise-scale design principles. Familiar with service mesh, API management, and event-driven architecture. Expertise in configuring and optimizing Azure Monitor, Log Analytics, and Application Insights for proactive alerting and observability. Experience integrating logs and metrics with centralized platform Strong knowledge of Azure security controls: NSGs, ASGs, DDoS protection, Sentinel, Defender for Cloud. Experience implementing RBAC, Azure AD Conditional Access, and Just-In-Time VM Access. Familiar with data encryption strategies (encryption at rest/in transit, Key Vault, customer-managed keys). Proven experience leading cross-functional teams and mentoring engineers. Strong stakeholder management and ability to translate technical needs to business value. Skilled in fostering a culture of automation, observability, and operational excellence. Critical thinker and problem-solving skills. Experience in mentoring team members Result Driven and Proactive Good time-management skills. Great interpersonal and communication skills. Azure Database Administrator Associate certification is a plus. eDiscovery and relativity experience are an added advantage Work Environment and Physical Demands Duties are performed in a typical office environment while at a desk or computer table. Duties require the ability to use a computer, communicate over the telephone, and read printed material, in a quiet and professional setting. Duties may require being on call periodically and working outside normal working hours (evenings and weekends). Lighthouse celebrates and thrives on diversity and is an Equal Opportunity Employer. We hire, train, and promote regardless of race, religion, color, national origin, sex, disability, age, veteran status, and other protected status as required by applicable law. We welcome any talents and contributions you can bring to the team and are deeply committed to growing an environment where everyone can feel safe, is respected, and can show up as themselves. Come as you are! As required by applicable pay transparency laws, Lighthouse complies with compensation disclosure requirements for roles that may be hired in locations under these requirements. Factors that may be used to determine your actual salary may include a wide array of factors, including: your specific skills and experience, geographic location, or other relevant factors. The salary range for this position may be tailored to be lower or higher in different talent markets. This role will be eligible to participate in an annual bonus or incentive program. As a trailblazer and catalyst for change, Lighthouse rises to each opportunity to help our clients, and our people do what they do best—shine. This position will work for and be employed by Lighthouse's India subsidiary, which is an independent company located in India.

Experience: 10+ years Summary :We are seeking a highly skilled and proactive SOC Lead to manage and mature our 24x7 Security Operations Center. This role involves leading a team of 15 analysts (L1L3), supporting multiple customer environments, and driving operational excellence in threat detection, incident response, and SOC process improvement. The ideal candidate will have deep technical expertise in SIEM and EDR tools, strong leadership capabilities, and excellent communication skills. Key Responsibilities: Lead and manage a team of 15-20 SOC analysts (L1, L2, L3) across multiple customer environments.Act as the primary Incident Responder for critical security incidents.Conduct Root Cause Analysis (RCA) and develop Corrective and Preventive Actions (CAPA).Mentor and train junior/fresher SOC analysts to prepare them for advanced roles.Support and co-lead SIEM migration projects in collaboration with SIEM Engineers.Configure and fine-tune SIEM rules and use cases for enhanced threat detection.Integrate and troubleshoot log sources across diverse platforms and environments.Generate and present SOC KPIs and metrics to internal stakeholders and customers.Lead technical tabletop exercises with internal teams and customer stakeholders.Support SOC maturity assessments and contribute to continuous improvement initiatives.Maintain and enhance SOC documentation, playbooks, and standard operating procedures.Collaborate with threat intelligence, vulnerability management, and engineering teams. Required Skills Experience: 10+ years of experience in cybersecurity, with at least 4 years in a SOC leadership role.Proven experience managing multi-tenant or MSSP environments. Hands-on expertise with: SIEMs: QRoC, Sumo Logic, Splunk, Palo Alto SIEMEDR Tools: CrowdStrike, SentinelOneStrong knowledge of: SIEM rule creation and use case developmentLog source onboarding, integration, and troubleshootingIncident response lifecycle and threat detection methodologiesExcellent communication and writing skills; ability to present to customers and executives.Experience in producing and interpreting SOC metrics and dashboards.Familiarity with frameworks such as MITRE ATTCK, NIST, and SANS. Preferred Qualifications:Bachelors degree in computer science, Information Security, or related field.Industry certifications such as CISSP, CISM, GCIA, GCIH, CEH, or equivalent. Experience with scripting (Python, PowerShell) for automation and enrichment. Exposure to cloud security monitoring (AWS, Azure, GCP). Work Environment: Require on-call availability and rotational shifts.

Security Research Hyderabad, Telangana, India Date posted Jul 14, 2025 Job number 1846575 Work site Up to 50% work from home Travel None Role type Individual Contributor Profession Security Engineering Discipline Security Research Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are seeking for a passionate cybersecurity professionals to join our growing team of Defenders. In this role, you will proactively detect, investigate, and respond to advanced threats across enterprise environments using cutting-edge and AI enabled security tools and threat intelligence. The ideal candidate combines strong security expertise with a curious mindset and skills to conduct deep threat analysis. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Qualifications Required Qualification Graduate degree in engineering or equivalent discipline. 1–3 years of experience in cybersecurity (SOC, IR, Threat Hunting, Red Team). Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.). Experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations. Familiarity in KQL, Python, or similar scripting languages for data analysis and automation. Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary TTPs. Familiarity with operating system internals (Windows, Linux) and endpoint/network forensics. Preferred Qulaification Certifications like CISSP, OSCP, CEH, GCIH, AZ-500, SC-200 or similar/equivalent are a plus. Responsibilities Monitor, triage, and respond to security incidents using alerts and incidents from Microsoft Defender products (MDE, MDI, MDO, MDA, MDC etc.) Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network. Develop hunting queries using Kusto Query Language (KQL) or similar to uncover suspicious patterns and behaviors. Investigate security incidents across hybrid environments and contribute to root cause analysis and containment strategies. Collaborate with internal teams (defender, threat intelligence, engineering) to enhance detection logic, develop automations, and improve incident response workflows. Contribute to incident documentation, detection playbooks, and operational runbooks. Stay current with evolving threat landscapes, cloud attack vectors, and advanced persistent threats (APT). Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

About Us: At apexanalytix, we’re lifelong innovators! Since the date of our founding nearly four decades ago we’ve been consistently growing, profitable, and delivering the best procure-to-pay solutions to the world. We’re the perfect balance of established company and start-up. You will find a unique home here. And you’ll recognize the names of our clients. Most of them are on The Global 2000. They trust us to give them the latest in controls, audit and analytics software every day. Industry analysts consistently rank us as a top supplier management solution, and you’ll be helping build that reputation. Read more about apexanalytix - https://www.apexanalytix.com/about/ Job Details The Role Design and Implement Cloud Security Architecture: Plan, execute, and manage cloud security architecture using Azure Sentinel, M365 Defender Suite, and Azure Security to ensure the organization's cloud infrastructure is secure and compliant. Penetration Testing and Vulnerability Management: Conduct regular penetration testing and vulnerability assessments to identify weaknesses in the organization's cloud infrastructure, applications, and networks, and implement remediation measures to address identified vulnerabilities. Cloud Security Incident Response: Serve as the primary point of contact for cloud security incident response, ensuring timely and effective processing, containment, and remediation of security incidents in the cloud environment. Azure Sentinel and M365 Defender Suite Management: Manage and configure Azure Sentinel and M365 Defender Suite to monitor and respond to security threats in the cloud environment, including threat hunting, incident response, and security analytics. DevOps Security Integration: Collaborate with DevOps teams to integrate security into the CI/CD pipeline, ensuring that security is a key consideration throughout the software development lifecycle. Cloud Security Compliance and Governance: Ensure cloud security compliance with relevant regulations and standards, such as HIPAA, PCI-DSS, and GDPR, and maintain up-to-date knowledge of cloud security governance best practices. Cloud Security Monitoring and Reporting: Generate daily, weekly, and monthly reports on cloud security monitoring activities, providing insights and recommendations to stakeholders on cloud security posture and risk mitigation. Cloud Security Risk Assessment and Mitigation: Conduct regular cloud security risk assessments to identify potential security risks and implement corrective actions to mitigate them. Cloud Security Awareness and Training: Educate and train staff on cloud security awareness and best practices, ensuring that all employees understand their roles and responsibilities in maintaining cloud security. Stay Up-to-Date with Cloud Security Trends and Technologies: Stay current with the latest cloud security trends, tools, and technologies, including Azure Sentinel, M365 Defender Suite, and Azure Security, to ensure the organization's cloud security posture is current and effective. The Must Haves - Bachelor's degree in Computer Science, Information Security, or related field. Minimum of 5 years of experience in cloud security or related roles, with a focus on Azure Sentinel, M365 Defender Suite, Azure Security, penetration testing, and DevOps security. Strong knowledge of cloud security architecture, cloud security compliance, and cloud security governance. Experience with Azure Sentinel, M365 Defender Suite, and Azure Security, including configuration, management, and troubleshooting. Strong understanding of DevOps security principles and practices, including integration of security into the CI/CD pipeline. Certifications in cloud security, such as Azure Security Engineer Associate or Microsoft Certified: Azure Security Engineer, are highly desirable. Preferred skills: Experience with cloud security automation tools, such as Azure Functions, Azure Logic Apps, or PowerShell. Knowledge of cloud security frameworks and standards, such as NIST Cybersecurity Framework or ISO 27001. Experience with containerization and serverless computing, including Docker, Kubernetes, or Azure Functions. Strong understanding of threat intelligence and threat hunting, including experience with threat intelligence platforms and tools. Over the years, we’ve discovered that the most effective and successful associates at apexanalytix are people who have a specific combination of values, skills, and behaviors that we call “The apex Way”. Read more about The apex Way - https://www.apexanalytix.com/careers/ Benefits At apexanalytix we know that our associates are the reason behind our successes. We truly value you as an associate and part of our professional family. Our goal is to offer the very best benefits possible to you and your loved ones. When it comes to benefits, whether for yourself or your family the most important aspect is choice. And we get that. apexanalytix offers competitive benefits for the countries that we serve, in addition to our BeWell@apex initiative that encourages employees’ growth in six key wellness areas: Emotional, Physical, Community, Financial, Social, and Intelligence. With resources such as a strong Mentor Program, Internal Training Portal, plus Education, Tuition, and Certification Assistance, we provide tools for our associates to grow and develop.

End Point Security Senior Engineer-Infrastructure Management Full-time Company Description About Sopra Steria Sopra Steria, a major Tech player in Europe with 50,000 employees in nearly 30 countries, is recognised for its consulting, digital services and solutions. It helps its clients drive their digital transformation and obtain tangible and sustainable benefits. The Group provides end-to-end solutions to make large companies and organisations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a collaborative approach. Sopra Steria places people at the heart of everything it does and is committed to putting digital to work for its clients in order to build a positive future for all. In 2024, the Group generated revenues of €5.8 billion. The world is how we shape it. Job Description Key Responsibilities: Implement and maintain endpoint security solutions such as EDR, antivirus, encryption, and application control tools. Monitor, analyze, and respond to security alerts and incidents originating from workstations and endpoints. Apply and manage workstation hardening standards , including adherence to security baselines . Conduct vulnerability assessments on endpoints and coordinate timely remediation activities . Manage patch deployment for operating systems and applications to ensure compliance with internal policies and reduce exposure to threats. Ensure endpoint systems comply with security policies, standards, and regulatory frameworks . Actively participate in incident response efforts related to endpoint breaches or malware incidents. Contribute to risk assessments and provide input during security architecture reviews related to endpoints. Maintain a strong understanding of Windows and macOS operating systems from a security perspective. Required Skills & Experience: Hands-on experience with EDR/XDR platforms such as Microsoft Defender for Endpoint or Sentinel One . Familiarity with vulnerability management tools . Knowledge of endpoint technologies including: BitLocker (encryption) Application control Endpoint privilege management Windows Defender Firewall Mobile Device Management (MDM), particularly Intune Understanding of endpoint threat intelligence and ability to analyze threat data. Scripting or automation experience using PowerShell or other scripting languages. Total Experience Expected: 03-07 years Qualifications B.tech/BE/BCA Additional Information At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences. All of our positions are open to people with disabilities.

Senior Cybersecurity Engineers - (DLP, Email Security, Endpoint Security) Location : Kolkata Mode : Fulltime Work from Office (6 Days) Shift : General Job Description: ITCI is hiring seasoned Senior Cybersecurity Engineers to fortify our enterprise security landscape. The role involves deep technical expertise in Endpoint Protection, DLP, IAM, and Email Security. Engineers will work within an 8x5 framework, driving proactive security management and incident response across critical enterprise systems. Key Responsibilities: Lead the administration of endpoint security across all enterprise devices using Trend Micro solutions. Define, configure, and maintain security policies to detect threats and automate appropriate responses. Actively engage in threat hunting, analyse incidents, and deliver actionable security reports. Develop and implement effective DLP policies to protect sensitive business data. Continuously monitor and assess DLP alerts, ensuring timely escalation and resolution of genuine threats. Fine-tune DLP configurations to reduce noise, improve detection, and support business continuity. Manage user identity lifecycles including onboarding, offboarding, and access governance. Enforce strong access controls using least privilege and zero trust principles across critical systems. Integrate identity services with enterprise platforms like Azure AD and Entra ID for seamless authentication. Configure and maintain email security policies for filtering, anti-phishing, and malware defense. Proactively monitor email alerts, investigating and mitigating phishing, spoofing, and other email-based attacks. Work closely with SOC and Incident Response teams to address and contain email-borne threats effectively. Required Skills & Qualifications: Minimum 10 years of dedicated experience in Cybersecurity Engineering . In-depth expertise in: Trend Micro Apex one /CrowdStrike Falcon or equivalent. DLP platforms (Forcepoint, Microsoft Purview, Symantec, etc.). IAM systems (Azure AD, Entra ID, MIM, or similar). Microsoft Defender for Office 365 (ATP)/ Proof Point/Mimecast . Strong understanding of enterprise security frameworks (e.g., NIST, ISO 27001). Experience with incident management, threat hunting, and policy enforcement. CEH, CISSP, CISM, Microsoft SC-200/SC-300, or equivalent (optional but preferred). Experience with ITSM tools, SIEM platforms (e.g. Wazuh, Microsoft Sentinel, Splunk) is a plus. Maintain incident logs, root cause analysis reports, and change documentation. Must work in close coordination with SOC, Infra, and Application teams.

Company Description Cybervie-Cyber Security Services is a fast-growing cybersecurity firm that offers cybersecurity as a service, people as a service, SIEM as a service, and SOC as a service. Our cybersecurity specialists safeguard businesses against cyber threats and continuously evolve practices and solutions to counteract emerging threats. Role Description This is a part-time remote contract role for a SOC Instructor at Cybervie-Cyber Security Services. The SOC Instructor will be responsible for lesson planning, education, communication, teaching, and training in the field of Splunk, Sentinel, and EDR. Qualifications Lesson Planning, Teaching, and Training skills Education and Communication skills Experience in using Splunk, Sentinel, and EDR Strong knowledge of SOC operations and cybersecurity best practices Ability to work independently and remotely Excellent verbal and written communication skills Certifications in Splunk, Sentinel, EDR, or related cybersecurity fields are a plus

Summary Are you passionate about the intersection of data, technology and science, and excited by the potential of Real-World Data (RWD) and AI? Do you thrive in collaborative environments and aspire to contribute to the discovery of groundbreaking medical insights? If so, join the data42 team at Novartis! At Novartis, we reimagine medicine by leveraging state-of-the-art analytics and our extensive internal and external data resources. Our data42 platform grants access to high-quality, multi-modal preclinical and clinical data, along with RWD, creating the optimal environment for developing advanced AI/ML models and generating health insights. Our global team of data scientists and engineers utilizes this platform to uncover novel insights and guide drug development decisions. As an RWD SME / RWE Execution Data Scientist, you will focus on executing innovative methodologies and AI models to mine RWD on the data42 platform. You will be the go-to authority for leveraging diverse RWD modalities patterns crucial to understanding patient populations, biomarkers, and drug targets, accelerating the development of life-changing medicines. About The Role Duties and Responsibilities: Collaborate with R&D stakeholders to co-create and implement innovative, repeatable, scalable and automated data and technology solutions in line with data42 strategy. Be a data Subject Matter Expert (SME), understand Real World Data (RWD) of different modalities, vocabularies (LOINC, ICD, HCPCS etc.), non-traditional RWD (Patient reported outcomes, Wearables and Mobile Health Data) and where and how they can be used, including in conjunction with clinical data, omics data, pre-clinical data, and commercial data. Contribute to data strategy implementation such as Federated Learning, tokenization, data quality frameworks, regulatory requirements (submission data to HL7 FHIR formats conversion, Sentinel initiative), conversion to common data models and standards (OMOP, FHIR, SEND etc.), FAIR principles and integration with enterprise catalog Define and execute advanced integrated and scalable analytical approaches and research methodologies (including industry trends) in support of exploratory and regulatory use of AI models for RWD analysis across the Research Development Commercial continuum by facilitating research questions. Stay current with emerging applications and trends, driving the development of advanced analytic capabilities for data42 across the Real-world evidence generation lifecycle, from ideation to study design and execution. Demonstrate high agility working across various cross-located and cross-functional associates across business domains (commercial, Development, Biomedical Research) or Therapeutic area divisions for our priority disease areas to execute complex and critical business problems with quantified business impact/ROI. Ideal Candidate Profile PhD or MSc. in a quantitative discipline (e.g., but not restricted to Computer Science, Physics, Statistics, Epidemiology) with proven expertise in artificial Intelligence / Machine Learning. 8+ years of relevant experience in Data Science (or 4+ years post-qualification in case of PhD). Extensive experience in Statistical and Machine Learning techniques: Regression, Classification, Clustering, Design of Experiments, Monte Carlo Simulations, Statistical Inference, Feature Engineering, Time Series Forecasting, Text Mining, and Natural Language Processing, LLMs, and multi-modal Generative AI. Good to have skills: Stochastic models, Bayesian Models, Markov Chains, Optimization techniques including, Dynamic Programming Deep Learning techniques on structured and unstructured data, Recommender Systems. Proficiency in tools and packages: Python, R(optional), SQL; exposure to dashboard or web-app building using PowerBI, R-Shiny, Flask, open source or proprietary software and packages is an advantage. Knowledge in data standards e.g. OHDSI OMOP, and other data standards, FHIR HL7 for regulatory, and best practices. Good to have: Foundry, big data programming, working knowledge of executing data science on AWS, DataBricks or SnowFlake Strong in Matrix collaboration environments with good communication and collaboration skills with country/ regional/ global stakeholders in an individual contributor capacity. Novartis is committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve. Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients’ lives. Ready to create a brighter future together? https://www.novartis.com/about/strategy/people-and-culture Join our Novartis Network: Not the right Novartis role for you? Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network Benefits and Rewards: Read our handbook to learn about all the ways we’ll help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are seeking for a passionate cybersecurity professionals to join our growing team of Defenders. In this role, you will proactively detect, investigate, and respond to advanced threats across enterprise environments using cutting-edge and AI enabled security tools and threat intelligence. The ideal candidate combines strong security expertise with a curious mindset and skills to conduct deep threat analysis. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities Monitor, triage, and respond to security incidents using alerts and incidents from Microsoft Defender products (MDE, MDI, MDO, MDA, MDC etc.) Perform proactive threat hunting using hypothesis, and telemetry from endpoints, identities, cloud and network. Develop hunting queries using Kusto Query Language (KQL) or similar to uncover suspicious patterns and behaviors. Investigate security incidents across hybrid environments and contribute to root cause analysis and containment strategies. Collaborate with internal teams (defender, threat intelligence, engineering) to enhance detection logic, develop automations, and improve incident response workflows. Contribute to incident documentation, detection playbooks, and operational runbooks. Stay current with evolving threat landscapes, cloud attack vectors, and advanced persistent threats (APT). Qualifications Required Qualification Graduate degree in engineering or equivalent discipline. 1–3 years of experience in cybersecurity (SOC, IR, Threat Hunting, Red Team). Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.). Experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations. Familiarity in KQL, Python, or similar scripting languages for data analysis and automation. Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary TTPs. Familiarity with operating system internals (Windows, Linux) and endpoint/network forensics. Preferred Qulaification Certifications like CISSP, OSCP, CEH, GCIH, AZ-500, SC-200 or similar/equivalent are a plus. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Dear Candidate, TCS has always been a proud pioneer in nurturing tech talent like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role: Presales Security Consultant Desired Skill Set Any: Cybersecurity Presales, Technical Pre-sales support, Security Engineering, Presales Solution Development Experience Range: 12+ years Joining Location: PAN India Job Description: 1. Experience in responding to RFP/RFI/RFQ (Proposal writing, Solution creation, effort estimation, content writing) and customer defense presentations etc is preferred. 2. Candidates having proven track record in Cyber security Pre-Sales support / solution development/Solution Architect role in any two of the below areas: a. SOC/MDR/EDR/XDR solutions using (i.e. Sentinel, QRadar, Splunk, Rapid-7 , Google Chronical, LogRhythm SIEM/SOAR Threat Intel etc) b. Vulnerability Management for Infrastructure and Application Security (VAPT, SAST, DAST, SCA, Penetration Testing, Red Teaming, Threat Hunting) c. Network Security – ZTNA, Firewalls/IDS/IPS, Automation, WAF Management, Micro segmentation, DDoS etc d. Data protection (DLP) endpoints/ network / Cloud e.g. MS purview, force point, Proofpoint, Trellix, Symantec e. Identity and Access Management - IGA, WAM, PAM, SSO, MFA etc using Azure AD, CyberArk, SailPoint, Ping Identity, Okta etc f. Experience in solution development in Cloud Security / Governance, Risk and Compliance (GRC) 3.Lead end-to-end Security conversations, shares best practices and key competitor knowledge across solution areas, and evaluates opportunities to make recommendations on pursuit or withdrawal. 4. Understand customer’s cybersecurity initiatives, compete landscape as well as gaps between current and desired cybersecurity posture. Capture the opportunity of customers journey to balance the need for cybersecurity and employee productivity with the right process and visibility. Demo and whiteboard the cybersecurity solutions and the relevant security architecture. Lead and orchestrate to drive an end-to-end value selling from discovery to demonstrating and proving business value. 5. Engage cybersecurity partners to help scale and accelerate the sales cycle 6. Construct and present tailored presentations/proposals to clients based on their requirements Qualifications: 1.Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field 2.12+ years of experience in cyber security, with a focus on security engineering or technical pre-sales support 3.Relevant certifications (e.g., CISSP, CISM, CEH, or similar) are a plus Thanks & Regards, Priscilla Nancy D HR TAG – Cyber Security Tata Consultancy Services

About Amgen Amgen harnesses the best of biology and technology to fight the world’s toughest diseases, and make people’s lives easier, fuller and longer. We discover, develop, manufacture and deliver innovative medicines to help millions of patients. Amgen helped establish the biotechnology industry more than 40 years ago and remains on the cutting-edge of innovation, using technology and human genetic data to push beyond what’s known today. Role Description: The SOC Tier 2 Analyst serves as the primary escalation point for the Tier 1 SOC team, responsible for advanced threat detection, investigation, and incident response coordination. This role acts as a technical lead, ensuring that security incidents are properly triaged, investigated, and remediated while continuously improving security operations processes. The SOC Tier 2 Analyst plays a critical role in cybersecurity defense, supporting real-time monitoring, forensic analysis, and threat hunting. They will assist incident responders across all lifecycle phases, from detection to post-incident reviews, and contribute to SOC process optimizations. Roles & Responsibilities: Act as the primary escalation point for SOC Tier 1 analysts, providing technical expertise and guidance in incident handling. Perform deep-dive analysis of security events, leveraging SIEM, EDR, IDS/IPS, and other security tools. Identify common attack techniques (MITRE ATT&CK framework) and investigate anomalies to detect advanced persistent threats (APTs). Assist in security incident response, leading containment, eradication, and recovery efforts. Conduct artifact analysis to determine the root cause and scope of security incidents. Collaborate with Threat Intelligence and Threat Hunting teams to improve detection rules and incident response playbooks. Develop and refine SOC standard operating procedures (SOPs) to enhance security event triage and response. Work with engineering teams to fine-tune security controls and improve overall SOC efficiency. Mentor and train Tier 1 analysts to improve SOC maturity and ensure effective knowledge transfer. Support security audits, compliance initiatives, and reporting efforts as required. Basic Qualifications and Experience: Master’s degree in Information Technology or Cybersecurity OR Bachelor’s degree with 1 year of experience in Security Operations or related field OR Diploma with 2 years of experience in Security Operations or a related field Functional Skills: Must-Have Skills: Strong understanding of SOC operations, including event triage, escalation, and investigation. Experience analyzing cybersecurity threats and understanding attacker TTPs (Tactics, Techniques, and Procedures). Proficiency in security tools such as SIEM (Splunk, QRadar, Sentinel), EDR (CrowdStrike, Defender ATP), IDS/IPS, and firewall logs. Experience in incident response across all phases (detection, containment, eradication, recovery). Knowledge of Windows and Linux security, including log analysis, PowerShell, and Bash scripting. Good-to-Have Skills: Experience in 24/7 SOC operations and shift leadership. Knowledge of forensic tools (Volatility, Autopsy, FTK) and malware analysis techniques. Understanding of cloud security monitoring (AWS, Azure, GCP). Familiarity with MITRE ATT&CK, NIST Cybersecurity Framework, and CIS controls. Threat hunting experience to proactively detect unknown threats. Professional Certifications: CompTIA Security+ (preferred) CEH (preferred) GSEC (preferred) GCFA (preferred) MTA Security Fundamentals (preferred) CISSP (preferred) Soft Skills: Strong communication and collaboration skills, particularly when working with global teams. Ability to manage and prioritize tasks effectively in a high-pressure environment. Critical thinking and problem-solving abilities, especially in incident response situations. A commitment to continuous learning and knowledge sharing. EQUAL OPPORTUNITY STATEMENT Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided with reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Position Overview Job Title – Strategic Development Analyst, AS Location – Mumbai, India Role Description As a Strategic Development Analyst supporting the Business Supervisory Office (BSO), you will assist the BSO in ensuring the US Private Banking Business is compliant with local rules and regulations in transacting business for its clients. The Strategic Development Analyst will also assist in ensuring that all business transacted for the clients are in their best interest (i.e. compliance with the Regulation Best Interest) and in line with their Suitability and risk profiles. This will require the analyst to review and provide disposition for daily trade alerts generated via the Surveillance systems implemented. Further, the analyst will also be required to analyze trade related data and identify any market manipulation themes such market manipulation, front running, insider trading, pump and dump etc. which in turn would need to be escalated to relevant onshore stakeholders (i.e. in compliance with applicable Market Abuse Regulations). In addition to Trade Surveillance related activities, the analyst will also be required to assist the onshore stakeholders with Transaction Monitoring i.e. reviewing all domestic/cross-border wire transfers executed by the client with the sole objective of ensuring all such activity is in sync with the anticipated activity for the account and there is no suspicion of money laundering. The analyst would be required to identify and explore any scope for enhancing current processes in place thereby increasing efficiency in terms of process delivery. The analyst might be included to participate in internal reviews by Group Audit and Compliance Testing & Assurance (CT&A). What We’ll Offer You As part of our flexible scheme, here are just some of the benefits that you’ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities Assist in carrying out supervision of the US Private Banking Business to ensure compliance with applicable rules and regulations Assist in the surveillance of capital market trades i.e. analyze trade alerts to identify relevant Market Abuse themes such as front running, pump and dump, market manipulation etc. Verify the trades executed are in the best interest and in line with the suitability (i.e. risk profile) of the client Maintain knowledge of AML risks and applicable regulations from a US perspective Analyze cross border customer transactions to determine whether the transactions are in line with the anticipated activity for the client or if there exists reasonable suspicion of money laundering Assist in reviewing customer transactions to identify any money laundering flags and rapidly dispositioning them along with escalating cases which require further review Research entities and/or individuals using both public domain and database search services. Assist with the maintenance of existing Key Operating Procedures and the development of new Key Operating Procedures covering different processes/controls owned and executed by the BSO Coordinate with and support business divisions and/or infrastructure functions in executing their responsibilities in improving the quality of the data and any data quality remediation actions. Your Skills And Experience 3 to 4 years of Regulatory and Brokerage Trade Surveillance experience, preferably for the Wealth Management business Functional and conceptual knowledge of Market Manipulation themes such as Front Running, Pump and Dump, Insider Trading, Spoofing etc. Experience with PM1, SunGard/FIS Protegent Surveillance tool (equivalents like LZ Sentinel, Aladdin, Charles River, JPM Trac, etc.) and SunGard front-end systems such as NetX360 is a plus Strong understanding of Private Banking AML risks Knowledge of Financial Crime regulations Experience in the financial services industry and/or BSA/AML regulations with sound banking knowledge of product and service offerings Ability to co-ordinate with multiple stakeholders and manage projects/tasks on an end to end basis How We’ll Support You Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About Us And Our Teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Do you want to be part of an inclusive team that works to develop innovative therapies for patients? Every day, we are driven to develop and deliver innovative and effective new medicines to patients and physicians. If you want to be part of this exciting work, you belong to Astellas! Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com . Astellas’ Global Capability Centers Overview Astellas’ Global Capability Centers (GCCs) are strategically located sites that give Astellas the ability to access talent across various functions in the value chain and to co-locate core capabilities that are currently dispersed. Our three GCCs are located in India, Poland, and Mexico. The GCCs will enhance our operational efficiency, resilience, and innovation potential, enabling a timely response to changing business demands. Our GCCs are an integral part of Astellas, guided by our shared values and behaviors, and are critical enablers of the company’s strategic priorities, sustainable growth, and commitment to turn innovative science into VALUE for patients. This position is based in Bangalore, India & will require work from the office at least the minimum number of days per week as agreed by the business leader. Purpose And Scope As a Cyber Security Engineer, you will play a critical role in safeguarding our organization’s information systems and data. This position has arisen due to Astellas insourcing the responsibility for managing security operations, developing automation for threat detection, and working towards ‘best in industry’ incident response. The successful candidate will work collaboratively within the Security Operations Center (SOC) and other Value Teams across the organization to ensure a proactive security posture and to mitigate risks associated with cyber threats in several areas. Astellas has several roles that may fit candidates who do not have experience in all the areas outlined in the next section, therefore we encourage applicants who have experience in two or more areas listed below. Responsibilities Security Operations Center (SOC) Management: Support daily SOC operations, ensuring effective monitoring support, development of use cases and response to security incidents. Manage application ingestion processes and email security protocols. Support SIEM management, including logging and alerting. Automation Development Develop and implement automation solutions for alerts from various security sources, ensure firewalls, IDS and EDR tools are working effectively. Streamline processes to enhance the efficiency of security operations and help develop communication with other teams. Threat Modelling Conduct threat modelling for applications to identify vulnerabilities and recommend mitigation strategies. Analyze email tickets and develop tooling to improve response times and effectiveness. Provide root cause analysis for the threat found and assist with remediation. Anti-Malware And Endpoint Detection Assist in operational efforts to implement a global strategy for anti-virus (AV) solutions and optimize detection capabilities. Ensure consistent standards for endpoint detection and response across the organization. Incident Response Lead or support incident response efforts using an industry-recognized model and report escalations to senior leadership when required. Collaborate with Red, Blue, and Purple teams to conduct penetration testing and improve security posture. Conduct forensic analysis to investigate security incidents and recommend improvements. Proactive Threat Hunting Engage in proactive threat hunting to identify potential security threats before they materialize. Collaborate with teams to enhance detection and response capabilities. Reporting And Data Analysis Engage in proactive collaboration across Value Teams, working with an agile mindset, and assist in the creation of dashboards and reporting for security governance. Assist in the governance of security within cloud infrastructure. Required Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field. Proven experience in a cybersecurity role, preferably within a SOC/SIEM/SOAR environment. Experience in using Microsoft Sentinel & Defender / Crowdstrike EDR / Wizz Cloud Security. Strong knowledge of security frameworks, threat modelling, and incident response methodologies. Awareness of infrastructure and network security features like firewall rules, event IDs, logging/detection, and managing assets in manufacturing / OT environments. Experience of working with cloud security and insourced capabilities, as well as MSPs. Experience with SIEM/Cloud security tools and automation technologies.Familiarity with anti-malware solutions and endpoint detection strategies.Proficiency in scripting languages for automation (e.g., Python, PowerShell) is an advantage. Experience in digital forensics (log analysis and technical root cause assessment). Preferred Security certification is an advantage. Demonstrate knowledge of change management principles. Relevant certifications (e.g., Certified Information Systems Security Professional CISSP, Certified Ethical Hacker CEH or CompTIA Security+, etc.)Excellent analytical and problem-solving skills. Strong communication skills and the ability to work collaboratively in a small team environment where we share capacity and effort. International/global experience is an advantage. Category TechX Astellas is committed to equality of opportunity in all aspects of employment. EOE including Disability/Protected Veterans

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications"

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-5 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:1)Design and implement Microsoft Sentinel architecture, including data connectors, analytics rules, and workbooks.2)Integrate Sentinel with various data sources, including Azure services on-premises systems, and third-party security products.3)Develop and maintain data connectors, APIs and custom integrations.4)Configure and optimize incident response workflows, including automated response actions and playbooks.5)Collaborate with security operations teams to implement Sentinel-based security monitoring and incident response processes.6)Provide training and support to security teams on Sentinel features and functionality7)Continuously monitor and optimize Sentinel performance, scalability, and reliability8)Develop and maintain custom dashboards, reports, and workbooks to provide security insights and metrics. 9)Integrate Azure Logic Apps with Azure Sentinel to automate security workflows and incident response.10)Develop custom connectors for Logic apps to integrate with Azure Sentinel and other security tools. 11)Collaborate with security teams, developers, and operation teams to ensure seamless integration and deployment of Logic Apps with Azure Sentinel12)Configure and maintain Sentinel workspaces, including data connectors, analytics rules. 13)Optimize Sentinel workspace performance, scalability, and security.14)Develop and maintain reports and dashboards to provide visibility into security metrics and trends.15)Strong knowledge of KQL and experience writing complex queries.- Proficiency in Microsoft Sentinel, Azure Security Center and Azure Monitor- Experience with data analytics, machine learning, and threat intelligence. Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Azure Sentinel & KQL.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with security compliance frameworks such as ISO 27001, NIST, or CIS.- Knowledge of automation tools and scripting languages to enhance security operations. Additional Information:- The candidate should have minimum 5 years of experience in Security Operation Automation.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Company Description About Sopra Steria Sopra Steria, a major Tech player in Europe with 50,000 employees in nearly 30 countries, is recognised for its consulting, digital services and solutions. It helps its clients drive their digital transformation and obtain tangible and sustainable benefits. The Group provides end-to-end solutions to make large companies and organisations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a collaborative approach. Sopra Steria places people at the heart of everything it does and is committed to putting digital to work for its clients in order to build a positive future for all. In 2024, the Group generated revenues of €5.8 billion. Job Description The world is how we shape it. Key Responsibilities: Implement and maintain endpoint security solutions such as EDR, antivirus, encryption, and application control tools. Monitor, analyze, and respond to security alerts and incidents originating from workstations and endpoints. Apply and manage workstation hardening standards, including adherence to security baselines. Conduct vulnerability assessments on endpoints and coordinate timely remediation activities. Manage patch deployment for operating systems and applications to ensure compliance with internal policies and reduce exposure to threats. Ensure endpoint systems comply with security policies, standards, and regulatory frameworks. Actively participate in incident response efforts related to endpoint breaches or malware incidents. Contribute to risk assessments and provide input during security architecture reviews related to endpoints. Maintain a strong understanding of Windows and macOS operating systems from a security perspective. Required Skills & Experience: Hands-on experience with EDR/XDR platforms such as Microsoft Defender for Endpoint or Sentinel One. Familiarity with vulnerability management tools. Knowledge of endpoint technologies including: BitLocker (encryption) Application control Endpoint privilege management Windows Defender Firewall Mobile Device Management (MDM), particularly Intune Understanding of endpoint threat intelligence and ability to analyze threat data. Scripting or automation experience using PowerShell or other scripting languages. Total Experience Expected: 03-07 years Qualifications B.tech/BE/BCA Additional Information At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences. All of our positions are open to people with disabilities.

India - Hyderabad JOB ID: R-208858 ADDITIONAL LOCATIONS: India - Hyderabad WORK LOCATION TYPE: On Site DATE POSTED: Jul. 14, 2025 CATEGORY: Information Systems ABOUT AMGEN Amgen harnesses the best of biology and technology to fight the world’s toughest diseases, and make people’s lives easier, fuller and longer. We discover, develop, manufacture and deliver innovative medicines to help millions of patients. Amgen helped establish the biotechnology industry more than 40 years ago and remains on the cutting-edge of innovation, using technology and human genetic data to push beyond what’s known today. Role Description: The SOC Tier 2 Analyst serves as the primary escalation point for the Tier 1 SOC team, responsible for advanced threat detection, investigation, and incident response coordination. This role acts as a technical lead, ensuring that security incidents are properly triaged, investigated, and remediated while continuously improving security operations processes. The SOC Tier 2 Analyst plays a critical role in cybersecurity defense, supporting real-time monitoring, forensic analysis, and threat hunting. They will assist incident responders across all lifecycle phases, from detection to post-incident reviews, and contribute to SOC process optimizations. Roles & Responsibilities: Act as the primary escalation point for SOC Tier 1 analysts, providing technical expertise and guidance in incident handling. Perform deep-dive analysis of security events, leveraging SIEM, EDR, IDS/IPS, and other security tools. Identify common attack techniques (MITRE ATT&CK framework) and investigate anomalies to detect advanced persistent threats (APTs). Assist in security incident response, leading containment, eradication, and recovery efforts. Conduct artifact analysis to determine the root cause and scope of security incidents. Collaborate with Threat Intelligence and Threat Hunting teams to improve detection rules and incident response playbooks. Develop and refine SOC standard operating procedures (SOPs) to enhance security event triage and response. Work with engineering teams to fine-tune security controls and improve overall SOC efficiency. Mentor and train Tier 1 analysts to improve SOC maturity and ensure effective knowledge transfer. Support security audits, compliance initiatives, and reporting efforts as required. Basic Qualifications and Experience: Master’s degree in Information Technology or Cybersecurity OR Bachelor’s degree with 1 year of experience in Security Operations or related field OR Diploma with 2 years of experience in Security Operations or a related field Functional Skills: Must-Have Skills: Strong understanding of SOC operations, including event triage, escalation, and investigation. Experience analyzing cybersecurity threats and understanding attacker TTPs (Tactics, Techniques, and Procedures). Proficiency in security tools such as SIEM (Splunk, QRadar, Sentinel), EDR (CrowdStrike, Defender ATP), IDS/IPS, and firewall logs. Experience in incident response across all phases (detection, containment, eradication, recovery). Knowledge of Windows and Linux security, including log analysis, PowerShell, and Bash scripting. Good-to-Have Skills: Experience in 24/7 SOC operations and shift leadership. Knowledge of forensic tools (Volatility, Autopsy, FTK) and malware analysis techniques. Understanding of cloud security monitoring (AWS, Azure, GCP). Familiarity with MITRE ATT&CK, NIST Cybersecurity Framework, and CIS controls. Threat hunting experience to proactively detect unknown threats. Professional Certifications: CompTIA Security+ (preferred) CEH (preferred) GSEC (preferred) GCFA (preferred) MTA Security Fundamentals (preferred) CISSP (preferred) Soft Skills: Strong communication and collaboration skills, particularly when working with global teams. Ability to manage and prioritize tasks effectively in a high-pressure environment. Critical thinking and problem-solving abilities, especially in incident response situations. A commitment to continuous learning and knowledge sharing. EQUAL OPPORTUNITY STATEMENT Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided with reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Role: Secops/Network Security Operations Location: Chennai Designs and maintains secure, high-performance network architectures with policy compliance. Skilled in Sentinel, MS Defender, Palo Alto Firewalls (HA), IDS/IPS, and vulnerability management tools. Leads advanced incident response, triage, investigations, and documentation. Develops incident plans, threat hunts, and detection use cases with SIEM and threat intelligence. Enhances detection through rule tuning, hunting strategies, and vulnerability analysis. Collaborates with teams, mentors analysts, and ensures timely resolution of incidents. Preferred certifications: GCIH, CISSP, Security+. Best regards, Steve Jackson steve.jackson@arthurgrand.com Arthur Grand Technologies Inc Arthur Grand Technologies is an Equal Opportunity Employer (including disability/vets) Job Types: Full-time, Permanent Schedule: UK shift Work Location: In person

Arthur Grand Technologies is currently seeking a highly motivated and skilled Network Security Operations Level 3 for one of our clients. Position: Network Security Operations Level 3 Location: Chennai Duration: Fulltime Job Description: In-depth knowledge of Sentinel, MS Defender, other Threat centric tools, IDS/IPS, email security, vulnerability scanners and other security technologies. Worked on PaloAlto Firewall enterprise network infrastructure with HA. Ability to investigate potential threats identified through security alerts via SIEM, anomalies, or intelligence reports. Relevant industry certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or CompTIA Security+ are highly desirable Best regards, Sheema H Sheema.h@arthurgrand.com Arthur Grand Technologies Inc www.arthurgrand.com Arthur Grand Technologies is an Equal Opportunity Employer (including disability/vets) Job Type: Full-time Work Location: In person