193 Soar Jobs - Page 8

Job Title: Lead SOC Analyst (Microsoft Sentinel Specialist) Location: Bangalore (Work from Office) Department: Security Operations Center (SOC) Reports To: SOC Manager / Head of Security Operations Job Summary: We are seeking a highly skilled and experienced Lead SOC Analyst with deep expertise in Microsoft Sentinel to join our Security Operations Center. The ideal candidate will be responsible for leading threat detection, incident response, and proactive threat hunting activities, with a primary focus on leveraging Microsoft Sentinel and its associated Microsoft Defender XDR ecosystem. Key Responsibilities: Lead day-to-day SOC operations, ensuring timely detection, triage, analysis, and response to security incidents. Design, develop, and fine-tune Microsoft Sentinel analytics rules (KQL) , workbooks, playbooks (Logic Apps), and automation rules. Oversee and improve threat detection use cases , MITRE ATT&CK coverage, and alert tuning in Microsoft Sentinel. Correlate events from Microsoft Defender for Endpoint, Defender for Identity, Defender for Office 365, and Defender for Cloud to drive enriched detections. Perform proactive threat hunting using Sentinel and other available tools. Guide and mentor SOC Analysts (L1/L2), provide technical escalation support and help develop their technical capabilities. Lead or participate in incident response efforts , including forensic investigation and root cause analysis. Maintain and update SOC documentation, playbooks, and SOPs. Collaborate with internal teams and customers to provide insights, reports, and continuous improvements. Stay updated on the latest cyber threats, vulnerabilities, and Microsoft security product enhancements. Required Skills & Experience: 5+ years of experience in cybersecurity, with at least 2 years of hands-on experience with Microsoft Sentinel . Strong command of Kusto Query Language (KQL) . Experience with Microsoft Defender suite (MDE, MDI, MDO, MDC) and integration with Sentinel. Solid understanding of SIEM/SOAR concepts , threat detection, incident response, and threat hunting. Familiarity with MITRE ATT&CK framework and NIST/ISO incident response process. Experience with Azure Logic Apps and automation in Sentinel is a plus. Hands-on experience in handling advanced persistent threats (APT) , phishing campaigns, lateral movement, and data exfiltration incidents. Preferred Certifications (one or more): Microsoft Certified: Security Operations Analyst Associate (SC-200) Certified SOC Analyst (CSA) Soft Skills: Strong communication and leadership skills. Ability to manage priorities and multitask effectively in a high-pressure environment. Analytical and detail-oriented with a proactive mindset.

Role Summary Join our team as a Splunk Sales Engineer, where you'll help redefine how businesses use information in decision-making This is your chance to lead the evaluation stage of the sales process, serving as the key advisor for Splunks innovative offerings alongside our sales team, customers, and partners! What This Role Gets To Do Competent in showcasing and promote Splunks products and services through presentations and engaging webinars, both onsite and at industry events, Serve as a trusted Functional Specialist, conveying the value of Splunk's technology and applications to both technical and business customers, Develop tailored solutions by understanding and addressing each customer's outstanding needs and challenges, Build and maintain strong, collaborative relationships with a diverse range of customer from technical staff to senior management, throughout the sales cycle, Lead the technology evaluation phase, independently guiding prospects and customers through technical queries and solution exploration, Respond efficiently and with competence to functional and technical elements of RFPs and RFIs, driving comprehensive and customer-centric solutions, Participate in complicated proof-of-concept /proof-of-value events, collaborate with a team with varied strengths to establish success criteria and communicate valuable outcomes, Quickly adapt to new tools and processes, making valuable contributions to the continuous improvement of our Solutions Engineering team, Competent participation and/or working with a wider team in Unified Engagement Model (UEM) on moderately complicated accounts, Drive overall customer satisfaction through all the stages of the sales lifecycle, Partner with marketing to build impactful content and showcase Splunk's value in marketing and industry events, Must-have Qualifications A competent Presales / Technical Sales experience in a software vendor environment with validated results in technical software vendor sales, Able to conduct discovery sessions to understand customer business goals and demonstrate how Splunk can deliver targeted solutions, Experience in crafting detailed responses to RFIs/RFPs, showcasing reliability and technical acuity, A strong teammate who thrives in the technology assessment phase, actively contributing as a crucial technical advisor, Excellent knowledge of Company's overall IT technology Ability to investigate technicalities when needed to provide hands-on demonstrations, Great analytical problem solving and decision making skills and competent to work independently to resolve, identify issues, risks and suggest mitigations strategies, Competent to identify all technical issues of your assigned accounts to assure customer satisfaction throughout the UEM process Establish and maintain positive relationships with your customer technical decision makers and staff, Strong communications, presentation and interpersonal skills, Willingness to travel where required, Technical Literacy Security controls within an enterprise environment (eg Firewalls, IDPS, Proxies/Load Balancers, WAF, EDR, Cloud Security, Container Security, SAST/DAST, DDoS etc) SIEM, XDR, SOAR, TIP technologies SOC processes and procedures MITRE ATT&CK Framework Additional frameworks eg NIST\ISO27001\Cyber Kill Chain Emerging security trends e-g AI\ML, Bedrock Nice-to-have Qualifications Strong self-motivation and well-rounded growth mindset to thrive in a dynamic, fast-growing, constantly evolving environment and learn new technologies, Relevant certifications in CISSP/CEH/GIAC/CCSP, AWS/Azure/GCP

Role Summary Join our team as a Splunk Sales Engineer, where you'll help redefine how businesses use information in decision-making This is your chance to lead the evaluation stage of the sales process, serving as the key advisor for Splunks innovative offerings alongside our sales team, customers, and partners! What This Role Gets To Do Competent in showcasing and promote Splunks products and services through presentations and engaging webinars, both onsite and at industry events, Serve as a trusted Functional Specialist, conveying the value of Splunk's technology and applications to both technical and business customers, Develop tailored solutions by understanding and addressing each customer's outstanding needs and challenges, Build and maintain strong, collaborative relationships with a diverse range of customer from technical staff to senior management, throughout the sales cycle, Lead the technology evaluation phase, independently guiding prospects and customers through technical queries and solution exploration, Respond efficiently and with competence to functional and technical elements of RFPs and RFIs, driving comprehensive and customer-centric solutions, Participate in complicated proof-of-concept /proof-of-value events, collaborate with a team with varied strengths to establish success criteria and communicate valuable outcomes, Quickly adapt to new tools and processes, making valuable contributions to the continuous improvement of our Solutions Engineering team, Competent participation and/or working with a wider team in Unified Engagement Model (UEM) on moderately complicated accounts, Drive overall customer satisfaction through all the stages of the sales lifecycle, Partner with marketing to build impactful content and showcase Splunk's value in marketing and industry events, Must-have Qualifications A competent Presales / Technical Sales experience in a software vendor environment with validated results in technical software vendor sales, Able to conduct discovery sessions to understand customer business goals and demonstrate how Splunk can deliver targeted solutions, Experience in crafting detailed responses to RFIs/RFPs, showcasing reliability and technical acuity, A strong teammate who thrives in the technology assessment phase, actively contributing as a crucial technical advisor, Excellent knowledge of Company's overall IT technology Ability to investigate technicalities when needed to provide hands-on demonstrations, Great analytical problem solving and decision making skills and competent to work independently to resolve, identify issues, risks and suggest mitigations strategies, Competent to identify all technical issues of your assigned accounts to assure customer satisfaction throughout the UEM process Establish and maintain positive relationships with your customer technical decision makers and staff, Strong communications, presentation and interpersonal skills, Willingness to travel where required, Technical Literacy Security controls within an enterprise environment (eg Firewalls, IDPS, Proxies/Load Balancers, WAF, EDR, Cloud Security, Container Security, SAST/DAST, DDoS etc) SIEM, XDR, SOAR, TIP technologies SOC processes and procedures MITRE ATT&CK Framework Additional frameworks eg NIST\ISO27001\Cyber Kill Chain Emerging security trends e-g AI\ML, Bedrock Nice-to-have Qualifications Strong self-motivation and well-rounded growth mindset to thrive in a dynamic, fast-growing, constantly evolving environment and learn new technologies, Relevant certifications in CISSP/CEH/GIAC/CCSP, AWS/Azure/GCP Splunk, a Cisco company, is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis,

Summary: Lead SOC technologies and Management, shall be responsible for ensuring the day-to-day operations and maintenance of the organization's security. Strengthen security posture and ensure the control effectiveness of security systems within an organization. Collaborate with diverse teams to ensure the seamless functioning of the Solutions, optimization of the security infrastructure and controls. Responsibilities: Ensure the day-to-day operations and maintenance of the organization's cyber security infrastructure and controls to protect systems, networks, and data. Ensure coverage and effectiveness of security operations and deployed solutions. Ensure optimum security, availability, performance, and capacity of security solutions under management. Configuration, Monitoring & Troubleshooting of SIEM, SOAR, UEBA, NBAD, Threat Intel, Deception etc. Responsible for Firmware upgrades, closing of Audit points/Vulnerabilities, Creation of Security Policies, Fine tuning of exiting Policies, Configuration Backups, Event Log Monitoring, Threat Intel integration, Signature finetuning etc. Ensure & maintain up-to-date documentation - SOPs, Architecture digrams etc. to remove dependency on people. Manage configuration changes and deployments according to established change management processes, ensuring minimal disruption and adherence to best practices. Ensure hardening, latest stable version and security patches of security devices and solutions Track EOL/EOS and ensure that there no technology obsolescence. Ensure resolution of incidents and outages, coordinating with internal teams and external vendors to restore service within agreed-upon SLAs. Handle escalations and run the smooth operations of security solutions. Identify & analyse pain areas in existing security operations & implement improvements Handle operational issues which require design/technical inputs. Ensure compliance with regulatory requirements, security policies, and security frameworks such as ISO 27001, NIST, or CIS Publish the relevant dashboards and status updates. Escalate deviations and violations in a timely manner. Remain current with organizations security policies, latest security advisories/threats, industry best practices and developments in cyber security, and recommend and implement best practices and technologies to mitigate emerging threats. Education: B.E/ B.Tech, MCA (Computer/IT)/B.Sc (Computer/IT) or degree in relevant field. Experience: Candidate should have 6+ years of experience preferably in Banking and Technology organization Knowledge: Sound experience in managing SOC technologies and operations in a large and complex environment. Should have sound understanding & knowledge of various SOC technologies & techniques like SIEM, SOAR, UEBA, NBAD, Threat Intel, Deception etc. Should have hands on experience on SOC platform administration, LOG Source integration, Playbook, Usecase engineering, incident response techniques and technologies. Finetune, configuring and thresholds for SIEM and vulnerability tools. Should have knowledge & understanding of IT infrastructure & networking technologies, operations and security principles. Ability to analyze endpoint, network, and application logs. Knowledge of various security methodologies and technical security solutions. Should prepare and implement the use cases for SOC monitoring team able to provide proactive threat hunting to detect incidents. Should have sound understanding about Threat Hunting, Mitigation and Response. Strong understanding of Regulatory security guidelines & master directions and security frameworks such as ISO 27001, NIST, or CIS. Should be well versed with ITIL and ITSM practices. Skills: Exceptional analytical, conceptual thinking, Troubleshooting and problem-solving skills. Strong leadership, negotiation, and conflict resolution skills. Detail-oriented with a focus on quality and accuracy in project/service deliverables Should have strong written, verbal and presentation skills. Ability to perform under pressure, influence stakeholders and work closely with them to determine acceptable solutions.

Role & responsibilities Assessment and Planning: Evaluate existing systems (On-premises, AWS, GCP, etc.), and associated enabling capabilities (identity, security, HA/DR, monitoring, backup/restore, reporting, integrations, etc.). Design and develop comprehensive migration strategies and plans. Evaluate, recommend, and implement 7 Rs cloud migration strategies - rehost, replatform, refactor, repurchase, retire, retain, and relocate. Migration Execution: Manage and execute the migration process, ensuring minimal downtime and data integrity, and using tools like Azure Migrate. Cloud Infrastructure Management: Configure, optimize, and monitor Azure resources, including but not limited to virtual machines, AKS, storage, networking, and other services. Technical Expertise: Provide technical guidance to project teams, troubleshoot issues, and ensure compliance with cloud security best practices. Technical Leadership: Develop, train, and build internal teams with Azure skills and build a practice/Center of Excellence Post-Migration Support: Provide documentation, training, and ongoing support to internal teams and clients. Optimization and Cost Efficiency: Continuously monitor and optimize cloud infrastructure performance and cost-efficiency. Collaboration: Work with cross-functional teams (developers, IT, security, compliance) to ensure seamless integration and alignment.

Wipro Limited (NYSEWIT, BSE507685, NSEWIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. About The Role Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information ? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails ? Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT ? ? Mandatory Skills: SOAR Tools. Experience5-8 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

SIEM (Microsoft Sentinel, Wazuh, Splunk, QRadar Azure Security Center multi-cloud environments (AWS, Azure, GCP) SOAR, Azure Sentinel Note: Sentinel One not required

Managed Services SOC Manager Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

The Information Security program protects Burns & McDonnell data, systems, and employees from evolving cyber threats with focus on continually reducing cybersecurity risk for the company. The Senior Information Security Analyst functions as a subject matter expert in evaluating the overall security posture. They will assess and identify vulnerabilities, analyze risks, and recommend solutions to mitigate these risks. Responsibilities : Risk Assessment: Conduct regular assessments of the organization's cybersecurity measures to identify vulnerabilities and risks. Monitoring and Analysis: Use various tools to monitor networks and systems for security breaches or intrusions. Analyze security breaches to understand their root causes. Incident Response: Play a key role in responding to security incidents and breaches, including assisting with investigations and remediation efforts. Reporting: Prepare detailed reports on security issues, such as breach incidents, current risk status, and improvement recommendations. Policy Development Support: Assist in developing and updating the organization's security policies and procedures based on the findings and evolving threat landscape. Training: Perform security awareness training program related to phishing campaigns. All other duties as assigned. - Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Technology, or related field. Minimum 8 years of experience in Information Security. Information Security certification (CISSP, GSEC, Security+) Demonstrated expert knowledge with two or more Information Security technologies such as EDR, IPS, SIEM, SOAR, CASB, CAASM, IAM, PAM, NAC, MFA, and DLP Broad understanding of network and security protocols such as, DNS, SPF/DKIM/DMARC, SSL/TLS, TCP/UDP, IPSec. Experience with CIS Critical Security Controls, OWASP Top 10, and MITRE ATT&CK framework. Demonstrated knowledge and experience of securing cloud environments such as Azure, AWS, and GCP. Broad experience and familiarity with Information Technology such as routers, load balancers, web application gateways, PKI, and Active Directory. Demonstrated knowledge of compliance frameworks (ISO 27001, SOC 2, NIST, FedRAMP, etc.). Demonstrated ability to evaluate cybersecurity risk and propose risk mitigations to technical and non-technical audiences. Highly effective oral and written communication skills with ability to convey security concepts and risks to non-technical personnel.

We are seeking a talented individual to join our GIS Team at MMC Corporate This role will be based in Gurgaon. This is a hybrid role that has a requirement of working at least three days a week in the office. What can you expect? As a Cybersecurity Detection and Automation Engineer, you will be responsible for the consultation, creation, documentation and tuning of new and existing detection mechanisms to identify and mitigate threats within our Security Information and Event Management (SIEM) tool and our Managed Detection and Response (MDR) tool. Additionally, you will be responsible for supporting the growing automation efforts within GCD. We will count on you for: Excellent critical thinking skills, with proven analytical expertise and the ability to learn adaptively Demonstrated effective verbal, written and interpersonal communication skills with the ability to communicate security concepts to both technical and non-technical audiences Experience with security technologies and alerts, such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners, forensics tools, open-source tools, or other security technologies Experience analyzing and articulating cyber attacks Demonstrated experience with programing languages (e.g., Python, PowerShell) for automation Implementation and customization of Security Orchestration, Automation, and Response (SOAR) platforms Knowledge in one or more of the following domains: Network Operations and Architecture, Operating Systems, Identity and Access Management, Programming, Cloud Computing, Databases, or Cryptography What you need to have: Ability to operate independently in a dynamic, evolving environment with multiple inputs and tasks simultaneously Knowledge of common attacks, current threats, threat actors, and industry trends Familiarity with common security frameworks and models, such as MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, The Diamond Model of Intrusion Analysis and NIST Cybersecurity Framework Previous automation projects related to the Security space Working knowledge with multiple SIEMs and EDRs What makes you stand out? Cybersecurity Detection and Automation Engineer Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.

Role & responsibilities Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred. Lead and mentor the SOC team, fostering a culture of continuous improvement and collaboration. Oversee the day-to-day operations of the SOC, ensuring efficient incident detection, response, and recovery processes Collaborate with IT and business units to integrate cybersecurity measures into existing and new technology deployments Manage cybersecurity projects, including the selection and implementation of state-of-the-art security tools and technologies. Conduct regular security assessments, penetration testing, and proactive threat hunting to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC. At least 5 years of experience in cybersecurity, with a minimum of 3 years in a leadership role within an SOC environment. Extensive knowledge of and experience with cybersecurity regulations and standards. Proficient in managing and configuring security technologies (e.g., SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools). Demonstrated ability to lead and develop high-performing teams. Excellent problem-solving, communication, and presentation skills. Must be a flexible to work in US Shift

AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation. AtAHEAD, we prioritize creating a culture of belonging,where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD. We are an equal opportunity employer,anddo not discriminatebased onan individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, maritalstatus,or any other protected characteristic under applicable law, whether actual or perceived. We embraceall candidatesthatwillcontribute to the diversification and enrichment of ideas andperspectives atAHEAD. Requirements: Proficient with Active Directory and related concepts Familiar with access control methods (RBAC/ABAC) Working knowledge of identity lifecycle management processes and challenges Hands-on experience with cybersecurity tools that function in the following spacesPAM / PIM / IAM, DLP, SOAR (XSIAM), Microsoft Security, AWS Security, Red Teaming / AppSec, Isolated Recovery Environments (IREs) Experience with identity federation and SSO solutions PAM experience or familiarity with specific vendor tools Able to speak to PAM best practices Understanding of the principle of least privilege, separation of duties Experience with REST API and app integration Experience configuring, guiding, or overseeing access review and certification, role management Past participation in identity steering committee Understanding of PIM, JIT, conditional access Familiarity with US compliance and regulatory frameworks that inform identity requirements Qualifications: 6+ years of working knowledge of one or more Identity-Based Security SolutionsOkta, Sailpoint, Delinea, BeyondTrust, CyberArk, etc. Any of the following preferred but not required Security+, CISSP, any vendor-specific certifications related to Identity products Willingness to travel to support client projects and shadowing opportunities (50+ % of the time) Why AHEAD: Through our daily work and internal groups like Moving Women AHEAD and RISE AHEAD, we value and benefit from diversity of people, ideas, experience, and everything in between. We fuel growth by stacking our office with top-notch technologies in a multi-million-dollar lab, by encouraging cross department training and development, sponsoring certifications and credentials for continued learning. USA Employment Benefits include - Medical, Dental, and Vision Insurance - 401(k) - Paid company holidays - Paid time off - Paid parental and caregiver leave - Plus more! See benefits https://www.aheadbenefits.com/ for additional details. The compensation range indicated in this posting reflects the On-Target Earnings (OTE) for this role, which includes a base salary and any applicable target bonus amount. This OTE range may vary based on the candidates relevant experience, qualifications, and geographic location.

Title: CTM Engineer/Analyst (Information Security Analyst) Business Area: Information Security Experience: 5-8 years Education: Graduation+ CERTIFICATION(S): Security +, GCIH, GSOC, GCDA, GCIA Core purpose: The risk and threat to the confidentiality, integrity and availability of clients data is constantly evolving and the security of our information is paramount to the company brand. You will demonstrate excellence and professional Information Security capabilities through your daily activities. This will be through a proactive approach and attention to detail for all aspects of Information and Cyber Security. This is firstly to ensure that client has its and Client’s data, infrastructure, services, and operations protected through appropriate governance and controls. Secondly you will contribute to and help to maintain the client’s Information Security certifications so that we are in prime position to win new opportunities that the company pursues. Mandatory requirements for the role for CTM: Experience of using security tools - SIEM, Anti-Virus, Threat Intel Platform, DLP monitoring, Vulnerability Management, SOAR, etc. Experience of using Cloud security tools - MS Defender for Cloud, Intune, Purview. Ability to create standard operating procedures (SOP’s) and Playbooks for Information Security tasks. To be able to understand cyber-attacks and how they relate to the Mitre Framework and Tactics, Techniques and Procedures (TTP). Keep up to date with Cyber Threat Intelligence (CTI) emerging threats through security advisories, forums, and personal research. Key responsibilities: Experience of using security tools - SIEM, Anti-Virus, Threat Intel Platform, DLP monitoring, Vulnerability Management, SOAR, etc. Experience of using Cloud security tools - MS Defender for Cloud, Intune, Purview. As a member of the Information Security team complete the daily, monthly, and annual security checks of Threat Intel sources, security tool alerts and security reports. Responsible for escalation within the SecOps team for security issues to required timescales and quality; supporting technical and business stakeholders by providing (locally and remotely) InfoSec support, processing demands and ensuring these are completed within the required timescale. To produce new standard operating procedures (SOP’s) and Playbooks for Information Security tasks. To understand technical IS or IT designs and assist with their production. Produce and maintain Information Security supporting records. Such as Network Topology or Data Flow diagrams for services provided to clients. To be able to understand cyber-attacks and how they relate to the Mitre Framework and Tactics, Techniques and Procedures (TTP). Understand and adhere to all policies, procedures, and relevant legislation; ensure ISMS documentation is up to date and accurate. Keep up to date with Cyber Threat Intelligence (CTI) emerging threats through security advisories, forums, and personal research. Production of scope of work documentation for Penetration Testing exercises and the scheduling of periodic scan activities. Own tasks associated with ISO27001, SOX, PCI/DSS, NIST and Cyber Essentials audit activities. Contribute to improving the Security Maturity NIST programme. The production of high-level technical designs and assist others with peer reviews. Knowledge and understanding of GDPR, ISO27001 and NIST CSF. Help to maintain the Information Security Management System (ISMS) framework and other regulatory standards. Stakeholder engagement: Assist with Client and Internal audit activities. Assist Independent auditors and suppliers to investigate and progress any identified risks or threats to an appropriate conclusion. Performance management: Contribute to team meetings with your views and recommendations in aid to improving efficiency and capability of Information Security. Identify areas for improvement within existing policies, procedures, reports, and tools to improve the efficiency and capability of Information Security. Produce and contribute to your performance development plan. This will be managed and progresses through 1-2-1 meetings.

Job Summary: We are looking for an experienced SOC Security Analyst SME to join our cybersecurity team. This role involves real-time monitoring, threat hunting, incident response, and implementing modern detective controls to proactively defend against evolving cyber threats. Need Immediate Joiners or with a notice Period of a Month would be preferrable. Work From Office and will have Rotational Shifts. Key Responsibilities: Analyze and respond to security alerts and incidents. Perform deep-dive investigations to identify root causes and suggest mitigations. Design modern detective controls and continuously improve detection capabilities. Conduct proactive threat hunting and improve alerting use cases. Participate in 24/7 incident response rotation and document IR activities. Stay informed on threat actor tactics and industry trends to enhance security posture. Mandatory Skills & Qualifications: Bachelors degree in Computer Science, InfoSec, or related field 57+ years of experience in a Security Operations Center (SOC) or similar role Strong background in threat hunting and security incident analysis Experience with SIEM, SOAR, and XDR tools (e.g., Cortex XSIAM, Torq) Familiarity with cybersecurity frameworks like NIST , MITRE ATT&CK , and kill chain methodology Excellent analytical skills and attention to detail Preferred (Good-to-Have) Skills: Cloud security (Azure, AWS, GCP) Incident response experience in complex environments Endpoint and network forensic analysis Certifications: CISSP, GIAC, CEH Scripting in Python, PowerShell

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities: SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization. Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows. Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools. Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization. Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations. Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: Proficiency in scripting and programming Python to develop custom playbooks and integrations. Strong understanding of security operations, incident response, and threat intelligence workflows. Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools. Ability to troubleshoot complex integration and automation issues effectively. Additional Information: Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent. Experience with cloud-native SOAR deployments and hybrid environments. Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001. A 15 year full-time education is required 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Role & responsibilities 9+ years of experience in cybersecurity, specializing in Managed Security Services (MSS) and advanced operational environments. Familiarity with a wide range of cybersecurity solutions, including Threat Detection and Response technologies (e.g., SIEM, SOAR, EDR, XDR), Identity Management systems (e.g., IGA, PAM, SSO), and Data Protection tools. Strong understanding of the technology landscape and the cybersecurity challenges faced by organizations. Proven ability to build and maintain relationships with decision-makers, including C-suite stakeholders, to drive business growth. Skilled in managing the sales pipeline from lead generation to deal closure, ensuring accurate forecasting and alignment with client objectives. Excellent communication and presentation abilities to articulate complex security solutions effectively. Capable of independently driving sales opportunities through the full cycle, including product demonstrations and collaboration with internal teams (e.g., solution architects, delivery managers). Experienced in working with GCCs in India is highly preferred. Proficient in CRM tools, Microsoft Office, and industry best practices. Continuously monitors industry trends, competitor strategies, and market developments to identify and seize new opportunities. Willingness to travel to meet business needs.

About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience Role & responsibilities: The candidate should be hands-on in managing Security Operations, SOC, Identify access management, Risk Management Should have worked on Blueprinting and Designing of SOC frameworks and implementation of SOC/SIEM solution and Enterprise Architecture Should be hands-on on security processes with good client and Market facing experience in India geography Should have worked on Designing, solutioning and Implementation of Cyber Security Frameworks - Security Operations Strategy, Vulnerability Management - Application & Infrastructure and Threat Intelligence and Analytics Preferred candidate profile : Should have worked on the below - M&A experience - Actively monitoring, analyzing & escalating SIEM alerts based on correlation rules, Active threat hunting on network flow, user behavior and threat intelligence Candidate should have expert level domain knowledge (Cyber Security), Threat Hunting, SIEM - Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm/Qradar ), Ability to Comprehend Logs (HTTP, SMTP, Network), Operating systems and servers, Organizes Technical Sessions / Talks. Candidate should able to familiar with python Scripting & Windows Active Directory (Optional). Vulnerability Management Services - External & internal Vulnerability scanning, VMS tool Qualys & Kenna Administration, Application server & Vulnerability scanning Candidate should have expert level domain knowledge (Cyber Security), Vulnerability scans and recognizing vulnerabilities in security systems, Network analysis tools to identify vulnerabilities, Develop insights about the context of an organizations threat environment, Risk management processes, Network attack and a network attacks relationship to both threats and vulnerabilities. Candidate should have advance level understanding of Impact/risk assessments. Security Operations and Management experience - SOC Experience in Identity access, privilege access, vulnerability management Client facing - front end with the client- focused on engagements + Sales, BD + Capability Development Qualification: B.Tech / M.Tech/ MCA professional with 9-12 years of experience in the relevant role Should have strong hands on MS Power Point and MS Project Hands on experience and certification in any one SIEM (IBM QRadar, ArcSight, Azure Sentinel, Splunk) Security Certifications like CISSP, CISM, GIAC, Security+ etc Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Role & Responsibility: Azure Cloud Migration Expert: An Azure Cloud Migration Expert is responsible for planning, designing, and executing the migration of on-premises or other Public/Private Cloud Providers hosted applications and infrastructure to the Azure cloud. They ensure seamless transitions, optimization, integrity, and adhere to Azure Well-Architected Framework during and after the migration process. Key Responsibilities: Assessment and Planning: Evaluate existing systems (On-premises, AWS, GCP, etc.), and associated enabling capabilities (identity, security, HA/DR, monitoring, backup/restore, reporting, integrations, etc.). Design and develop comprehensive migration strategies and plans. Evaluate, recommend, and implement 7 Rs cloud migration strategies - rehost, replatform, refactor, repurchase, retire, retain, and relocate. Migration Execution: Manage and execute the migration process, ensuring minimal downtime and data integrity, and using tools like Azure Migrate. Cloud Infrastructure Management: Configure, optimize, and monitor Azure resources, including but not limited to virtual machines, AKS, storage, networking, and other services. Technical Expertise: Provide technical guidance to project teams, troubleshoot issues, and ensure compliance with cloud security best practices. Technical Leadership: Develop, train, and build internal teams with Azure skills and build a practice/Center of Excellence Post-Migration Support: Provide documentation, training, and ongoing support to internal teams and clients. Optimization and Cost Efficiency: Continuously monitor and optimize cloud infrastructure performance and cost-efficiency. Collaboration: Work with cross-functional teams (developers, IT, security, compliance) to ensure seamless integration and alignment. Required Skills: Azure expertise: Proficiency in Azure services, architecture, and best practices. AWS/Public Cloud awareness: Good working understanding of AWS or other public cloud providers. Cloud Architecture and Design: Good understanding of architecting cloud solutions cloud native design, micro services framework. Cloud Native Skills: In-depth knowledge and experience with technologies like Docker, Kubernetes, Packer Cloud migration tools: Experience with Azure Migrate, Site Recovery, and other relevant tools. Networking and security: Strong understanding of cloud networking, security protocols, and compliance. Scripting and automation: Proficiency in scripting languages (PowerShell, Python) for automating tasks and infrastructure management. Experience in Azure Automation, Azure DevOps. Problem-solving and analytical skills: Ability to diagnose issues, develop solutions, and analyze data. Communication and collaboration: Excellent communication skills for interacting with stakeholders and cross-functional teams. Experience: Minimum 2-3 years of experience in cloud migration projects with Azure or other cloud providers. Overall, 5-7 years of experience. Experience with cloud architecture and services, Azure migration, automation and DevOps tools. Experience in security and compliance, observability, monitoring, SIEM, SOAR, SRE. Preferred candidate profile