167 Threat Analysis Jobs - Page 5

Key Responsibilities: Threat Assessment: Identifying potential security risks and vulnerabilities in the client's surroundings. Security Planning: Developing and implementing security strategies and routes to minimize threats. Close Protection: Providing physical protection to the client, both in public and private settings. Escorting and Transportation: Ensuring safe transportation of the client and coordinating logistics. Surveillance and Monitoring: Observing the client's environment for suspicious activity and responding to potential threats. Communication and Coordination: Maintaining clear communication with other security personnel and emergency services. Conflict Resolution: Managing potentially volatile situations and de-escalating conflicts. Emergency Response: Responding effectively to security breaches or emergencies, including evacuating the client when necessary. Confidentiality: Maintaining the client's privacy and discretion. Background Checks: Conducting background checks on employees, staff, and vendors who may interact with the client. Essential Skills: Security Expertise: Strong knowledge of security protocols, risk assessment, and defensive tactics. Physical Fitness: Ability to handle physical challenges and react quickly to threats. Situational Awareness: Excellent observational skills and the ability to remain alert in dynamic environments. Communication Skills: Effective verbal and non-verbal communication, both with the client and other security personnel. Problem-Solving Skills: Ability to analyze situations, identify solutions, and make quick decisions. Professionalism and Discretion: Maintaining a professional demeanor, adhering to strict confidentiality, and respecting the client's privacy. Adaptability: Ability to adjust to changing situations and environments

____________________________________________________________________________ - PLEASE SAVE WHATSAPP # 9315248639 - Nishant/Shreedevi is your POC from RexOreo Pvt Ltd. -Queries : All emails will come from id : team@rexoreo.com , so please keep an eye. _____________________________________________________________________________ Top Selection & Auto Elimination Criteria: Only Delhi NCR Candidates Need to apply as we need Only Immediate joiners (0-30 days) Rotational Shift Cab facility : Yes only late night pick or drop(1 side only for Gurgaon Employees) Location : Gurgaon Mode : 5 days work from Office only (NO Work from home) Relevant experience range 9+ Position : L3 SOC Analyst Experience : 9-14 years Only Current L2/L2+ (more than 2 years) or L3 candidates need to apply Experience in QRadar is mandatory Total Open Positions (as of 16-June 5.30pm) : 5 EMAIL @ team@rexoreo,com : A VOICE NOTE WHY YOU ARE FIT FOR THIS ROLE ___________________________________________________________________________ Position Description: The SOC Level 3 Analyst is a senior-level cybersecurity professional responsible for leading advanced threat detection, response, and mitigation activities within the Security Operations Center. This role acts as the final escalation point for complex security incidents and plays a crucial role in enhancing security monitoring, incident response procedures, and overall threat defense capabilities. The L3 Analyst collaborates with security engineers, incident response teams, threat intelligence analysts, and IT stakeholders to identify, investigate, and remediate security threats in real-time. Role and responsibilities: 1. Incident Response and Escalation Lead and coordinate end-to-end response for critical and high-severity security incidents. Perform advanced investigation and forensics on compromised systems, including log correlation, packet analysis, and endpoint review. Serve as a primary escalation point for SOC Tier 1 and Tier 2 analysts. Conduct root cause analysis and provide detailed incident reports with lessons learned and mitigation steps. 2. Threat Detection and Analysis Analyze and triage alerts generated by the SIEM and other security tools. Hunt for threats in the environment using threat intelligence and behavioral indicators (proactive threat hunting). Analyze and reverse-engineer malware, if required, to understand behavior and determine mitigation steps. Correlate threat intelligence feeds with internal data to identify indicators of compromise (IOCs) and advanced persistent threats (APTs). 3. Tooling and Automation Optimize and fine-tune detection rules and SIEM use cases to reduce false positives and enhance detection accuracy. Build automation scripts and workflows to improve efficiency in incident triage, correlation, and response. Collaborate with security engineers to integrate new data sources and tools into the SOC ecosystem. 4. Documentation and Reporting Maintain detailed and accurate documentation of incidents, investigations, and actions taken. Develop and update SOC standard operating procedures (SOPs) and playbooks. Prepare and present technical reports, dashboards, and metrics to senior management and stakeholders. 5. Mentorship and Leadership Mentor and guide SOC L1 and L2 analysts on technical skills and investigative processes. Provide training on new threats, tools, and techniques. Assist in evaluating and improving team workflows, processes, and overall SOC maturity. 6. Collaboration and Stakeholder Engagement Work closely with threat intelligence, vulnerability management, and risk teams to stay ahead of emerging threats. Communicate with IT, DevOps, and business units to coordinate responses and ensure secure configurations. Participate in red/blue team exercises and post-mortem reviews to enhance SOC readiness. Required Experience / Skills: Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black). Hands-on knowledge of packet capture analysis tools (e.g., Wireshark, tcpdump), forensic tools, and malware analysis tools. Familiarity with scripting or automation languages such as Python, PowerShell, or Bash. Deep understanding of networking protocols, OS internals (Windows/Linux), and security best practices. Familiar with frameworks such as MITRE ATT&CK, NIST, and the Cyber Kill Chain. Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 2+ years of Incident response Experience supporting 24x7x365 SOC operations and willing to operate in Shifts including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Expert in security incident response processes Required Certifications: Two of the following certifications are preferred: GIAC-GCIH Global Certified Incident Handler GIAC-GCFE - Global Information Assurance Certification Forensic Examiner GIAC-GCFA - Global Information Assurance Certification Forensic Analyst GIAC-GREM - GIAC Reverse Engineering Malware GIAC-GNFA - GIAC Network Forensic Analyst GIAC-GCTI - GIAC Cyber Threat Intelligence GIAC-GPen GIAC Certified Penetration Tester GIAC-GWAPT GIAC Certified Web Application Penetration Tester CEPT - Certified Expert Penetration Tester (CEPT) CASS - Certified Application Security Specialist (CASS) CWAPT - Certified Penetration Tester (CWAPT) CREA - Certified Reverse Engineering Analyst (CREA) Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support.

The Opportunity "This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering. What Youll Contribute Collaborate with the Cyber Security Team, business stakeholders, IT partners, and clients to manage and reduce cybersecurity risk. Act as a subject matter expert in vulnerability scanning, compliance monitoring, and risk reporting. Operate and optimize tools such as Wiz, Qualys, or similar for vulnerability scanning across cloud and on-prem environments. Validate, triage, and risk-rank vulnerabilities based on severity, exposure, and potential business impact. Drive remediation planning with Product and IT teams, and oversee patch management cycles. Contribute to threat & vulnerability management strategy, policy, and continuous process improvement. Conduct periodic risk assessments and develop mitigation strategies in line with compliance requirements. Monitor the evolving threat landscapeincluding zero-day exploits, vendor patches, EOL systemsand proactively update mitigation plans. Lead initiatives to improve configuration, cloud asset management, vulnerability and patch management practices. Provide documentation, reporting, and cross-functional collaboration support. What Were Seeking Bachelors degree in Computer Science, Information Security, or a related field (or equivalent work experience). 36 years of hands-on experience with cloud security tools such as Wiz, Qualys, or similar vulnerability scanning platforms. Strong understanding of AWS infrastructure and cloud security principles. Working knowledge of operating system and application-level vulnerabilities and how they relate. Familiarity with risk-based vulnerability management and compliance frameworks. CISSP, CISM or equivalent certifications preferred (or willingness to obtain). Ability to multitask, manage complex data sets, and collaborate with diverse teams. Knowledge of scripting languages (e.g., Python, Bash) is a plus. Demonstrated experience in cloud (especially AWS) patch and configuration management. Familiarity with malware behavior, indicators of compromise, and modern threat vectors. Strong documentation, analytical, and communication skills. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Learn more about how you can fulfil your potential at

Security Specialist Brennan. Where true performance thrives. At Brennan, we believe that how technology is delivered is every bit as important as what the technology is. We focus on creating real and relevant value for customers with solutions that fit their specific needs and always reflect their true interests. Its a claim backed by our True Performance System a way of working engineered to get us closer, and deliver better, for our customers and their actual experience of technology. Why join Brennan True performance for our customers starts with a true belief in our people. Its why weve structured our business to help our teams, and their talents, shine bright. It's why weve created a workplace where people of all backgrounds, beliefs and experiences are welcomed and empowered. And its why weve built an organisation where real innovation makes a genuine impact and generates true rewards for our team members. True rewards In addition to competitive remuneration, Brennan offers extensive benefits, including: Training and certification bonuses Culture Awards that recognize excellence Brennan Daredevils – our annual, all-expenses paid trip awarded to our top performers and outstanding contributors Vibrant, fun social activities. An environment that embraces learning and development The Role This is a new role within Brennan, and its primary purpose is to support the current CISO, Security Team, and IT Operations Team in ensuring that Brennan is able to deliver to internal and external stakeholders with a high level of operational efficiency and efficacy, with the required security posture. This role requires a person who brings a security-centric mindset to the team, to ensure that Brennan’s governance, protection and defense, detection and response activities are being executed consistently and in alignment with obligations. Role Responsibilities Governance: Ensuring that scheduled and periodic security hygiene activities are completed on time and to expectations, aligned with ISO27001 and NIST CSF frameworks. Protection & Defense: Ensuring that the suite of security platforms used within Brennan are maintained to design, updated to meet requirements, and delivering on objectives. Detection & Response: Working with Brennan’s own SOC and other monitoring teams to ensure that detections are triaged and handled with the required level of rigour and responsiveness This role requires a strong understanding of a broad range of IT and Security technologies, with the ability to work across teams to achieve desired outcomes. The role includes an element of “hands-on” activities and is well supported by a range of IT and Security teams who also operate the IT and OT systems within Brennan. In order to deliver the right security outcomes for Brennan the role requires an eye for detail, and a desire for continual improvement. It requires excellent written and verbal communication skills in order to build relationships across Brennan, which will enable you to be a trusted source for security advice within the business. Key Competencies and Qualifications required Maintenance and upkeep of key security technologies; Completion of scheduled and ad hoc security related tasks across the Brennan network; Reporting and assessment of security-related metrics and outcomes; Working with IT (including OT and Network Teams) on a day to day basis to ensure agreed and desired outcomes are met; Liaising with security and IT leadership to ensure that the security program is run to design and requirement; Maintaining a relationship with other internal teams to foster an open and transparent relationship; Responding to automatically detected and manually notified alerts, and working those incidents based on documented and understood incident response processes; Providing subject matter expertise to colleagues and projects outside of the immediate role; Participate in sharing knowledge with other Brennan team members including preparing and reviewing documentation for same. Brennan is an equal opportunity employer.

Dear Candidate, We are seeking a Security Operations Engineer to monitor, detect, investigate, and respond to security incidents and threats across systems and networks. Key Responsibilities: Monitor alerts and logs using SIEM tools (Splunk, QRadar, Sentinel). Analyze security incidents, conduct root cause analysis, and coordinate response. Support threat hunting and vulnerability assessments. Maintain and tune security tools (IDS/IPS, endpoint protection, firewalls). Document incident reports and provide remediation recommendations. Required Skills & Qualifications: Experience in a Security Operations Center (SOC) or similar role. Strong knowledge of cybersecurity concepts and incident response. Familiarity with EDR tools (CrowdStrike, Carbon Black) and log analysis. Scripting and automation skills for detection and response tasks. Security certifications such as CEH, CompTIA Security+, or GCIA are beneficial. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Roles and Responsibilities Conduct threat hunting activities to identify potential security threats and vulnerabilities. Analyze malware samples using various tools such as QRadar, Splunk, and ArcSight. Perform incident response duties including handling incidents, conducting root cause analysis, and implementing remediation measures. Monitor security event logs from multiple sources to detect anomalies and potential security breaches. Collaborate with other teams to develop threat intelligence reports and improve overall security posture. Desired Candidate Profile 7-12 years of experience in Security Operations Center (SOC) or related field. Strong understanding of incident response, threat analysis, threat intelligence gathering, log analysis, and security monitoring concepts. Proficiency in tools like QRadar, Splunk, ArcSight for malware analysis and incident response tasks.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : Security Architecture DesignMinimum 15 year(s) of experience is required Educational Qualification : Minimum 15 years of full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and providing guidance on security best practices and standards. Roles & Responsibilities:- Expected to be a SME with deep knowledge and experience.- Should have Influencing and Advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Collaborate with stakeholders to define security requirements and develop security architecture.- Design and implement security solutions to protect the organization's systems and data.- Conduct security assessments and audits to identify vulnerabilities and recommend remediation measures.- Develop and maintain security policies, standards, and procedures.- Provide guidance and support to development teams on secure coding practices.- Stay up-to-date with the latest security trends, threats, and technologies.- Conduct security awareness training for employees to promote a culture of security.- Assist in incident response and investigation activities.- Participate in security incident management and resolution.- Collaborate with external vendors and partners to ensure the security of third-party integrations.- Contribute to the development and improvement of security processes and controls. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls for cloud environments.- Knowledge of identity and access management (IAM) concepts and technologies.- Familiarity with security frameworks and standards such as ISO 27001 and NIST.- Experience with security assessment tools and techniques.- Excellent problem-solving and analytical skills. Additional Information:- The candidate should have a minimum of 15 years of experience in SailPoint IdentityIQ.- This position is based at our Bengaluru office.- A minimum of 15 years of full-time education is required. Qualification Minimum 15 years of full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Job Area: Engineering Group, Engineering Group > Systems Engineering General Summary: In this position you will join the team responsible for the security architecture of Qualcomm Snapdragon processors. The team works at a system level spanning across hardware, software and infrastructure while striving for industry-leading solutions. This team interacts with product management, customers (e.g., OEMs), partners, HW/SW engineering, and Services engineering teams to find the optimal Security solution. Snapdragon processors are utilized in a variety of devices, including mobile phones, laptops, automotive systems, and data centers, each with distinct security needs. These processors are engineered to address most of these requirements, encompassing a wide range of security technologies found in consumer electronics, such as Root of Trust, Integrated Secure Element, Virtualization, and Confidential Compute. Minimum Qualifications 10+ years industry experience in SoC Security encompassing both architecture and design 5+ years industry experience in Compute and/or Data Centre SoC Architecture Demonstrated expertise in Security Technologies (Root of Trust, TEE, Access Control, I/O Security) Proficient in Confidential Compute Architecture (RME, TDX, SEV-SNP, TDISP) Strong understanding of Security Software Architecture for Compute and Data Centers, with a focus on Secure Boot. Skilled in HW/SW threat analysis Strong capabilities in creating and presenting architecture-level documentation. Preferred Qualifications Proficient in isolation-related extensions, including TrustZone, Virtualization, and RME. Extensive knowledge of Server Platform security architecture covering lifecycle/debug management, provisioning, attestation/measurement. Expertise in Applied Cryptography and Protocols. Knowledgeable about Security Certification Processes and (such as OCP) Excellent communication and teamwork skills. Leadership and management experience at the project level Key Responsibilities Establish system security requirements (both hardware and software) for Server SoC focusing on functionality, performance, and security levels. Specify and review the architecture and implementation of System/SoC level security mechanisms. Conduct platform security threat analysis. Perform competitive analysis of security systems and features Explore future and roadmap server security-related technologies. Serve as the technical interface to product management and standards teams. Minimum Qualifications: Bachelors degree in engineering, Computer Science, or related field and 8+ years of Security Engineering or related work experience. ORMasters degree in engineering, Computer Science, or related field and 7+ years of Security Engineering or related work experience.ORPhD in Engineering, Computer Science, or related field and 6+ years of Security Engineering or related work experience. Note References to a particular number of years experience are for indicative purposes only. Applications from candidates with equivalent experience will be considered, provided that the candidate can demonstrate an ability to fulfill the principal duties of the role and possesses the required competencies. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 4+ years of Systems Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 3+ years of Systems Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 2+ years of Systems Engineering or related work experience.

Dear Candidate, We are seeking a Cybersecurity Analyst to detect, investigate, and prevent security threats across digital assets and systems. Key Responsibilities: Monitor and analyze security alerts, logs, and events. Perform threat intelligence, malware analysis, and incident response. Conduct vulnerability assessments and patch management. Support compliance and audit activities (ISO, NIST, GDPR). Educate staff on cybersecurity best practices and awareness. Required Skills & Qualifications: Experience with SIEM tools (Splunk, AlienVault, QRadar). Knowledge of firewalls, IDS/IPS, endpoint protection, and antivirus. Familiarity with scripting for automation and reporting. Strong analytical, investigative, and communication skills. Security certifications preferred (e.g., CompTIA Security+, SOC Analyst, CISSP). Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Hi , We are hiring for the ITES Company for Carbon Black Role. Overview The Carbon Black Specialist is responsible for supporting and managing Carbon Black security products, with experience and certification in one or more Carbon Black solutions. This role involves independently working with customers through virtual platforms like Webex, providing expert training, mentoring, and exceptional customer service. The Carbon Black Cyber Security professional specializes in deploying, managing, and optimizing Carbon Black endpoint security solutions to protect organizations from cyber threats. Their responsibilities include monitoring security alerts, analyzing threats, and responding to incidents to ensure robust endpoint protection. Attention to detail, professionalism, and adaptability are key, with analysis, debugging, and programming in the enterprise security domain. Key Skills : Any Graduate Minimum 2 years of experience working with all Carbon Black products. Deeper knowledge with at least one of the Carbon Black products Familiarity with analysis and debugging skill a plus Programming experience a plus To Apply, WhatsApp 'Hi' @ 9151555419 Follow the Steps Below: >Click on Start option to Apply and fill the details >Select the location as Other ( to get multiple location option ) a) To Apply for above Job Role ( Chennai ) Type : Job Code # 274 Job description: Minimum 2 years of experience working with all Carbon Black products. Deeper knowledge with at least one of the Carbon Black products Certification obtained on the product(s) of expertise Ability and motivation to work with customers independently via Webex Excellent training and mentoring skills Team motivator who currently serves as an example for their team mates Consistently exceeds personal goal expectations Certification in the enterprise security space Good time management skills and ability to multi task Adaptable, professional, courteous, motivated and works well on their own or as a member of a team Excellent Customer Service skills and a demonstrated success exceeding customer expectations Strong communication (verbal and written) and customer handling skills Strong attention to detail and focus on producing quality work products and results Familiarity with analysis and debugging skill a plus Programming experience a plus

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills. Additional Information:Work as part of analysis team that works 24x7 on a rotational shift The candidate should have minimum 2 years of experience This position is based at our Chennai office.Minimum a bachelors or a masters degree in addition to regular 15- year full time educationAdaptability to accept change Qualification 15 years full time education

Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities.

Job Description: At least 10 years of experience in Information Security operations & management with hand on experience in large security operations center using IBM QRadar/Splunk/ArcSight or similar SIEM tool. Manage network, endpoints and forensics initiatives, malware triage and cyber security incident response Managing Cyber Security Services engagements and engagement teams Recognizing common attacker tools, tactics, and procedures Providing oversight for on-site examinations and collections and technology advisory services to enhance forensic client engagements Researching and developing new digital forensics scripts, tools, and methodologies Assessing and troubleshooting a variety of technical issues and support a cyber response lab on our clients SIEM tool and UEBA platform Assist in conducting peer reviews and providing quality assurance reviews for junior personnel and will support the mentoring of junior incident managers and provide guidance to others on incident management prioritization, triage and report writing in support of onsite engagements. Guiding the team to Monitor, identify and investigate the security alerts and perform incident response activities related to cybersecurity incidents Creates new trouble tickets for alerts that signal an incident and require Tier 2 / Incident Response review Respond to cybersecurity incidents, conduct threat analysis as directed and address detected incidents for resolution Should be able do multitasking to coordinate incident with Sr analyst and escalation manager Recommend enhancements to SOC security process, Operations efficiencies. Create Incident response (IR) plan, IR play books, manage all incidents and crisis situations. Log Analysis, handle, resolve security incidents. Collaborate with respective tracks/technical team for remediation of the incident. Periodical review of incident response plan and procedures. Recommend and document specific countermeasures and mitigating controls Develop comprehensive and accurate reports and presentations for both technical and executive audiences Preferred Skills: Strong knowledge of cyber-attacks and techniques, Cyber Kill chain, incident management best practices. A high-level understanding of multi-tiered applications and various network and security devices/protocols Knowledge of various operating system flavour including but not limited to Windows, Linux, Unix Proficient in preparation of reports and documentation. Knowledge of Cyber-criminal techniques, Compliance, and regulatory standards. Excellent verbal and written communication skills.

Job Description: Conduct email analysis and reverse engineer to identify and mitigate threats. Perform static and dynamic analysis Analyze network traffic and develop heuristic signatures to detect malicious activities. Investigate security incidents, including data breaches, system intrusions, and policy violations. Collaborate with cross-functional teams to improve detection capabilities and response. Develop and implement incident response plans and coordinate incident investigations. Classify, Maintain and update real-time block lists and URL block lists. Write and review regular expressions for phish, spam and fraud detection. Perform URL and email grading to assess and categorize potential threats. Engage in security response activities to address and resolve security incidents. Conduct threat hunting to proactively identify and address potential detection gaps.

As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources.

SOC Analyst 5+ Years of exp in SOC, and should have exp with Azure/AWS cloud. Exp in Remediation and "Defender for Cloud " is a must. About the role As a SOC Analyst L3, you will play a critical role in strengthening our organization's security posture through proactive threat detection and response. You will monitor system and network activity for any dangers or weaknesses and delve into the details of potential security incidents. Along the way, you will get to: Incident Analysis: Analyze security notifications to identify potential security issues and evaluate their impact and severity. Incident Response: Oversee the response to verified security incidents, including containment measures and investigation. Threat and Vulnerability Analysis: Investigate, document, and report on information security issues and emerging trends. Adjust Security Tools and Processes: Fine-tune security tools and processes to improve the organization's overall security posture. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. What were looking for Technical Proficiency: In-depth knowledge of security protocols, techniques, and technologies. Analytical Skills: Ability to analyze system performance and troubleshoot complex security issues. Communication: Effective communication skills to interact with team members and stakeholders. What you can expect Were legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another locationeven an international destination—for up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Today's talent leads tomorrow's success. Learn more about Insight: https://www.linkedin.com/company/insight/

Job Title Cybersecurity Lead Incident Management Network Security Signature Writing Job Summary The Cybersecurity Lead will manage the Incident Management Network Security Signature Writing team This role involves overseeing incident response and signature development direct stakeholder management team management and project management The ideal candidate will have a strong background in cybersecurity incident response and network security with excellent communication and leadership skills Key Responsibilities Incident Monitoring and Response Monitor security alerts and incidents respond promptly and escalate as needed Threat Analysis and Detection Investigate security incidents develop detection rules and signatures Signature Development Create signatures for vulnerabilities and perform vulnerability hunting Tool Management Deploy configure and manage NDR tools Alert Tuning and Optimization Optimize alerts to reduce false positives Reporting and Documentation Document and report on security incidents Research and Development Stay updated with cybersecurity trends and improve detection capabilities Stakeholder Management Engage with stakeholders and manage escalated issues Team Management Lead and support the team Project Management Oversee projects related to incident response and signature development Preferred Skills Experience with Microsoft Defender or similar endpoint protection solutions Strong understanding of endpoint and network security threat detection and response Proficiency with SIEM platforms and scripting languages Knowledge of network protocols firewall rules and intrusion detection prevention systems Familiarity with advanced persistent threats threat hunting and incident response frameworks Understanding of IPSIDS signatures and Rapid7 recog signatures Good to have malware and threat analysis and CVE hunting This role operates within a 24x7x365 environment requiring flexibility for shifts holidays and on call responsibilities.

Role & responsibilities Cyber Threat Intelligence Operating System-Understanding of how different system work, especially windows, Linux, MacOS. Programming Languages: Java, Python (Basic Understanding needed) Malware Analysis Techniques: Static & Dynamic analysis, code analysis, behavioral analysis, forensic analysis. Malware Analysis Tools: Need to have proficiency in using various malware analysis tools Static Analysis- CFF Explorer, PEiD, PEStudio, Stings, FLoss, ExeInfo PE, SSDEEP Dynamic Analysis Tools: Process Monitor, Process, Process Hacker, Sysmon, Autoruns, Regshot Reverse Engineering Tools: IDA Pro, Ghidra Analyzing Suspicious Files / Sandboxing by using :Virus Total, Hybrid Analysis , Cuckoo , Any.run , Intezer, Joe Sandbox Network Tool: Wireshark, InetSim. Malware Mitigation strategies: Have knowledge of various malware mitigation strategies such as preventation, detection removal , recovery and response. Good understanding on MITRE framework(TTP, IOC ,Threat Actor). Cyber kill chain, Dark web Analysis Should be able to setup the malware analysis lab with minimum support Threat Analysis- Analyze threat data from various sources to identify trends, tactics, techniques, and procedures (TTPs) used by cyber adversaries. Incident Response: Collaborate with the incident response team to provide intelligence support during security incidents. Reporting: Prepare and present intelligence reports to stakeholders, highlighting significant threats and recommended actions. Research: Conduct research on emerging threats, vulnerabilities, and security trends to inform strategic decisions. Collaboration: Work with internal teams and external partners to share intelligence and improve threat detection capabilities. Tool Utilization: Use threat intelligence platforms and tools to gather, analyze, and disseminate threat information-MISP, Threat Connect, Cyble , Anomali Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or GIAC Cyber Threat Intelligence (GCTI) are preferred. Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL-210438

Job Title: Senior Security Analyst Threat Hunting & Incident Response Location: Bangalore (Rotational Shifts) Mode of work- 5 days WFO Experience: 8+ Years Job Type: Full-time Job Description: We are looking for a highly skilled and experienced Senior Security Analyst to join our client's Cybersecurity team. This role involves leading incident response activities, performing proactive threat hunting, and enhancing our overall security posture through innovative detection strategies and forensic investigations. Key Responsibilities: Lead end-to-end security incident response, including analysis, containment, mitigation, and reporting. Design and implement detective controls for emerging threats and vulnerabilities. Perform proactive threat hunting across multiple platforms and environments. Continuously enhance SIEM/SOAR/XDR alert use cases and threat detection capabilities. Research emerging threats, vulnerabilities, and attack techniques to improve defenses. Participate in a 24/7 on-call rotation to support incident response and critical investigations. Document incident response activities and produce detailed reports for stakeholders. Conduct post-incident reviews to drive improvements in tools, processes, and readiness. Collaborate across teams to improve the organization’s threat detection and response maturity. Required Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or related field. Minimum 8 years of experience in Security Operations, Incident Response, or Threat Detection. Strong experience with threat hunting methodologies and frameworks. Hands-on expertise with tools such as SIEM, SOAR, XDR (e.g., Cortex XSIAM, Torq). Working knowledge of MITRE ATT&CK , NIST frameworks, and cyber kill chain concepts. Preferred Skills & Experience: Strong understanding of network and endpoint security, defense-in-depth, and current threat trends. Experience with cloud security (AWS, Azure, GCP) and public cloud defense techniques . Exposure to Endpoint Detection & Response (EDR) tools, forensic analysis, and log correlation. Proficiency in scripting languages (e.g., Python, PowerShell ) for automation and analysis. Relevant certifications such as CISSP, GIAC (GCIA, GCIH, GCFA), CEH are a plus. Strong analytical mindset with the ability to assess risk and prioritize response. Excellent written and verbal communication skills.

Responsibilities: Monitor systems, respond to incidents. Collaborate with teams on threat management strategies. Manage access control & encryption. Maintain compliance standards. Conduct regular security assessments. Office cab/shuttle Food allowance Health insurance Provident fund

Title: Security Analyst (SOC & EDR) Location: Gurgaon, India Type: Hybrid (work from office) Job Description Who We Are: Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries. Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners. FAREPORTAL HIGHLIGHTS: Fareportal is the number 1 privately held online travel company in flight volume. Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide. 2019 annual sales exceeded $5 billion. Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites. Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City. Job Overview We are seeking a proactive and knowledgeable Security Analyst to join our Information Security Operations (SecOps) team . This role will focus on SOC monitoring and Endpoint Detection and Response (EDR) using SentinelOne . The ideal candidate should have solid experience in threat monitoring, incident response, and SentinelOne tool handling. Key Responsibilities: Monitor and respond to SOC alerts and security incidents in real time. Analyze logs and alerts from SIEM and SentinelOne EDR platforms. Perform incident triage , escalation, and coordination with internal teams. Troubleshoot SentinelOne-related issues , including error resolution, agent communication, and performance problems. Understand and manage SentinelOne policies , ensure proper deployment, and make necessary adjustments for better coverage. Quickly identify the root cause of issues related to endpoint protection and take corrective actions. Coordinate with the IT team for issue resolution and endpoint remediation. Collaborate with teams to reduce false positives and improve alert accuracy. Maintain incident documentation , reports, and operational dashboards. Support in threat hunting , vulnerability detection, and other BAU (Business As Usual) security tasks. Required Skills & Qualification: Bachelors/Masters Degree in Computer Science, Information Systems, Engineering. 24 years of experience in SOC operations and endpoint security monitoring. Hands-on experience with SentinelOne EDR , including troubleshooting and policy management. Good knowledge of cybersecurity threats, incident response processes, and log analysis. Ability to investigate and resolve SentinelOne alerts and agent-related errors effectively. Experience working with SIEM tools (like Splunk, Qradar, etc.). Strong understanding of false positive tuning and threat detection improvement. Basic scripting knowledge (PowerShell, Python) is a plus. Good communication and analytical skills. Preferred Skills & Qualifications: CEH , CompTIA Security+ , or any other relevant security certification. Disclaimer This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Companys sole discretion, with or without notice.

Client Server Tech is looking for System Security / Engineer to join our dynamic team and embark on a rewarding career journey. Develop and implement system security strategies and solutions. Monitor and analyze security incidents and threats. Conduct incident response and investigation. Collaborate with cross-functional teams on security projects. Ensure compliance with security standards and regulations. Provide training and support on security best practices.

Certbar Security is looking for Junior SOC Analyst to join our dynamic team and embark on a rewarding career journey. Monitor and analyze security events and incidents, identifying and investigating potential threats Maintain the security of our network and systems by implementing security controls and best practices Work closely with the rest of the security team to ensure that our systems and networks are secure and compliant with industry standards Maintain accurate documentation and reports on security events and incidents Communicate effectively with team members and other stakeholders to ensure that security issues are addressed in a timely and effective manner Stay up to date with the latest security technologies and threats

locationsBangalore, Indiaposted onPosted 10 Days Ago job requisition id30684 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity "This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering. What Youll Contribute Detect, identify, and analyze vulnerabilities across FICO environment. Assess the risk of vulnerabilities detected to determine true impact. Support stakeholders as a SME to understand technical details of vulnerabilities and steps to carry out remediation. Coordinate with stakeholders to track issues remediation until closure. Act as a SME for new projects in terms of vulnerability management lifecycle. Manage, maintain, and tune tools used to support the VM process. Update yourself with the latest security and technology developments. What Were Seeking Experience in a similar role such as vulnerability management specialist. Experience with Qualys or other security vulnerability detection technology required. Demonstrates subject-matter expert level understanding in multiple IT, Security and Software disciplines. Ability to understand the cause and effect of application vulnerabilities with Operating System Vulnerabilities. Must be able to multi-task and keep track of large amounts of information across disparate systems. Ability to keep making progress and define future strategy/policy with regards to Enterprise. Adherent to continuous monitoring and continuous improvement thought process. Demonstrated technical IT skills, ability to understand and manage different OS flavors, network technologies and topologies. Demonstrated technical security expertise in a variety of cloud platforms (AWS is preferred). Comfortable interfacing with other internal or external organizations regarding problems that must be addressed to enhance security posture. Ability to effectively translate and present solutions in business or management terms. Ability to work effectively in a team environment. Knowledge of Python scripting or other languages is nice to have. Moderate documentation and analytical skills; documenting processes, policies, and standards. Moderate ability to provide end-to-end support to enterprise counterparts, identifying root- cause of complex enterprise initiatives. Moderate trouble shooting skills across complex enterprise applications, server, and endpoint environments. Moderate ability to learn onboard and adapt to new technologies. Basic privileged access management/right management experience, designing solutions based on least privilege. Basic knowledge of malware operation, indicators or threat. Moderate knowledge of current threat landscape Entry Cybersecurity certifications, such as CompTIA Security +, GIAC Security Fundamentals, GIAC Security Essentials, ISC2 Associate, ISACA Cybersecurity Fundamentals are nice to have. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at