Get alerts for new jobs matching your selected skills, preferred locations, and experience range. Manage Job Alerts
8.0 - 13.0 years
13 - 17 Lacs
Bengaluru
Work from Office
Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Google Chronicle SIEM Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :The SIEM SME leads in architectural design, specification, and maintenance of Splunk/Google Chronicle Security products and services.Candidates must have backgrounds in network planning and design, implementation, and operations. SIEM SMEs apply business and technology skills with structured methodologies to deliver complex solutions to the customer. Roles & ResponsibilitiesAnalyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breachPerform network incident investigations, determining the cause of the security incident and preserving evidence for potential legal actionInterface with technical personnel and others teams as requiredMake recommendations on the appropriate corrective action for incidentsConfigure and manage Infrastructure Security and SIEM solutions.Design, develop and create correlation rules within the Security Information and Event Management (SIEM) platformMonitor devices and correlation tools for potential threatsInitiate escalation procedure to counteract potential threats/vulnerabilitiesExperience building and maintain security incident correlation content (hands-on)Experience with reverse engineering tools and techniques as it pertains to network traffic collection and analysisOperational knowledge of system and network security engineering best practices and architectureWillingness to engage hands-on from inception to complete and audit to SIEMs deploymentProvide guidance and insight, as well as follow directives as necessary to complete accelerated deployment of the SIEMsCapable and willing to integrate multiple security control production into the SIEMs platformAppropriately inform and advise management on incidents and incident preventionEncourages and implements continuous improvement measures on day-to-day basisLeverages extensive knowledge of communications in a manner that provides business value to the IT OrganizationRequired to identify, assess, and resolve complex issues/problems within own area of responsibilityProvide Incident remediation and prevention documentationDocument and conform to processes related to security monitoringParticipate in knowledge sharing with other analysts and develop solutions efficientlyCoordinate or participate in individual or team projectsWrite technical articles for internal knowledge baseProvide performance metrics as necessaryDevelop and optimize technical processes and coordinate procedure documentation. Professional & Technical Skills: Must have working experience in Google Chronicle SIEM/SOAR as SME. At least 8+ years of experience in Information Security, Risk Management, Infrastructure Security and ComplianceSecurity device installations, configuration and troubleshooting (e.g., firewall, IDS, etc.)Hands on experience in supporting AWS and Azure Assets, especially supporting Splunk deployment in AWS/Splunk ES as a serviceExperience in deploying different type of forwarders and AppsDeep knowledge in AWS services and serverless architectureExpertise in UNIX, Linux, and Windows - able to tear down and rebuild a host systemExperience with Database installation and configuration is required and Oracle experience is a plusExploit and detection analysis skills, including ability to analyze logs for useful information and patternsInstall, configure, tune, and maintain the Splunk SIEM componentsPrimarily focus on content creation regarding advanced threat analysis (rules, variables, trending, watch lists, etc) of incoming data and for self-monitoring of the solution itself.Perform supporting tasks such as system hardening, high availability configurations, and developing backup strategies.Assist with the creation of detailed deployments plans, architectural drawings and operation manuals.Assist with event source auditing configurations, integration with various security platforms, network devices, and systemsExpert in development of Regular Expression (REGEX)Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring.Good understanding and experiences with Infrastructure Security, Risk assessment and Security Information and Event Management.A solid understanding of frameworks such as ISO 27001/27002, COBIT, and other relevant compliance such PCI, HIPAA, SOX, FISMA, and others those are required for Security Information and Event Management. Experience working in a diversified, virtual environment.Administrational tool development and maintenance.Desirable to have some certifications such as CISSP, ITIL, CISA, CISM and GIAC-GCIADesirable to have some advanced Certification from SIEM vendor on products such as HP ArcSight or RSA envision. Additional InformationBachelors and above degree in Computer Science, Information & Technology, MIS, Engineering. Qualification 15 years full time education
Posted 1 month ago
1.0 - 6.0 years
3 - 8 Lacs
Navi Mumbai
Work from Office
Job Overview: We are seeking an experienced and skilled Firewall L1 & L2 Engineers to join our network security team in Mumbai. The ideal candidate will have a strong background in network security, with specific experience managing and supporting firewalls and security appliances from Palo Alto Networks (PA), Checkpoint, Cisco ASA, and Fortinet. This role requires a proactive individual with a keen eye for security, a strong technical foundation, and effective communication skills to handle daily operational tasks, manage incidents, and maintain security policies within a 24/7 environment. Key Responsibilities: Firewall Administration and Support: Manage, configure, and troubleshoot firewall solutions across PA, Checkpoint, Cisco ASA, and Fortinet platforms. Perform day-to-day BAU MACDs (Moves, Adds, Changes, and Deletes) and configuration changes as required. Incident and Problem Management: Manage and resolve incidents, problems, and service requests associated with firewall operations. Proactively monitor network security events using network monitoring tools to identify and resolve issues before service degradation occurs. Conduct incident analysis and response, supporting troubleshooting efforts across OSI layers 1, 2, and 3. Policy and Exception Management: Manage firewall policies and exceptions to ensure compliance with organizational security standards. Deploy and maintain access and security policies, aligning with organizational requirements. Technical Expertise and Troubleshooting: Hands-on experience with packet capture, analysis, and troubleshooting tools. Perform daily performance checks, periodic audits, and compliance reviews on firewall devices. Troubleshoot network, transport, session, presentation, and application layers as required. Network Security Operations: Implement and uphold network security policies, standards, and procedures. Apply security patches as needed and support automation of processes through scripting or SOAR tools. Collaboration and Coordination: Work closely with users to resolve trouble tickets efficiently. Coordinate with OEMs for TAC support, RMA, replacement, and reconfiguration of PA, Checkpoint, Cisco ASA, and Fortinet devices. Backup device configurations in accordance with the agreed schedule. Candidate Requirements: Experience: 2-7 years of experience in network security, with managing PA, Checkpoint, Cisco ASA, or Fortinet firewall solutions. Technical Proficiency: Proficiency in managing and configuring PA, Checkpoint, Cisco ASA, and Fortinet firewall solutions. Strong experience with Windows, Linux, and Unix environments. Skilled in commissioning, implementation, and integration of firewall solutions with management and authentication tools (e.g., email, AD, IAM, SIEM). Experience in automating processes using scripting and SOAR tools. Knowledge Base: Solid understanding of firewall products, policy management, and exception handling. Familiarity with troubleshooting tools for packet capture, analysis, and network diagnostics. Operations Management: Experience in incident, problem, service request management, and change management. Ability to maintain service levels for 24/7 monitoring and configuration oversight of network security infrastructure. Soft Skills: Excellent verbal and written communication skills for effective interaction with users and stakeholders. Strong analytical skills, with the ability to manage multiple priorities under minimal supervision.
Posted 1 month ago
6.0 - 8.0 years
3 - 8 Lacs
Navi Mumbai, Mumbai (All Areas)
Work from Office
Key Responsibilities: Advanced Threat Detection & Incident Response: Serve as the final escalation point for critical incidents and threat investigations. Lead deep-dive analysis on alerts, threats, and indicators across varied environments. Conduct malware analysis, reverse engineering, and threat hunting when needed. Perform forensic analysis using endpoint, network, and cloud telemetry. SOC Operations in MSSP Context: Operate in a multi-tenant SOC supporting enterprise, mid-market, and OT/ICS clients. Customize correlation rules, detection logic, and alert tuning for each client environment. Collaborate with client security teams during incident lifecycle and response activities. Ensure SOC processes, SLAs, and communications are aligned with client expectations. Technical Leadership & Mentoring: Guide and mentor L1 and L2 analysts in investigation techniques, use case analysis, and incident triage. Review escalations, ensure incident quality, and drive analyst capability building. Help design and maintain client-specific runbooks and detection use cases . Tooling & Engineering Support: Work closely with SIEM/SOAR engineers to enhance detection logic and automation. Validate detection efficacy using red team or threat simulation tools. Participate in tuning efforts for SIEM (e.g., Splunk, Sentinel, QRadar, LogRhythm, Seceon, etc.) and EDR tools. Reporting & Documentation: Create detailed incident reports, RCA documents, and threat summaries for clients. Provide technical input during client reviews and executive briefings. Maintain compliance with internal quality standards, frameworks (MITRE ATT&CK, NIST, ISO), and regulatory mandates. Required Skills & Experience: Proven experience in: SIEMs: Splunk, Sentinel, Exabeam, QRadar, or similar. EDR platforms: CrowdStrike, SentinelOne, Carbon Black, etc. SOAR and automation workflows. Scripting (Python, PowerShell, or Bash) for threat hunting or automation. Strong understanding of TCP/IP, threat vectors, and log analysis. Knowledge of frameworks such as MITRE ATT&CK, NIST 800-61, and ISO 27035. Ability to manage high-pressure incidents across multiple clients simultaneously. Preferred Certifications (Nice to Have): GIAC (GCIA, GCIH, GNFA), OSCP, CISSP, or equivalent certifications. Experience with OT/ICS threat detection and asset monitoring is a plus. Knowledge of cloud monitoring (Azure/AWS/GCP) and hybrid threat detection
Posted 1 month ago
10.0 - 17.0 years
30 - 32 Lacs
Thane
Work from Office
Role & responsibilities 1. Ensure optimal operation of MDR solution, including software and applications. 2. Ensure effectiveness of security solutions in scope 3. Develop use cases and playbooks for SIEM and SOAR for effective and automated incident detection and handing. 4. Test SIEM SOAR and other solutions in scope to explore the right technical defense/remedy and provide performance statistics and reports. 5. Ensure adequate controls are in place to protect critical assets against any incidents or threats from the internal or external environment. 6. Co-ordinate with vendors/partners & internal teams to manage the lifecycle of security platforms including deployments, maintenance and operations. Develop plans for maintaining the infrastructure in newly implemented security solutions to operational environment. 7. Lead Cybersecurity incident management and manage related process, tools and resources 8. Work with identified partner and govern them for effective execution of organizational requirements for Security operations and incident handling 9. Conduct periodic threat hunting independently and with partners to ensure effective detection of any threats. 10. Ensure preventive maintenance of critical infrastructure, to increase performance and minimize disruption. 11. Manage SLAs for solutions and processes in scope. 12. Record all incidents/events leading to infrastructure downtime, analyze root cause and suggest workarounds. 13. Monitor performance reviews, corrective action, routine equipment checks and preventative maintenance for security systems to reduce the down time of the systems. 14. Perform integration of all tools and services for access, authentication, authorization, data security, vulnerability management, policy management, auditing, and compliance to ensure company's security policy and procedures are applied. 15.Define, gather and report on metric regarding security systems within ASL environments. Prepare status reports and other management metrics as needed. Preferred candidate profile 1. Demonstrable experience within a Security Operations Center, coordinating responses to security incidents. 2. Experience leading the implementation and development of MDR tooling, infrastructure and processes 3. Experience On popular SIEM, SOAR, and threat hunting platforms is mandatory. 4. Experience in security incident handling is mandatory. 5. Exposure to threat hunting is mandatory. 6. Security related professional certifications preferred. Examples of certifications include but are not limited to CISSP, CIH (ec council), CND, infosec institute, etc. 7. Strong analytical & problem-solving skills with ability to translate ideas into practical implementation. 8. Ability to manage stakeholder relationships including team members, vendors and partners. 9. Excellent leadership and communication skills with ability to present and communicate effectively with both technical and non-technical audience. 10. Ability to provide technical and professional leadership, guidance, and training to others.
Posted 1 month ago
5.0 - 7.0 years
5 - 9 Lacs
Hyderabad
Work from Office
Security Engineer Hyderabad, Telangana IT Description Why youll want to work at nimble! This is a great opportunity to join a well-established and market-leading brand serving a high-growth end market while gaining valuable experience and visibility to Executive leadership. As an organization, we are in considerable growth mode through acquisition and with a laser focus on positive culture building. The Information Security Engineer is responsible for safeguarding the organization's systems and data assets. This critical role focuses on preventing and mitigating unauthorized access, modification, or destruction of sensitive information. The Engineer actively participates in the development and implementation of robust IT security policies and standards. Through close collaboration with end-users across various departments, this position ensures the alignment of security measures with individual business needs while maintaining strict adherence to company-wide security policies and procedures. The Information Security Engineer reports directly to the Director of Information Security and maintains an indirect reporting line to the Chief Information Technology Officer. Threat Detection & Response: Monitor the organization's servers and networks for security breaches using tools such as Windows Defender, Windows Purview, Crowdstrike, Rapid7 Investigate and respond to security incidents promptly. Utilize Windows Defender , Rapid7 and Wiz for vulnerability scanning and threat intelligence gathering. Implement and enforce security policies through Intune . Security Architecture & Engineering: Design, implement, and maintain security controls, including firewalls, intrusion detection/prevention systems (IDPS), and data encryption. Conduct security assessments and penetration testing. Develop and maintain security standards and best practices. Endpoint Security Management: Manage endpoint security solutions, including Windows Defender and Crowdstrike Vulnerability Management: Identify, assess, and prioritize vulnerabilities using Windows Defender, Wiz and Rapid7 . Develop and implement remediation plans. Compliance & Reporting: Prepare reports that document security metrics, attempted attacks, and security breaches. Ensure compliance with relevant security standards and regulations. Security Awareness & Training: Educate and train employees on IT security best practices and awareness. Collaborate with IT teams, business units, and other stakeholders to ensure effective security implementation. Clearly communicate security risks and recommendations to management. Requirements 5+ years of experience in systems or network administration/engineering 1+ years of experience in information security roles Strong understanding of security principles and best practices (e.g., NIST) Proficient with Windows Server administration and management Proficient with network protocols and topologies Experience with security information and event management (SIEM) systems Experience with scripting languages (e.g., Python, PowerShell) Strong analytical and problem-solving skills Excellent written and verbal communication skills Ability to work independently and as part of a team Experience with cloud security (e.g. Azure, Defender) Experience with security orchestration and automation platforms (SOAR). Experience with container security and microservices. This job description is intended to provide a general overview of the position. Responsibilities and qualifications may vary depending on the specific needs of the organization. This revised job description incorporates the specified security software suites and provides a more comprehensive overview of the role. Intersted candidates drop your resumes to 8179814131 - Navya (WhatsApp) or apply through below link https://recruiting.paylocity.com/recruiting/jobs/All/3cb31b47-df35-44a0-9592-a322ad0b2915/nimble-international
Posted 1 month ago
10.0 - 14.0 years
27 - 30 Lacs
Gurugram
Work from Office
Top Selection & Auto Elimination Criteria: Rotational Shift, Only Immediate joiners (0-15 days ), Cab facility : Yes only late night pick or drop(1 side only for Gurgaon Employees) Location : Gurgaon Mode : 5 days work from Office only (NO Work from home) Relevant experience range 9+ Position : L3 SOC Analyst Position Description: The SOC Level 3 Analyst is a senior-level cybersecurity professional responsible for leading advanced threat detection, response, and mitigation activities within the Security Operations Center. This role acts as the final escalation point for complex security incidents and plays a crucial role in enhancing security monitoring, incident response procedures, and overall threat defense capabilities. The L3 Analyst collaborates with security engineers, incident response teams, threat intelligence analysts, and IT stakeholders to identify, investigate, and remediate security threats in real-time. Role and responsibilities: 1. Incident Response and Escalation Lead and coordinate end-to-end response for critical and high-severity security incidents. Perform advanced investigation and forensics on compromised systems, including log correlation, packet analysis, and endpoint review. Serve as a primary escalation point for SOC Tier 1 and Tier 2 analysts. Conduct root cause analysis and provide detailed incident reports with lessons learned and mitigation steps. 2. Threat Detection and Analysis Analyze and triage alerts generated by the SIEM and other security tools. Hunt for threats in the environment using threat intelligence and behavioral indicators (proactive threat hunting). Analyze and reverse-engineer malware, if required, to understand behavior and determine mitigation steps. Correlate threat intelligence feeds with internal data to identify indicators of compromise (IOCs) and advanced persistent threats (APTs). 3. Tooling and Automation Optimize and fine-tune detection rules and SIEM use cases to reduce false positives and enhance detection accuracy. Build automation scripts and workflows to improve efficiency in incident triage, correlation, and response. Collaborate with security engineers to integrate new data sources and tools into the SOC ecosystem. 4. Documentation and Reporting Maintain detailed and accurate documentation of incidents, investigations, and actions taken. Develop and update SOC standard operating procedures (SOPs) and playbooks. Prepare and present technical reports, dashboards, and metrics to senior management and stakeholders. 5. Mentorship and Leadership Mentor and guide SOC L1 and L2 analysts on technical skills and investigative processes. Provide training on new threats, tools, and techniques. Assist in evaluating and improving team workflows, processes, and overall SOC maturity. 6. Collaboration and Stakeholder Engagement Work closely with threat intelligence, vulnerability management, and risk teams to stay ahead of emerging threats. Communicate with IT, DevOps, and business units to coordinate responses and ensure secure configurations. Participate in red/blue team exercises and post-mortem reviews to enhance SOC readiness. Required Experience / Skills: Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black). Hands-on knowledge of packet capture analysis tools (e.g., Wireshark, tcpdump), forensic tools, and malware analysis tools. Familiarity with scripting or automation languages such as Python, PowerShell, or Bash. Deep understanding of networking protocols, OS internals (Windows/Linux), and security best practices. Familiar with frameworks such as MITRE ATT&CK, NIST, and the Cyber Kill Chain. Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 2+ years of Incident response Experience supporting 24x7x365 SOC operations and willing to operate in Shifts including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Expert in security incident response processes Required Certifications: Two of the following certifications are preferred: GIAC-GCIH Global Certified Incident Handler GIAC-GCFE - Global Information Assurance Certification Forensic Examiner GIAC-GCFA - Global Information Assurance Certification Forensic Analyst GIAC-GREM - GIAC Reverse Engineering Malware GIAC-GNFA - GIAC Network Forensic Analyst GIAC-GCTI - GIAC Cyber Threat Intelligence GIAC-GPen GIAC Certified Penetration Tester GIAC-GWAPT GIAC Certified Web Application Penetration Tester CEPT - Certified Expert Penetration Tester (CEPT) CASS - Certified Application Security Specialist (CASS) CWAPT - Certified Penetration Tester (CWAPT) CREA - Certified Reverse Engineering Analyst (CREA) Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support.
Posted 1 month ago
4.0 - 9.0 years
5 - 15 Lacs
Bengaluru
Remote
Job Title: MDR Analyst Duration: Full time role Location: Remote (Bengaluru) This position is a Shift Position (Sunday - Friday Evening & Saturday Evening) Job Description: Duties: Join a new emerging team who is going to be part of clients Unit 42, Working closely with global customers providing the best security in the market Own an incident lifecycle from outbreak to full remediation Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire clients customer base Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats Required Skills: 3+ years of experience in a multi-tiered SOC/IR is a must Experienced with Technologies such as EDR, SIEM, SOAR, FW A well-established familiarity with attack trends and vectors Excellent written and oral communication skills in English Some degree of Malware Analysis - An advantage CEH / CompTIA CYSA+ certifications - An advantage Hands-on experience with Cortex XSOAR or Cortex XDR - An advantage.
Posted 1 month ago
2.0 - 5.0 years
4 - 7 Lacs
Hyderabad
Work from Office
The Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty domain.
Posted 1 month ago
2.0 - 6.0 years
3 - 7 Lacs
Chennai
Work from Office
Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a secure environment for all stakeholders. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education
Posted 1 month ago
2.0 - 5.0 years
4 - 7 Lacs
Hyderabad
Work from Office
The Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty domain.
Posted 1 month ago
10.0 - 15.0 years
22 - 37 Lacs
Gurugram
Work from Office
Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Security Architect is responsible for designing Scope of work document, preparing project plan, HLD, LLD, discussion with security team other members, good presentation skill to internal team & customer. Should have good hands-on knowledge on Checkpoint (Firewall & Anti-APT), Palto-Alto, F5 (SSL Encryption, decryption & interceptor etc.), Cisco ISE, VPN, load balancers, proxy systems, reverse proxies, Web application firewalls, DDoS protection, SIEM, SOAR solutions designed and troubleshooting to protect networks and systems from malicious/unauthorized network access or misuse. He/she should possess strong technical and subject matter expertise in the following security specialties: Next Generation Firewall: checkpoint & Palo-Alto Remote Access VPN – Checkpoint Harmony. Anti-APT: Checkpoint SandBlast F5 - SSL Decryption/Interceptor NAC: Cisco ACS/ ISE SIEM & SOAR: Arcsight As a Network Architect, you will provide overall enterprise level Security based infrastructure systems planning, operations and maintenance, and management across multiple sites across the country Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills and Experience Good understanding on Next Generation Firewalls (Checkpoint, Palo Alto Networks, Fortinet) and experience in handling security concepts (Rule ADD/ Modify Delete, Nat, Faulty Firewall replacement, High Availability setup, packet capture, log analysis etc.) Advanced knowledge on F5 SSL device, WAF, DDoS Protection solution, SSL Decryption solution and their monitoring & troubleshooting firmware upgrade Troubleshoot and fix high priority issues related to Firewall Load balancer, IPS/IDS, Proxy and WAF. Troubleshoot LAN, WAN, WLAN issues is added advantage Work with the HW Vendors/TAC for the SW/HW related issues and providing the fix. Troubleshoot Site to Site VPN (IPSEC/ GETVPN/ GRE/MGRE) , Proxy related issue (In-house/Cloud Hosting) & End user remote access VPN issues. Involve in change management process for HW replacement/ IOS upgrade/ Config change/ BW upgrade/ Whitelisting or Blacklist URLs & FW Rule addition etc. Knowledge and experience in Incident, Change, Problem, Service request and Configuration Management Processes. Qualifications – Min 14 years of industry experience as a Network Security engineering on Design, Implementation and troubleshooting security & load balancers Network Security, understanding and troubleshooting Next Gen Firewalls, NIDS/ NIPS, VPN, Anti-APT, RADIUS/ TACACS enabled security systems. Good understanding on DNS and DHCP BSc / B.Tech./ BCA / BE / Diploma / MCA / MSc or equivalent Certifications – Candidate must be certified as CISSP/CEH. Certifications like CCNA, CCNA Security, Product certifications on Fortinet, Checkpoint, Palo Alto Networks, Cisco ISE, etc. preferred. Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.
Posted 1 month ago
3.0 - 8.0 years
13 - 23 Lacs
Hyderabad, Chennai, Bengaluru
Work from Office
Role & responsibilities 1. Strong experience in SIEM 2. Experience SOAR Automation
Posted 1 month ago
4.0 - 9.0 years
20 - 25 Lacs
Hyderabad
Work from Office
Minimum 3 years’ experience working in a large-scale IT environment with focus on Cyber / Information Security. Areas of expertise should include Pre-Sales support, Service & Solution delivery, part of program management (Transition & Transformation) Required Candidate profile Knowledge in SIEM, SOAR, Threat Hunting, EDR, Deception, NTA, NBAD, UEBA. Handson experience on leading analytical platforms like Splunk, IBM QRadar, Hunters, Sumo Logic, Sentinel. Certification:CISSP
Posted 1 month ago
9.0 - 14.0 years
27 - 42 Lacs
Bengaluru
Work from Office
Job Summary: We are seeking a highly experienced SOC SME to lead complex incident response, design advanced detective controls, and perform proactive threat hunting across multi-platform environments. This role demands strong technical expertise in security operations and a proactive approach to threat mitigation. Work from Office - Bangalore location [Brookfield] Rotational and Night Shift applicable Mandatory Skill Set: 8+ years in Security Operations/Incident Response Hands-on with SIEM, SOAR, XDR platforms (e.g., Cortex XSIAM, Torq) Expertise in threat hunting and event analysis Knowledge of cyber frameworks: MITRE ATT&CK, NIST, Kill Chain Experience with EDR tools , network forensics , and log analysis Strong understanding of incident lifecycle and post-incident reporting Excellent analytical and communication skills Bachelor's degree in Computer Science or related field Key Responsibilities: Lead incident response (IR) and analyze complex security events Design and improve detective controls and alert use cases Conduct proactive threat hunting and trend analysis Stay updated on cyber threat landscape and threat actor TTPs Contribute to security innovation , tool enhancement, and process maturity Deliver detailed incident reports and post-mortem reviews Preferred Skills: Scripting: Python, PowerShell Cloud Security: AWS, Azure, GCP Certifications: CISSP, GIAC, CEH Strong grasp of defense-in-depth and layered security strategies
Posted 1 month ago
4.0 - 9.0 years
15 - 25 Lacs
Bengaluru
Work from Office
We're Hiring: Splunk Engineer (Night Shift) Location: IndiQube Platina, 15, Commissariat Rd, Ashok Nagar, Bengaluru, Karnataka 560025 Company: Infotree Global Solutions Shift: Onsite | 6 PM 3 AM IST (Night Shift) Infotree Global Solutions is looking for a talented Splunk Engineer to join our cybersecurity team in Bangalore. If you thrive in a fast-paced SOC environment and have hands-on experience with: Splunk (On-prem, Cloud, or Hybrid) Creating & tuning correlation rules Detecting brute-force attacks Splunk SOAR/Phantom for automated responses Building security playbooks (Phishing, Malware, Ransomware) Integrating third-party tools (AWS, Elastic, etc.) Designing impactful security dashboards we’d love to hear from you! Apply now: ankitm@infotreeservice.com Let’s secure the future together. hashtag#SplunkEngineer hashtag#CybersecurityJobs hashtag#SOC hashtag#SOAR hashtag#Phantom hashtag#BangaloreJobs hashtag#InfotreeGlobalSolutions hashtag#SIEM hashtag#NowHiring
Posted 1 month ago
15.0 - 17.0 years
0 Lacs
Bengaluru / Bangalore, Karnataka, India
On-site
Scope: We are looking for a dynamic and strategic Vice President of Cyber Defense to lead our global cyber defense and incident response capabilities. This executive leader will own the detection, response, and mitigation of cyber threats, ensuring our organization is resilient in the face of a rapidly evolving threat landscape. The ideal candidate brings deep expertise in threat detection, SOC operations, incident response, and threat intelligence. This leader will partner across the business to build and maintain a world-class cyber defense program that proactively protects the company's assets, data, and reputation. Key Responsibilities: Cyber Defense Strategy & Operations: Develop and execute the company's cyber defense strategy, aligning with enterprise risk, compliance, and business objectives. Work with key stakeholders and business lines to ensure detection and response meet NIST CSF minimum baselines for global security operations and response. Lead 24/7/365 operations based on business need partner with Global Command and Site Reliability Teams to ensure baseline for all customer facing incidents, and internal company wide incidents are coordinated in a centralized operation center follow the sun model. Lead the global Security Operations Center (SOC), including 24/7 monitoring, detection, analysis, and response to cyber threats. Build out capabilities for detection and response for Tier 1, Tier 2, and Tier 3 security incidents and events. Implement and mature threat hunting, security analytics, and detection engineering programs. Ensure and validate Customer Incident Response and capabilities for onboarding mergers & acquisitions, new customers, and new environments as we grow and scale. Security Assessment and Continuous Threat Exposure Management:Identifying and fixing weaknesses in systems and networks including establish MTTD, MTTR, and MTTA for exposures, vulnerabilities, and potential threats. Incident Response:Investigating and responding to security breaches, including analyzing incidents and escalating them when necessary. Threat Detection and Prevention:Monitoring network traffic, system logs, and other data sources to identify potential threats and malicious activity. Security System Administration and Maintenance:Installing, configuring, and maintaining security tools like firewalls, antivirus software, and intrusion detection systems. Security Policy and Procedure Development:Creating and enforcing security policies and procedures to protect sensitive information. Security Training and Awareness:Educating employees about cybersecurity risks and best practices. Staying Up-to-Date:Keeping abreast of the latest security threats, vulnerabilities, and technologies. Threat Intelligence & Response: Build and manage a comprehensive threat intelligence function to anticipate and defend against advanced persistent threats (APTs) and zero-day vulnerabilities. Lead cyber incident response efforts, including containment, eradication, and post-incident reviews. Serve as a key escalation point during major security events and coordinate cross-functional response. Security Engineering & Automation: Oversee the development and deployment of tools and technologies that support threat detection, log aggregation, SIEM, SOAR, EDR, and XDR platforms. Drive automation and orchestration to increase efficiency and reduce time to detection/response. Hold QBRs with key security operations vendors to ensure compliance and SLAs are met with all contracts. Team Leadership & Development: Build, lead, and inspire a high-performing cyber defense team, including SOC analysts, incident responders, threat hunters, and detection engineers. Foster a culture of accountability, continuous learning, and proactive defense. Establish Career Development Plans and Growth for analysts, engineers, managers, and directors as the business grows and scales. Collaboration & Executive Engagement: Partner with IT, Infrastructure, Risk, Compliance, and Legal teams to align cyber defense practices with business needs. Provide executive-level reporting on threat landscape, risk posture, and incident metrics. Act as a thought leader and spokesperson on cyber defense strategy internally and externally. Qualifications: Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field. 15+ years of experience in cybersecurity, with at least 5 to 8 years in a senior leadership role overseeing SOC, incident response, or threat intelligence. Deep knowledge of security operations, threat detection techniques, MITRE ATT&CK, and NIST/ISO frameworks. Proven track record managing large-scale incident response, threat intelligence operations, and blue team functions. Experience with cloud security (AWS, Azure, GCP) and hybrid infrastructure defense. Strong executive presence and ability to communicate effectively with C-level stakeholders. Relevant certifications such as CISSP, GIAC, GCIA, GCIH, or equivalent are highly desirable. Our Values If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours Find out here: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
Posted 1 month ago
3.0 - 8.0 years
20 - 35 Lacs
Pune
Hybrid
A Sr Information Security Engineer will be a part of the operations wing of Cybersecurity team at BMC. The Cybersecurity team at BMC is responsible for securing BMC IT infrastructure and assets from unauthorized access and to ensure countermeasures are in place against any cyber-attacks. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Security Engineering Participate in vendor identification and implement Cybersecurity tools for the team. Manage & maintain security tools & systems used for incident response. Create & maintain playbooks for responding to different types of security incidents. Security Monitoring Respond to escalations from the SOC on security alerts, eliminate false positives, triage significant security events based on impact and nature of the security incident, and escalate according to the established procedures. Continuously monitor and analyse security events & newly reported threats to proactively identify any opportunities for process enhancement. Review automated daily security reports of key security controls, identify anomalies and, escalate critical security events to the appropriate stakeholders and follow-up as required. Participate in internal & external security audits. Security Incident Response Conduct thorough investigative actions based on security events and remediate as dictated by standard operating procedures. Participate in all the phases of security incident response process, including detection, containment, eradication, root cause analysis and post-incident reporting. Collaborate with cross-functional teams as well as external vendors/customers/partners for incident response as required. Record detailed Security Incident Response activities in the Case Management System. To ensure youre set up for success, you will bring the following skillset & experience: Bachelors Degree or equivalent in IT or Computer Science. Security Trainings/Certifications (e.g. SANS, CDAC-DITISS). 3+ years of relevant SOC IR experience. Should be ready to work in 24x7 rotating shifts. Strong analytical and reasoning abilities. Motivation to identify and solve problems. Hands-on experience with SIEM & other cybersecurity tools like AV, EDR, Firewall, SOAR. System & Network Log Analysis. Whilst these are nice to have, our team can help you develop in the following skills: Good verbal and written communication skills. Familiarity with various Cloud & OS environments. Scripting, malware analysis, vulnerability & threat analysis.
Posted 1 month ago
2.0 - 5.0 years
5 - 9 Lacs
Noida
Work from Office
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities Monitor and analyze attempted efforts to compromise security protocols. Identify and investigate activities and conduct and provide analyses regarding results Collaborate with other Cyber Defense teams Review SIEM alerts and logs to identify and report possible security issues Serve as an escalation resource and mentor for other SOC analysts Perform investigations and escalation for complex or high severity security threats or incidents Work across the organization to define, develop, and refine correlation rules Participate in writing security status reports to provide system status, report potential and actual security violations and provide procedural recommendations Participate in knowledge sharing with other team members and industry collaboration organizations to advance the security monitoring program Participate in developing and supporting strategic plans and projects to meet Global Security and SOC goals and objectives Maintain an in-depth knowledge of common attack vectors, common security exploits, and countermeasures. Maintain a solid working knowledge of Information Security principles and practices Research the current information security and event monitoring trends, and keep up to date with SOC issues, technology, and industry best practices Coordinate evidence/data gathering and documentation and review Security Incident reports Assist in strategic initiatives Provide recommendations for improvements to security operational monitoring and incident response procedures based on operational insights Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications BS in Computer Science, Computer Engineering, Cyber Security, Forensics and/or equivalent work experience Security certifications (e.g. Security+, Network+, Cloud+, AZ-900 (Microsoft Azure Fundamental), SC-200 (Microsoft Security Operations Analyst, etc.) Experience in incident detection and response Experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms Willing to work in a team-oriented 24/7 environment; schedule flexibility as needed to work with a global team Preferred Qualifications Experience building use cases and performing log analysis using technology like KQL, Splunk, AlienVault, Q-radar etc. SOAR or Scripting experience using Python, PowerShell etc. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.
Posted 1 month ago
2.0 - 5.0 years
0 - 0 Lacs
Bengaluru
Work from Office
About Information Security Group (ISG) Tredence CISO's office is accountable for Security and Privacy on all aspects of Tredence's internal and Client facing business. The team in charge of Security - the Information Security Group (ISG) - focusses on all elements of Information Security for the organization working collaboratively with stakeholders from across its business. The team provides internal as well as external stakeholders assurance while confidential data is being handled to meet business objectives. ISG takes care of implementing, maintaining and reporting of Information Security and its posture using a combination of Policies, Procedures, Guidelines and Cyber Security technology controls on an ongoing basis. The team comprises of two Groups, 1. Cyber Security Governance, Risk and Compliance (GRC) and, 2. Cyber Security Technical Operations (TechOps) Responsibilities o In this role in SecArch (under the TechOps group), you will partake in strategizing and handling of initiatives related to building and keeping up-to-date all relevant Technical Security Standards (e.g.: Hardening Standards, Encryption Standards etc.) as well as build and maintain the Security Architecture artifacts (e.g.: Framework etc.), and help evolve the Security Architecture and Cyber Security maturity of the Organization o You will review and sign-off on all relevant IT and IoT changes which can influence the Security Architecture as well as manage exceptions to the same o You will track and extend / revoke exceptions in a timely manner so as to ensure exceptions are only utilized on a business-need-to-have basis o You will handle supplier technical security due diligence of the products and/or services so as to ensure the assessee has apt set of technical controls as desired - with respect to Confidentiality, Integrity and Availability - before being contracted for work / use with the organization; and similarly in M&A initiatives as and when applicable o You will maintain a constant view of the current security state in the organization so as to ensure adequacy and coverage of technical security controls in the organization o You will handle initiatives pertaining to systematic detection and mitigation of technical control gaps across the organization on an ongoing basis o From a Security Engineering standpoint, you will partake in the development and implementation of the Security Engineering program in which various implementations of Cyber Security technologies will be undertaken to help protect the organization from Cyber Threats from time to time o You will work with Security Vendors from initial expectation conversations, RFPs, functional requirements, proof of concepts (POCs) and vendor short listing, UAT, production rollouts, product or platform upgrades as well as ongoing maintenance as required o You will keep abreast with the latest events pertaining to the Global Cyber Security Threat landscape so as to consider critical Cyber Security stack upgrades for the organization on priority o You will ensure control coverage and effectiveness in all solution rollouts in a systematic fashion o You will work closely with Security Architecture team and other relevant stakeholders to obtain a clear understanding of the current Cyber Security posture of the organization and control gaps to help derive the required Security Engineering Strategy and implementation of the same o You will assist the team in handling Cyber Security budgets for the CISO Office through its entire lifecycle from budget proposals, approvals and periodic tracking and reporting Knowledge expectations o You come with up to 5 years of hands-on working experience in Information Security o You have good knowledge of various latest Cyber Security technology controls (e.g.: SASE, CASB, anti-APT, EDR, XDR, SIEM, SOAR, UEBA, Threat Hunting, WAF, Firewalls, anti-DDoS, PIM-PAM, Attack Surface Monitoring (ASM) technologies etc.), Enterprise Security Architecture, Cyber Resilience, Cloud Security Strategy and roadmap, and Security Standards not withstanding its applicability on-prem, on-cloud, mobile or on IoT infrastructure paradigms o You have basic knowledge in various topics in the following areas, such as but not limited to application of Security to Systems, Storage, Compute, Cloud, Networks, Virtualization, Software and OT o You have a fundamental knowledge of applying essential security controls in one or more of the following Cloud platforms - Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP) o You have a basic understanding of various Security Standards and Frameworks such as, but not limited to, Information Security Management System (ISO 27001), Business Continuity Management System (ISO 22301), NIST Cyber Security Framework (NIST), NIST 800-53, PCI DSS, HIPAA, SSAE-18 SOC 1 or SOC 2 and SoX controls Required education and certifications o You are an Engineering graduate, have an equivalent or higher education o You have acquired one or more of the following certifications - CISSP, CISM, CCSP, ISO 27001 Lead Implementer / Auditor, Azure, AWS and GCP Certifications Skill expectations and others o You have great attention to detail, strong communication and collaboration skills o You come with a mix of technical, analytical and problem-solving skills o You come with a mindset of helping improve the Information Security Program at all times o You are an avid learner which you continuously look at imbibing and applying on the job o You are a self-starter, a go getter and an innovative thinker with a positive attitude Required Skills
Posted 1 month ago
4.0 - 7.0 years
7 - 10 Lacs
Bengaluru
Work from Office
Product Manager-AI for Security - J49049 Core Requirements 47 years of product management experience, with at least 2+ years in cybersecurity platforms (e.g., SIEM, SOAR, XDR, or TIP) Experience working with GenAI/LLM use cases in security contexts Strong communication and market-facing presence Deep understanding of: SOC operations and detection engineering Telemetry sources: PCAP, NetFlow, EDR logs, UEBA signals Adversary tactics (MITRE ATT&CK) and incident response flows Required Candidate profile Candidate Experience Should Be : 4 To 7 Candidate Degree Should Be : BE-Comp/IT,BEd
Posted 1 month ago
7.0 - 10.0 years
11 - 13 Lacs
Bengaluru
Work from Office
Job Title: Lead SOC Analyst (Microsoft Sentinel Specialist) Location: Bangalore (Work from Office) Department: Security Operations Center (SOC) Reports To: SOC Manager / Head of Security Operations Job Summary: We are seeking a highly skilled and experienced Lead SOC Analyst with deep expertise in Microsoft Sentinel to join our Security Operations Center. The ideal candidate will be responsible for leading threat detection, incident response, and proactive threat hunting activities, with a primary focus on leveraging Microsoft Sentinel and its associated Microsoft Defender XDR ecosystem. Key Responsibilities: Lead day-to-day SOC operations, ensuring timely detection, triage, analysis, and response to security incidents. Design, develop, and fine-tune Microsoft Sentinel analytics rules (KQL) , workbooks, playbooks (Logic Apps), and automation rules. Oversee and improve threat detection use cases , MITRE ATT&CK coverage, and alert tuning in Microsoft Sentinel. Correlate events from Microsoft Defender for Endpoint, Defender for Identity, Defender for Office 365, and Defender for Cloud to drive enriched detections. Perform proactive threat hunting using Sentinel and other available tools. Guide and mentor SOC Analysts (L1/L2), provide technical escalation support and help develop their technical capabilities. Lead or participate in incident response efforts , including forensic investigation and root cause analysis. Maintain and update SOC documentation, playbooks, and SOPs. Collaborate with internal teams and customers to provide insights, reports, and continuous improvements. Stay updated on the latest cyber threats, vulnerabilities, and Microsoft security product enhancements. Required Skills & Experience: 5+ years of experience in cybersecurity, with at least 2 years of hands-on experience with Microsoft Sentinel . Strong command of Kusto Query Language (KQL) . Experience with Microsoft Defender suite (MDE, MDI, MDO, MDC) and integration with Sentinel. Solid understanding of SIEM/SOAR concepts , threat detection, incident response, and threat hunting. Familiarity with MITRE ATT&CK framework and NIST/ISO incident response process. Experience with Azure Logic Apps and automation in Sentinel is a plus. Hands-on experience in handling advanced persistent threats (APT) , phishing campaigns, lateral movement, and data exfiltration incidents. Preferred Certifications (one or more): Microsoft Certified: Security Operations Analyst Associate (SC-200) Certified SOC Analyst (CSA) Soft Skills: Strong communication and leadership skills. Ability to manage priorities and multitask effectively in a high-pressure environment. Analytical and detail-oriented with a proactive mindset.
Posted 2 months ago
2.0 - 6.0 years
4 - 8 Lacs
Kolkata
Work from Office
Role Summary Join our team as a Splunk Sales Engineer, where you'll help redefine how businesses use information in decision-making This is your chance to lead the evaluation stage of the sales process, serving as the key advisor for Splunks innovative offerings alongside our sales team, customers, and partners! What This Role Gets To Do Competent in showcasing and promote Splunks products and services through presentations and engaging webinars, both onsite and at industry events, Serve as a trusted Functional Specialist, conveying the value of Splunk's technology and applications to both technical and business customers, Develop tailored solutions by understanding and addressing each customer's outstanding needs and challenges, Build and maintain strong, collaborative relationships with a diverse range of customer from technical staff to senior management, throughout the sales cycle, Lead the technology evaluation phase, independently guiding prospects and customers through technical queries and solution exploration, Respond efficiently and with competence to functional and technical elements of RFPs and RFIs, driving comprehensive and customer-centric solutions, Participate in complicated proof-of-concept /proof-of-value events, collaborate with a team with varied strengths to establish success criteria and communicate valuable outcomes, Quickly adapt to new tools and processes, making valuable contributions to the continuous improvement of our Solutions Engineering team, Competent participation and/or working with a wider team in Unified Engagement Model (UEM) on moderately complicated accounts, Drive overall customer satisfaction through all the stages of the sales lifecycle, Partner with marketing to build impactful content and showcase Splunk's value in marketing and industry events, Must-have Qualifications A competent Presales / Technical Sales experience in a software vendor environment with validated results in technical software vendor sales, Able to conduct discovery sessions to understand customer business goals and demonstrate how Splunk can deliver targeted solutions, Experience in crafting detailed responses to RFIs/RFPs, showcasing reliability and technical acuity, A strong teammate who thrives in the technology assessment phase, actively contributing as a crucial technical advisor, Excellent knowledge of Company's overall IT technology Ability to investigate technicalities when needed to provide hands-on demonstrations, Great analytical problem solving and decision making skills and competent to work independently to resolve, identify issues, risks and suggest mitigations strategies, Competent to identify all technical issues of your assigned accounts to assure customer satisfaction throughout the UEM process Establish and maintain positive relationships with your customer technical decision makers and staff, Strong communications, presentation and interpersonal skills, Willingness to travel where required, Technical Literacy Security controls within an enterprise environment (eg Firewalls, IDPS, Proxies/Load Balancers, WAF, EDR, Cloud Security, Container Security, SAST/DAST, DDoS etc) SIEM, XDR, SOAR, TIP technologies SOC processes and procedures MITRE ATT&CK Framework Additional frameworks eg NIST\ISO27001\Cyber Kill Chain Emerging security trends e-g AI\ML, Bedrock Nice-to-have Qualifications Strong self-motivation and well-rounded growth mindset to thrive in a dynamic, fast-growing, constantly evolving environment and learn new technologies, Relevant certifications in CISSP/CEH/GIAC/CCSP, AWS/Azure/GCP
Posted 2 months ago
2.0 - 6.0 years
4 - 8 Lacs
Mumbai
Work from Office
Role Summary Join our team as a Splunk Sales Engineer, where you'll help redefine how businesses use information in decision-making This is your chance to lead the evaluation stage of the sales process, serving as the key advisor for Splunks innovative offerings alongside our sales team, customers, and partners! What This Role Gets To Do Competent in showcasing and promote Splunks products and services through presentations and engaging webinars, both onsite and at industry events, Serve as a trusted Functional Specialist, conveying the value of Splunk's technology and applications to both technical and business customers, Develop tailored solutions by understanding and addressing each customer's outstanding needs and challenges, Build and maintain strong, collaborative relationships with a diverse range of customer from technical staff to senior management, throughout the sales cycle, Lead the technology evaluation phase, independently guiding prospects and customers through technical queries and solution exploration, Respond efficiently and with competence to functional and technical elements of RFPs and RFIs, driving comprehensive and customer-centric solutions, Participate in complicated proof-of-concept /proof-of-value events, collaborate with a team with varied strengths to establish success criteria and communicate valuable outcomes, Quickly adapt to new tools and processes, making valuable contributions to the continuous improvement of our Solutions Engineering team, Competent participation and/or working with a wider team in Unified Engagement Model (UEM) on moderately complicated accounts, Drive overall customer satisfaction through all the stages of the sales lifecycle, Partner with marketing to build impactful content and showcase Splunk's value in marketing and industry events, Must-have Qualifications A competent Presales / Technical Sales experience in a software vendor environment with validated results in technical software vendor sales, Able to conduct discovery sessions to understand customer business goals and demonstrate how Splunk can deliver targeted solutions, Experience in crafting detailed responses to RFIs/RFPs, showcasing reliability and technical acuity, A strong teammate who thrives in the technology assessment phase, actively contributing as a crucial technical advisor, Excellent knowledge of Company's overall IT technology Ability to investigate technicalities when needed to provide hands-on demonstrations, Great analytical problem solving and decision making skills and competent to work independently to resolve, identify issues, risks and suggest mitigations strategies, Competent to identify all technical issues of your assigned accounts to assure customer satisfaction throughout the UEM process Establish and maintain positive relationships with your customer technical decision makers and staff, Strong communications, presentation and interpersonal skills, Willingness to travel where required, Technical Literacy Security controls within an enterprise environment (eg Firewalls, IDPS, Proxies/Load Balancers, WAF, EDR, Cloud Security, Container Security, SAST/DAST, DDoS etc) SIEM, XDR, SOAR, TIP technologies SOC processes and procedures MITRE ATT&CK Framework Additional frameworks eg NIST\ISO27001\Cyber Kill Chain Emerging security trends e-g AI\ML, Bedrock Nice-to-have Qualifications Strong self-motivation and well-rounded growth mindset to thrive in a dynamic, fast-growing, constantly evolving environment and learn new technologies, Relevant certifications in CISSP/CEH/GIAC/CCSP, AWS/Azure/GCP Splunk, a Cisco company, is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis,
Posted 2 months ago
6.0 - 10.0 years
13 - 18 Lacs
Mumbai, Hyderabad
Work from Office
Summary: Lead SOC technologies and Management, shall be responsible for ensuring the day-to-day operations and maintenance of the organization's security. Strengthen security posture and ensure the control effectiveness of security systems within an organization. Collaborate with diverse teams to ensure the seamless functioning of the Solutions, optimization of the security infrastructure and controls. Responsibilities: Ensure the day-to-day operations and maintenance of the organization's cyber security infrastructure and controls to protect systems, networks, and data. Ensure coverage and effectiveness of security operations and deployed solutions. Ensure optimum security, availability, performance, and capacity of security solutions under management. Configuration, Monitoring & Troubleshooting of SIEM, SOAR, UEBA, NBAD, Threat Intel, Deception etc. Responsible for Firmware upgrades, closing of Audit points/Vulnerabilities, Creation of Security Policies, Fine tuning of exiting Policies, Configuration Backups, Event Log Monitoring, Threat Intel integration, Signature finetuning etc. Ensure & maintain up-to-date documentation - SOPs, Architecture digrams etc. to remove dependency on people. Manage configuration changes and deployments according to established change management processes, ensuring minimal disruption and adherence to best practices. Ensure hardening, latest stable version and security patches of security devices and solutions Track EOL/EOS and ensure that there no technology obsolescence. Ensure resolution of incidents and outages, coordinating with internal teams and external vendors to restore service within agreed-upon SLAs. Handle escalations and run the smooth operations of security solutions. Identify & analyse pain areas in existing security operations & implement improvements Handle operational issues which require design/technical inputs. Ensure compliance with regulatory requirements, security policies, and security frameworks such as ISO 27001, NIST, or CIS Publish the relevant dashboards and status updates. Escalate deviations and violations in a timely manner. Remain current with organizations security policies, latest security advisories/threats, industry best practices and developments in cyber security, and recommend and implement best practices and technologies to mitigate emerging threats. Education: B.E/ B.Tech, MCA (Computer/IT)/B.Sc (Computer/IT) or degree in relevant field. Experience: Candidate should have 6+ years of experience preferably in Banking and Technology organization Knowledge: Sound experience in managing SOC technologies and operations in a large and complex environment. Should have sound understanding & knowledge of various SOC technologies & techniques like SIEM, SOAR, UEBA, NBAD, Threat Intel, Deception etc. Should have hands on experience on SOC platform administration, LOG Source integration, Playbook, Usecase engineering, incident response techniques and technologies. Finetune, configuring and thresholds for SIEM and vulnerability tools. Should have knowledge & understanding of IT infrastructure & networking technologies, operations and security principles. Ability to analyze endpoint, network, and application logs. Knowledge of various security methodologies and technical security solutions. Should prepare and implement the use cases for SOC monitoring team able to provide proactive threat hunting to detect incidents. Should have sound understanding about Threat Hunting, Mitigation and Response. Strong understanding of Regulatory security guidelines & master directions and security frameworks such as ISO 27001, NIST, or CIS. Should be well versed with ITIL and ITSM practices. Skills: Exceptional analytical, conceptual thinking, Troubleshooting and problem-solving skills. Strong leadership, negotiation, and conflict resolution skills. Detail-oriented with a focus on quality and accuracy in project/service deliverables Should have strong written, verbal and presentation skills. Ability to perform under pressure, influence stakeholders and work closely with them to determine acceptable solutions.
Posted 2 months ago
10 - 15 years
20 - 30 Lacs
Pune
Work from Office
Role & responsibilities Assessment and Planning: Evaluate existing systems (On-premises, AWS, GCP, etc.), and associated enabling capabilities (identity, security, HA/DR, monitoring, backup/restore, reporting, integrations, etc.). Design and develop comprehensive migration strategies and plans. Evaluate, recommend, and implement 7 Rs cloud migration strategies - rehost, replatform, refactor, repurchase, retire, retain, and relocate. Migration Execution: Manage and execute the migration process, ensuring minimal downtime and data integrity, and using tools like Azure Migrate. Cloud Infrastructure Management: Configure, optimize, and monitor Azure resources, including but not limited to virtual machines, AKS, storage, networking, and other services. Technical Expertise: Provide technical guidance to project teams, troubleshoot issues, and ensure compliance with cloud security best practices. Technical Leadership: Develop, train, and build internal teams with Azure skills and build a practice/Center of Excellence Post-Migration Support: Provide documentation, training, and ongoing support to internal teams and clients. Optimization and Cost Efficiency: Continuously monitor and optimize cloud infrastructure performance and cost-efficiency. Collaboration: Work with cross-functional teams (developers, IT, security, compliance) to ensure seamless integration and alignment.
Posted 2 months ago
Upload Resume
Drag or click to upload
Your data is secure with us, protected by advanced encryption.
Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.
We have sent an OTP to your contact. Please enter it below to verify.
Accenture
31458 Jobs | Dublin
Wipro
16542 Jobs | Bengaluru
EY
10788 Jobs | London
Accenture in India
10711 Jobs | Dublin 2
Amazon
8660 Jobs | Seattle,WA
Uplers
8559 Jobs | Ahmedabad
IBM
7988 Jobs | Armonk
Oracle
7535 Jobs | Redwood City
Muthoot FinCorp (MFL)
6170 Jobs | New Delhi
Capgemini
6091 Jobs | Paris,France