153 Threat Intelligence Jobs

Overview The Information Security Assessment Lead is responsible for safeguarding PepsiCo's digital assets by assessing the cyber risk and compliance of new and changing systems against information security requirements and managing risks associated with IT and Information Security systems throughout the project lifecycle. The ISA Lead will collaborate with various security teams and businesses to facilitate compliance with Information Security standards, provide technical guidance for key strategic initiatives, and drive the secure delivery of technology solutions within PepsiCo. The role heavily focuses on security risk-based assessments, and data-driven decision-making and automation. Responsibilities Security Design ExpertiseProven track record in assessing security designs, including data flow diagrams, architectural blueprints, low-level designs, networking diagrams, authentication mechanisms, and authorization schemes. Must demonstrate experience in aligning these designs with industry standards such as NIST 800-53, ISO 27002, CIS, and OWASP to ensure robust security postures. Skilled at identifying potential security gaps and implementing best practices to fortify system architectures against emerging threats. Familiarity with the latest security tools and technologies, as well as experience in integrating security measures into complex IT environments, is essential. Compliance AssessmentAssess new and changing application designs and requirements to ensure compliance with PepsiCo information security standards. Risk CommunicationIdentify, quantify, and communicate technology risks impacting the business, recommending resolutions and identifying root causes. Explain scan results (infrastructure, applications, databases) and pen testing results to stakeholders. Threat ModelingUtilize expert knowledge in threat modeling techniques and methodologies to proactively identify, assess, and prioritize security risks, enabling the organization to implement targeted mitigation strategies and maintain a robust information security posture. Project Lifecycle ReviewsReview IT and Information Security systems throughout the project lifecycle, identifying risks and security requirements, and recommending paths to eliminate identified risks and implement compensating controls. Automated Risk AssessmentsConduct risk-based assessments using automated tools and techniques to prioritize and address security risks. Collaboration and EducationCollaborate with various IT and Business teams to ensure they are knowledgeable about Information Security processes and requirements, influencing them to eliminate or reduce risks. ServiceNow UtilizationExperience using ServiceNow to gather necessary information and data, automating security assessment processes to enhance efficiency and effectiveness. Metrics Management and ReportingManage operational metrics related to the ISA and GRC processes, utilizing Power BI for advanced reporting, tracking project progress, and developing corrective action plans. Process Improvement and Proactive SecurityGovern Information Security services from the ISA, tracking process metrics, identifying issues, and driving process improvement initiatives. Stay updated with threat intelligence, leverage Azure and cloud security knowledge, and implement Agile and DevSecOps methodologies to integrate security into the development process. Qualifications A minimum of 8 years of experience in Information Security, IT Risk Management, or a similar role. Mandatory Technical Skills: In-depth technical experience and knowledge of infrastructure technologies, networks, web, computing, cloud services, manufacturing equipment, mobile devices, and information (cyber) security. Strong understanding of information security frameworks, regulations, and standards such as NIST 800-53, CIS, and ISO 27002. Proficient in ServiceNow, with the ability to leverage its modules for information gathering, data analysis, and automation of the ISA service. Experience in threat modeling and applying threat modeling methodologies in previous roles. Proficient in Power BI for developing reports and dashboards to support data-driven decision-making. Strong skills in developing ad hoc reports and managing metrics. Knowledge of Azure and general cloud security principles. Ability to read and explain scan (infrastructure, applications, databases) and pen testing results to technical and non-technical stakeholders, guiding them on risk and vulnerability remediation. Mandatory Non-Technical Skills: Proficient in influencing and educating stakeholders on security best practices and policies, ensuring understanding and adherence to security standards. Established a reputation as a trusted adviser, providing expert guidance on information security matters. Strong presence to represent PepsiCo Information Security in complex situations with business and IT partners. Ability to collaborate with various stakeholders, including business units and product managers.

Description The Security Engineer II develops, enhances, and maintains applications that support automated information security processes, vulnerability management, threat intelligence, and compliance enforcement, with supervision, to advance CMEG information security capabilities. The incumbent should have knowledge of the Java programming language and a basic knowledge of information security tooling and automation. They should have some ability to work independently and as part of a team and also have good written and oral communication skills. Security Engineer II Designs, develops, tests, and maintains Java-based systems supporting security tools and platforms, with supervision. Develops, tests, and maintains integrations with third-party security, collaboration, and ITSM tools such as Qualys, Google Container Analysis, Jira, Archer, Remedy, and Service Now, with supervision. Writes automation supporting vulnerability management and sensitive data remediation workflows, with supervision. Uses best practices when developing solutions. Writes unit tests with minimal supervision. Follows secure coding practices. Principle Accountabilities Improves effectiveness of the vulnerability management program through automation. Ensures timely and accurate execution of automated security tasks. Collaborates with more senior team members to continuously identify automation opportunities and implement solutions. Defines simple problems. Gathers and compares data about problems and documents the details to assist more senior engineers. Exhibits basic proficiency with programming language, can write code and tests with guidance Skills & Software Requirements Java experience (1-3 years) Basic knowledge of Linux environments and shell scripting Familiarity with issue tracking systems ( eq. Jira) Nice to Have Experience with security tooling and automation Familiarity with containerization and cloud platforms Basic knowledge of SQL commands and programming with databases Scripting language experience (Python, Perl, Powershell, 1-3 years) Familiarity with REST and JSON Familiarity with secure coding practices and basic security concepts

As an Incident Response Consultant, you will be responsible for providing expert consultation to clients on incident response strategies. Your primary focus will be to ensure swift containment, eradication, and recovery from cybersecurity incidents such as ransomware and data breaches. You will also be tasked with developing customized incident response plans and playbooks tailored to meet the specific needs of client organizations. In the realm of Digital Forensics Services, you will conduct forensic investigations to identify the root cause of incidents, assess damage, and gather evidence for legal or compliance purposes. Leveraging advanced forensic tools and techniques, you will analyze compromised systems and networks to determine the extent of the breach and provide valuable insights to the clients. Client Engagement and Relationship Management will be a crucial aspect of your role, where you will act as a trusted advisor to clients by offering insights and recommendations to enhance their cybersecurity posture. Building and maintaining strong client relationships will be essential to ensure long-term engagement and satisfaction. Your responsibilities will also include collaborating with clients to integrate threat intelligence into their cybersecurity strategies. By proactively identifying vulnerabilities and recommending mitigation measures, you will play a vital role in preventing future incidents and enhancing the overall security posture of the clients. Ensuring client adherence to regulatory and industry compliance standards during incident handling and reporting will be part of your Compliance and Reporting duties. You will be expected to deliver comprehensive post-incident reports that include lessons learned and actionable recommendations for improvement. In the realm of Training and Awareness, you will design and deliver training programs aimed at enhancing clients" incident response readiness and forensic capabilities. Conducting tabletop exercises, drills, and simulations will be part of your efforts to prepare clients for potential cybersecurity incidents. To qualify for this role, you should hold a Bachelor's degree in Cybersecurity, Computer Science, or related fields, with advanced certifications such as GCFA, GCIH, or CISA being preferred. You should have at least 15 years of experience in digital forensics, incident response, and client-facing consulting roles. Expertise in forensic tools, incident response frameworks, and threat intelligence platforms is essential. Moreover, you should have demonstrated experience in leading multiple complex real-life cybersecurity post-incidence recovery efforts. Exceptional analytical, communication, and client management skills are required, along with an in-depth understanding of OT/IT environments, regulatory requirements, and industry best practices.,

As a Cyber Security Specialist, you will play a critical role in safeguarding our organization's digital assets, focusing on Cyber Threat Intelligence Services to identify and mitigate potential threats. Your expertise in Cyber Security and Cloud, along with experience in CrowdStrike, will be essential in ensuring the security of our systems. This hybrid role offers flexibility in working remotely and on-site during day shifts. You will lead the development and implementation of advanced cyber threat intelligence strategies to protect organizational assets, overseeing the monitoring and analysis of security threats using CrowdStrike and other advanced tools. Providing expert guidance on cloud security best practices, you will collaborate with cross-functional teams to design and implement robust security architectures. Your responsibilities will include conducting regular security assessments and audits, developing and maintaining incident response plans, coordinating with external partners to enhance threat intelligence capabilities, and implementing security policies and procedures to comply with industry standards and regulations. You will also analyze security incidents, provide detailed reports to senior management, train and mentor junior security team members, and stay updated with the latest cyber security trends and technologies. To qualify for this role, you must possess a deep understanding of cyber threat intelligence services and their application in a corporate environment, demonstrate proficiency in using CrowdStrike for threat detection and response, exhibit strong knowledge of cloud security principles and practices, and have a proven track record of conducting security assessments and audits. Additionally, you should show experience in developing and implementing incident response plans, display excellent communication skills for effective collaboration with cross-functional teams, and hold a relevant degree in Cyber Security, Information Technology, or a related field. Certifications Required: - Certified Information Systems Security Professional (CISSP) - Certified Cloud Security Professional (CCSP),

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-5 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Threat Intelligence Analyst 5 years of relevant industry experience in cyber security. Good knowledge of Splunk Search Processing Language (SPL) for rule and content development for alerting, metrics, and/or reporting. Good knowledge of Microsoft Defender for rule and content development for alerting, metrics, and/or reporting. Understanding of Data Lake platform, ability to write detection rules by using SQL Good understanding of security threats across multiple platforms/environments (e.g., Windows/*nix/Cloud/Mainframe). Good knowledge of Cloud and Container security and in developing security content to detect threats across these (various cloud and container) platforms and/or technologies. Good Scripting Knowledge (bash / Python / SQL DBs / API’s). Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response and forensics; Development of security tools, automation or frameworks. Good to Have Developer or DevOps experience in AWS and/or Azure. Previous experience in Linux/Windows administration & automation. Previous experience as DevOps or DevSecOps is highly beneficial. Previous experience in Splunk App development is highly beneficial

Responsibilities: Deliver structured training sessions (online or in-person) based on the provided 4-month CEH-aligned syllabus Teach tools such as Nmap, Burp Suite, Metasploit, Wireshark, SQLMap, John the Ripper, Aircrack-ng, etc.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:1)Design and implement Microsoft Sentinel architecture, including data connectors, analytics rules, and workbooks.2)Integrate Sentinel with various data sources, including Azure services on-premises systems, and third-party security products.3)Develop and maintain data connectors, APIs and custom integrations.4)Configure and optimize incident response workflows, including automated response actions and playbooks.5)Collaborate with security operations teams to implement Sentinel-based security monitoring and incident response processes.6)Provide training and support to security teams on Sentinel features and functionality7)Continuously monitor and optimize Sentinel performance, scalability, and reliability8)Develop and maintain custom dashboards, reports, and workbooks to provide security insights and metrics. 9)Integrate Azure Logic Apps with Azure Sentinel to automate security workflows and incident response.10)Develop custom connectors for Logic apps to integrate with Azure Sentinel and other security tools. 11)Collaborate with security teams, developers, and operation teams to ensure seamless integration and deployment of Logic Apps with Azure Sentinel12)Configure and maintain Sentinel workspaces, including data connectors, analytics rules. 13)Optimize Sentinel workspace performance, scalability, and security.14)Develop and maintain reports and dashboards to provide visibility into security metrics and trends.15)Strong knowledge of KQL and experience writing complex queries.- Proficiency in Microsoft Sentinel, Azure Security Center and Azure Monitor- Experience with data analytics, machine learning, and threat intelligence. Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Azure Sentinel & KQL.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with security compliance frameworks such as ISO 27001, NIST, or CIS.- Knowledge of automation tools and scripting languages to enhance security operations. Additional Information:- The candidate should have minimum 5 years of experience in Security Operation Automation.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Dear Candidate, We at TATA Technologies looking for an experienced candidate for Threat Intelligence lead role for Pune location. Please check the below JD, if matches to your profile please share your resume on nikhil.rajuagale@tatatechnologies.com Job Title: Threat Intelligence Total Experience: 6-8 Years Location: Pune Notice Period : Immediate -30 Days Key Responsibilities: Real-time Security Monitoring: Continuously monitor security tools, systems, and network traffic for suspicious activity and potential threats. Threat Detection and Analysis: Identify potential security breaches by analyzing logs, network traffic, and data for anomalous patterns. Incident Response: Investigate and respond to security incidents, taking necessary step s to contain and mitigate damage. Collaboration and Communication: Work with other teams to address security concerns, share information, and implement preventative measures. Vulnerability Assessment: Identify anRd report vulnerabilities in systems and applications, recommending solutions for remediation. Staying Up to Date: Keep abreast of the latest cybersecurity threats, trends, and solutions. Essential Skills: Strong understanding of network security, operating systems, security tools (SIEM, ID S/IPS, etc.), and scripting/automation. Analytical and Problem-Solving Skills: Ability to analyze data, identify patterns, and develop solutions to security problems. Communication Skills: Ability to clearly communicate technical information to both technical and non-technical audiences. Communication and Interpersonal Skills: Ability to collaborate effectively with other teams and stakeholders. Incident Response and Forensics: Knowledge of incident response procedures, forensic analysis, and reporting.

As a key member of the team reporting to the RingCentral CISO, you will collaborate closely with local leadership to lead and orchestrate day-to-day tasks and business initiatives. Your primary responsibility will be to oversee and lead the local Security Operations, Compliance, Application Security, and Trust teams in India. Your role will involve developing and implementing security policies and procedures to safeguard the organization's data and systems effectively. You will lead security teams and coordinate efforts across various departments in multiple regions, ensuring compliance with relevant global and in-country regulations and standards. Additionally, you will drive vendor risk management, customer trust programs, and oversee security operations-related programs like incident response, vulnerability management, and threat intelligence. Furthermore, you will be responsible for maintaining solutions for firewalls, WAFs, IDS/IPS, and endpoint security infrastructure. Your role will also involve leading security engineering efforts to design and implement secure systems and applications. Regular security assessments and audits will be conducted under your guidance to identify and mitigate risks effectively. You will also formulate data discovery techniques for structured and unstructured data in collaboration with engineering teams. To be successful in this role, you should hold a Bachelor's degree or an Advanced Degree in Computer Science, Information Technology, Cybersecurity, or possess relevant technical security certifications such as SANS. You must have a minimum of 15 years of extensive experience in IT and cybersecurity roles, demonstrating a proven track record in managing security teams and projects. Possession of security certifications like CISSP, CISM, CISA, CCSP, OSCP, CEH, etc., will be advantageous. You should have an in-depth understanding of cybersecurity principles and best practices, along with experience in compliance frameworks such as ISO 27001, NIST, and GDPR. Strong technical skills in areas like network security, application security, data protection, and security architecture are essential. Proficiency in risk management, supply chain security, and incident response is required. Your leadership and management skills will be crucial in effectively leading security teams and projects. Excellent communication skills are necessary for interacting with stakeholders, customers, and auditors at all levels. Analytical and problem-solving abilities will help you identify and address security challenges efficiently.,

As a Security Incident Response Analyst at our organization, you will play a crucial role in safeguarding our systems and data from potential security threats. Your responsibilities will include: - Incident Assessment and Response: You will be responsible for analyzing and responding to security alerts and incidents promptly. Your focus will be on ensuring efficient containment, eradication, and recovery measures. It will be vital for you to document and report your findings accurately to enhance our overall security posture. - Communication and Coordination: You will act as the primary point of contact during security incidents, providing clear and concise communication to stakeholders. Your role will involve preparing detailed incident reports and coordinating effectively with SOC analysts, IT teams, and third-party vendors. Additionally, you will be involved in continuous improvement efforts by participating in post-incident reviews, developing detections, playbooks, and SOPs. Identifying security control gaps and recommending improvements will also be a part of your responsibilities. Furthermore, you will conduct training sessions for SOC team members and stakeholders to enhance their awareness and skills. - Threat Intelligence and Monitoring: Monitoring threat intelligence feeds to identify emerging threats and vulnerabilities will be a critical aspect of your role. You will be expected to proactively hunt for indicators of compromise (IOCs) to stay ahead of potential security risks. To qualify for this role, you should have: - A Bachelor's degree in Computer Science, Information Security, or a related field. - At least 1 year of experience in cybersecurity and threat intelligence. - Proven experience in a security operations role with strong incident response and threat intelligence skills. - Excellent communication and coordination skills. - Ability to work effectively under pressure and manage multiple incidents simultaneously. Please note that the benefits and perks associated with this position may vary depending on the nature of your employment with our organization and the country where you work.,

- We are seeking an experienced Incident Response Lead to oversee and manage security incidents across the organization. - This role involves leading a team of 34 analysts, coordinating investigations, containment, recovery efforts and driving continuous improvements in our incident response processes and threat detection capabilities. Preferred candidate profile - Candidate should have 5-7 years in cybersecurity roles, with at least 3-4 years in incident detection and response and 2-3 years in team leadership or project management. - Translate technical issues for non-technical stakeholders. - Strong communication skills to report to senior management as well as mentor juniors and assign roles. - Skills in decision-making, problem-solving, and prioritization during incident handling. - Capability to develop and update incident response plans and playbooks. - Familiarity with cross-functional collaboration (IT, legal, HR, management)

IR Lead to oversee & manage security incidents. The role involves training and leading a team, coordinating investigations, containment, recovery & driving continuous improvements in our incident response processes and threat detection capabilities. Required Candidate profile Candidate should have 5-7 years in cybersecurity roles, with at least 3-4 years in incident detection and response and 2-3 years in team leadership or project management.

You will be providing tier two operational support and leading team efforts in resolving incidents and outages for information security technology and its dependencies on Public and Private Cloud computing environments, shared platforms, and operating systems for more than three of the following technologies: Malware Analysis, SIEM (Splunk), Software-defined (Cloud) Network Security, Endpoint Security Protection, and Data Loss Prevention. Your responsibilities will include ensuring the team's adherence to SOPs, providing training and performance monitoring for team members, and focusing on continuous process improvement for efficiency, including automation wherever applicable. You will also be conducting recurring assessments of all key SOC workflows to identify process deficiencies and improvement opportunities for staff. Additionally, you will be partnering with other technology teams to handle and respond to internal customer issues, conducting problem analysis, providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards. You will execute daily security technology administration functions, perform Root Cause Analysis (RCA) on applicable technology, and validate the quality of dashboards and alerts to suggest updates reflecting new threats and changes in the monitored environment. Furthermore, you will be supporting the Security Operations team in various technology projects and operational initiatives, working as part of a team to ensure that Guardian customers" data, technology platforms, and infrastructure are available and safeguarded from cyber threats. You will follow ITIL practices regarding incident, problem, and change management and stay up to date with emerging cyber threats, industry best practices, and applicable regulatory requirements. Required qualifications for this role include being curious and having a desire to analyze anomalies, a passion for learning and growing in Cybersecurity, a customer-focused demeanor, and a minimum of 3 years of proven experience in building and operating security controls in at least two of the specified domains. You should also have an understanding of security architecture, operating and troubleshooting principles of Microsoft Windows and Linux operating systems, as well as experience in SIEM management, endpoint security, security incident handling, data loss prevention, and threat intelligence. Preferred qualifications include recognized Security Industry and Public Cloud IaaS certifications, familiarity with security industry standards and best practices, and experience with ITIL and incident, problem, change, and risk management. This position can be based in Chennai or Gurgaon.,

Meet the Team The Security Operations Center (SOC) Security Investigator is responsible for investigating and responding to security issues within customer environments. Cisco Managed Security Services is looking for a Security Investigator who can analyze security events generated from network analytics, endpoint protection, and other security suites to determine the severity and outcome of any threats detected. The Security Investigator will provide remediation actions to the client based on the impact of these threats up to and including taking proactive responses for high priority events. You must be able to accurately identify and prioritize events, translate technical solutions for an audience of varying technical knowledge, and make customer impacting recommendations with the goal of ensuring customer satisfaction. l> Your Impact Take ownership of and conduct in-depth investigations into security events Document security investigations in a clear and concise manner Ensure that incoming client requests are addressed and worked in a timely manner Assist clients to address security incidents in an expedited manner Proactively hunt for suspicious or malicious activity not detected via automated alerts Work as a member of a team to prioritize incoming automated security events based on the impact and urgency of the events Provide knowledge sharing with the rest of the team Utilize threat intelligence to enrich and qualify security events Maintain knowledge of new tactics, techniques and procedures (TTP) in customer verticals Identify processes and procedures that are candidates for automation Minimum Qualifications Relevant degree in a technical field (Computer Science / Computer Engineering / Cybersecurity / Computer Networking) or related discipline with 9+ years equivalent experience Familiarity with incident handling, incident response frameworks, guidelines, and best practices (NIST, ISO, etc.) Passion for IT Security and staying up-to-date with current TTP's Experience with threat intelligence and open source threat intelligence Knowledge of enterprise network and computer environments and the common protocols and applications in these environments Preferred Qualifications Suggested certifications (OSCP,Sec+, CCIE - Security , CySA+,CCNA CyberOps, GCIH, GCIA, GCFA, GCFE, CEH) Working knowledge of Splunk admin and play book tuning Familiarity with MITRE ATT&CK framework Experience with a scripting/automation language (Python, BASH)

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled WAF and Firewall Security Expert to manage Web Application Firewalls (WAF) and network perimeter security. The ideal candidate will have in-depth knowledge of Akamai, Cloudflare, and similar WAF/CDN platforms, along with a strong grasp of application layer (Layer 7) attacks, web security vulnerabilities, and real-world mitigation strategies.You will play a key role in defending critical applications from threats such as SQL injection, XSS, CSRF, RCE, API abuse, bot attacks, and more ensuring the security and resilience of our digital platforms. Roles & Responsibilities:- WAF Policy Management:Administer Web Application Firewall (WAF) rule sets and policies using industry-leading platforms such as Akamai Kona Site Defender, Cloudflare WAF, AWS WAF, or similar solutions.- Application Layer Defense:Analyze, detect, and defend against a wide range of OWASP Top 10 and other Layer 7 threats, including:- SQL Injection (SQLi)- Cross-Site Scripting (XSS)- Remote Code Execution (RCE)- Cross-Site Request Forgery (CSRF)- HTTP protocol abuse- Malicious bot traffic and API abuse- Firewall & Network Security:Deploy and manage network firewalls and integrate them with other security technologies including Intrusion Detection/Prevention Systems (IDS/IPS) and DDoS mitigation tools.- Bot Protection Expertise:Strong understanding of automated bot attacks, with hands-on experience in detection and defense strategies using behavioral analytics, CAPTCHA, rate limiting, and JavaScript challenges.- Threat Monitoring & Incident Response:Proactively monitor and respond to threats across both application and network layers, leveraging SIEM tools and real-time alerting systems.- Cross-Functional Collaboration:Work in close partnership with DevOps, development, and security teams to enforce secure deployment practices and ensure robust application configurations.- WAF Tuning & Optimization:Perform continual WAF tuning, including signature refinement and custom rule development, to ensure an optimal balance between security coverage and application functionality.- Threat Intelligence & Research:Stay current on emerging application-layer attack vectors, tools, and adversary tactics to inform proactive defense measures.- Incident Handling:Participate in incident response, including threat hunting, forensic analysis, and contributing to post-mortem investigations to enhance organizational resilience. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Strong understanding of cloud security principles and best practices.- Experience with security architecture frameworks and methodologies.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.- Ability to analyze and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Network & Security Operations Center (NSOC),Security Frameworks & Tools, MITRE ATT&CK, SIEM, IDS/IPS, Threat Intelligence, Incident Response,Reporting & Documentation, Security Monitoring, Network Monitoring, send resumes to sridhar.tt@skill-mine.com

Join our dedicated team in a role where your expertise in risk assessments and cybersecurity exercises propels forward our mission of safeguarding our operations and enhancing resiliency. This position offers the unique opportunity to shape our security posture and contribute to our continuous improvement in an environment that values innovation and teamwork. As an Assessments & Exercises Senior Associate within our cybersecurity team, you will utilize industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology. You will collaborate with the team to design and execute risk-promoting tests and simulations, evaluate preventative controls, incident response processes, and detection capabilities. Your ability to make informed decisions and foster continuous improvement will contribute to the achievement of our team's operational goals and the mitigation of cyber and resiliency risks. Collaborate with other Assessments & Exercises team members to conduct testing and simulations such as penetration tests, technical controls assessments, cyber exercises, or resiliency simulations, and contribute to the development and refinement of assessment methodologies to ensure alignment with industry standards and regulatory requirements. Partner with subject matter experts to evaluate controls for effectiveness and impact on operational risk, as well as opportunities to automate control evaluation. Develop comprehensive assessment reports, including detailed findings, risk assessments, and remediation recommendations, and effectively communicate these insights to relevant stakeholders as you contribute to decisions that yield continuous improvement. Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations. Apply this knowledge to enhance the firm's assessment strategy. Required qualifications, capabilities, and skills: - Formal Training or Certification required on Cybersecurity or resiliency, assessments or simulation exercises and 3+ years applied experience. - Prior experience in offensive or defensive technical cybersecurity roles, focusing on solutions to reduce cybersecurity risks. - Basic coding (scripting) experience in languages such as Python, C, JavaScript, and VBScript. - Demonstrated proactivity and resourcefulness in identifying and analyzing data sources for data-driven investigations. - Knowledge or experience in cybersecurity roles and processes, including Incident Response, Threat Intelligence, Penetration Testing, and more. - Familiarity with network architecture concepts, cloud architectures, and deploying large-scale applications in enterprise environments. Preferred Qualifications, Capabilities, and Skills: - Familiar in developing both tactical and strategic tools and capabilities. - Familiar in building analytical processes, templates, and documentation. - Bachelor's Degree in Computer Science or a related field, or equivalent experience.,

Company Name- CIPL (www.cipl.org.in) We have opening for our one government client Ministry of Home Affairs. Client Name- I4C (Indian Cybercrime Coordination Centre) Designation- Cybercrime Threat Intelligence Analyst - Hyderabad , Vacancy -1 Cybercrime Investigator/ Cyber Crime Investigation Researcher - Delhi , Vacancy- 2 Detect emerging Cybercrime threats based upon analysis, data feeds crime reporting and sources (internal & external intelligence sources). Working within the team and the wider Inf-ormation Security group to build new tools for intelligence gathering. * Knowledge of innovative technologies like block-chain, Artificial Intelligence/Machine Learning, IOT Security, Cloud Security will be an added advantage. * Knowledge of cryptography protocols. * Ability to derive intelligence out of data and reports generated and ability to conduct research in that direction and development of tools to handle such threats and overcome such risks. * Building and maintaining senior management dashboards to provide a clear understanding of team activities and threat landscape. * Identify and suggest appropriate infrastructure with suitable mitigation strategies for cyber crime * Evaluate target systems to analyze results of scans, identify and recommend resolutions * Producing periodic Cybercrime threat analysis reports with mitigation measures. * Programming skills with proficiency in one or more of the following, Python, Java, C++. * Excellent knowledge of digital hardware, computer programming, cyber security practices, databases & operating systems artifacts. * Review unlawful and suspicious content in open source and escalate violations to the appropriate govt. department. * Collect, organize, analyze and develop reliable actionable intelligence about cybercrime, criminals, criminal infrastructure from open sources. Must have advanced understanding of how to use open-source including social media for intelligence. * Ability to draft Sop's/ RFP/ Advisory Manuals/ Reports pertaining to Cyber Security/Inf-ormation Security/Cybercrime Investigation. * Proven ability to work both independently and as a team and present/develop ideas. * Ability to work effectively with technical and non-technical stakeholders. * Ability to communicate (verbal and written) with stakeholders in non-technical terms. * Experience with multiple social media platf-orms. * Using data from social media, open sources, search engines, public records, and the deep web to compile detailed reports on cybercrime, criminals and criminal infrastructure.

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:-Monitor, analyze security alerts from SIEM platforms and other threat detection systems to identify potential security incidents by following established processes.-Collaborate with IT, infrastructure, and application teams to manage and resolve security incidents effectively.-Participate in security incident response activities, ensuring accurate documentation and closure of incidents.-Improve SOC operations by enhancing processes and updating standard operating procedures (SOPs).-Actively participate in client meetings, providing technical input and updates on ongoing incidents or improvements.-Identify false positives through alert fine-tuning and continuous rule optimization.-Apply knowledge of threat intelligence, and attacker techniques (e.g., MITRE ATT&CK) to enhance detection strategies.-Contribute to enhancing detection content, such as correlation rules and threat detection logic. Professional & Technical Skills: - Experience working as SOC analyst.- Good Understanding of tools like SIEM, CrowdStrike, MS Defender, Proofpoint, Azure, IDS/IPS.- Strong Understanding of TCP/IP, DNS, DHCP, HTTP/HTTPs, VPN- Basic understanding of Windows/Linux command line tools.- Log analysis from operating systems, firewalls, etc.- SIEM/SOC operations experience for very large enterprises.- Knowledge on MITRE/CKC framework. Additional Information:- The candidate should have minimum 2 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About the Role We are seeking a highly skilled Security Analyst (Level 2) to join our MSSP SOC team. The ideal candidate will have expertise in SIEM (Splunk, QRadar), XDR/EDR solutions, and security analysis with hands-on experience in investigating and responding to security alerts. This role requires proficiency in reviewing and analyzing Level 1 alerts, providing detailed recommendations, and engaging with customers for incident handling. The candidate should also have basic SIEM administration knowledge and Python scripting skills for troubleshooting and playbook development. Key Responsibilities Threat Detection & Response: Analyze and investigate security alerts, events, and incidents generated by SIEM, XDR, and EDR solutions. Incident Investigation & Handling: Conduct in-depth security incident investigations, assess impact, and take appropriate actions. Incident Escalation & Communication: Escalate critical incidents to Level 3 analysts or senior security teams while maintaining detailed documentation. Content Management: Develop and fine-tune correlation rules, use cases, and alerts in SIEM/XDR platforms to improve detection accuracy. Malware Analysis: Perform basic malware analysis and forensic investigation to assess threats. Customer Request Handling: Collaborate with customers to address security concerns, provide recommendations, and respond to inquiries. SIEM Administration: Assist in the administration and maintenance of SIEM tools like Splunk or QRadar, ensuring smooth operations. Automation & Playbooks: Utilize Python scripting for automation, troubleshooting, and playbook development to enhance SOC efficiency. Reporting & Documentation: Prepare detailed reports on security incidents, trends, and mitigation strategies. Basic Qualifications B.E/B. Tech degree in computer science, Information Technology, Masters in Cybersecurity 3+ years of experience in a SOC or cybersecurity operations role. Strong knowledge of SIEM tools (Splunk, QRadar) and XDR/EDR solutions. Hands-on experience in threat detection, security monitoring, and incident response. Knowledge of network security, intrusion detection, malware analysis, and forensics. Basic experience in SIEM administration (log ingestion, rule creation, dashboard management). Proficiency in Python scripting for automation and playbook development. Good understanding of MITRE ATT&CK framework, security frameworks (NIST, ISO 27001), and threat intelligence. Strong analytical, problem-solving, and communication skills. Ability to work in a 24x7 SOC environment (if applicable) Preferred Qualifications Certified SOC Analyst (CSA) Certified Incident Handler (GCIH, ECIH) Splunk Certified Admin / QRadar Certified Analyst CompTIA Security+ / CEH / CISSP (preferred but not mandatory

As a Threat Intelligence AVP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. Your responsibilities include identifying, assessing, and mitigating threats, providing mitigation recommendations in response to evolving threats, and collaborating with diverse teams and stakeholders. You will be expected to analyze complex technical issues, develop bank-specific solutions, and deliver against projects to enhance the bank's capabilities in responding to threats. Proactively identifying threats, tracking threat actors and ongoing campaigns, and producing actionable intelligence will be key aspects of your role. You will also be responsible for producing threat assessments, analyzing data/intelligence sources to identify threat patterns, and driving improvements in internal processes and workflows. Meeting strict deadlines to deliver high-quality reports, taking ownership of personal career development, and maintaining relationships with internal stakeholders are also part of your responsibilities. In terms of skills and experience, you should have at least 5 years of experience in cybersecurity with a focus on threat intelligence, analysis, and mitigation. Operational understanding of computing/networking, knowledge of security technologies, and familiarity with virtual environments and cloud platforms are essential. Additionally, you should have experience in Open-Source Intelligence (OSINT) techniques, tracking prominent cyber threat actor groups, and working with intelligence lifecycle and frameworks like Mitre ATT&CK. Non-technical skills such as investigative and analytical problem-solving abilities, excellent verbal and written communication, and self-motivation are also required for this role. A degree in computer science, networking, engineering, or a related field is preferred, along with certifications such as CISSP, CISM, GIAC, and others. You will receive training and development support, coaching from experts, and opportunities for continuous learning to aid in your career progression. The company promotes a culture of empowerment, responsibility, commercial thinking, and collaboration, striving for excellence together every day. For further information about the company and its teams, please visit the company website at https://www.db.com/company/company.htm. Deutsche Bank Group welcomes applications from all individuals and promotes a positive, fair, and inclusive work environment.,

About the Opportunity Job Type: PermanentApplication Deadline: 31 August 2025 Title Cyber Security Operational Incident Manager - Technical Consultant Department Cyber Defence Operations - GCIS Location Kingswood, Surrey, Gurgaon, Bangalore Reports To Senior Manager - CDO Level 5 > About your team Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to play a direct role in helping our clients with one of the most important aspects of their lives their financial well-being. Within the Technology function is our Global Cyber & Information Security (GCIS) that operates enterprise security services and controls. These are designed to mitigate Cyber and Information Security risks ensuring that Fidelity's business operates securely. The Technical Cybersecurity teams monitor both the internal and external threat environment, responding to security alerts and events in close to real time, as well as providing security assurance and access management services across the enterprise technology and business environment. Our global innovative Cyber Defence Operations team sits within GCIS and provides proactive, cutting-edge solutions to protect clients digital assets and infrastructure against evolving cyber threats. The Cyber Security Operational Incident Manager will be responding to and managing widespread security events and should have an understanding on how best to maintain CIRT teams skills and knowledge. The role will be supported by a global team of CIRT analysts who are looking at this role to provide them with direction and guidance during serious incidents. It will also be supported by a strong security leadership team and global incident management process who are keen to develop this capability. Our leadership team will be looking at this role to report on a number of key incident KPIs and provide assurance to our customers on the global operational security response process. About your role The successful candidate will be experienced in operational security incident management, including vulnerability management, understanding the value of rigorous planning, tested procedures and playbooks and quick response to critical security incidents. This is a critical role expected to develop and maintain our operational security incident management capability and help mature our global response processes. The successful candidate will be comfortable working at a technical level, proactively suggesting improvements to the incident playbooks whilst also being able to co-ordinate our front-line CIRT team during major events. The successful candidate will be able to demonstrate understanding of incident response tools and techniques, experience in responding to and managing widespread security events and an understanding on how best to maintain CIRT teams skills and knowledge. The role will be supported by a global team of CIRT analysts who are looking at this role to provide them with direction and guidance during serious incidents. It will also be supported by a strong security leadership team and global incident management process who are keen to develop this capability. Our leadership team will be looking at this role to report on a number of key incident KPIs and provide assurance to our customers on the global operational security response process. About you Key Responsibilities Own and be accountable for security incidents; taking the lead in driving global remediation activities Ensure simple, repeatable, manual tasks are automated within the Incident Response process Ensure a best-practice program is in place to manage and maintain our security response procedures Proactively develop and deliver new incident response capabilities, tooling and processes. Develop an incident management strategy, focussing on regular reviews and exercises. Create and deliver table-top and simulated exercises focussing on areas of risk identified by our Threat Intelligence team. Ensure the operational security process is consistently maintained across our global regions, taking into account different regulatory requirements and rules. Acting as the point of contact for our global business incident management team for all security related incidents. Run Post Incident Reviews and track and manage outcomes to delivery. Experience and Skills Required Experience and strong understanding of frontline security operations Experience running a vulnerability remediation programme or overseeing vulnerability teams would be advantageous Experience running complex security incidents at a global scale Experience creating or continually improving an incident management program Strong reporting ability, with an understanding on how to tailor reports to show improvements and learnings In depth understanding of modern attack techniques and flows Clear and demonstratable understanding of NIST and MITRE Att&ck Methodologies Experience in cloud environments (Ideally Azure) Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning this into improvements. Banking or Finance industry related experience desirable Security Incident Management Qualifications preferred Security Incident related qualifications (e.g SANS 504) At least 3 years of experience working in an Incident Response position. Experienced responding to global complex security events Experienced using NIST or MITRE frameworks to deploy defensive plans and/or actions Experience explaining the risk of security threats and creating mitigations. Experience of general IT infrastructure technologies and principles. Experience of using vulnerability management tooling e.g Nexpose, Qualys etc. Understanding of the underlying protocols including: HTTP, HTTPS, SMTP, SQL. Understanding of Networking Architecture (OSI Model). Analytical skills Challenge the current processes Passion for the cybersecurity field Time management Able to organize others Nice to Have Certifications - Security+, Network+, GCIA, GCIH, GCFA, GMON, GNFA, SSCP, OSCP For starters, well offer you a comprehensive benefits package. Well value your wellbeing and support your development. And well be as flexible as we can about where and when you work finding a balance that works for all of us. Its all part of our commitment to making you feel motivated by the work you do and happy to be part of our team.

Job Description: Threat Hunting analyst performs a wide variety of security duties with a primary focus on threat actor-based tactics, techniques, and procedures. The ability to manage multiple simultaneous threat hunts spanning several platforms with various TTPs is a key function of this role. Knowledge sharing and mentoring of team members is a critical and necessary skill. Must have the ability to operate under pressure and influence the team dynamic when responding to incidents. Should be able to work to enhance and improve the team and processes over time in a well-established manner. Roles and responsibilities : Perform hypothesis-based threat hunts using popular MITRE attack framework Perform intel-based threat hunting Conduct threat simulation exercises to test current security control Create diamond models to model threat activity Work directly with leadership to develop and improve existing internal processes Develop new processes that will add value to threat hunting team Provide proactive assistance to junior analysts to help them develop their skillset Develop advanced correlation rules for threat detection using CQL (CrowdStrike Query Language) Create and utilize threat intel report to conduct manual hunts across available data sources Perform static and dynamic analysis of malicious files Work proactively on critical security incidents Perform vulnerability review and risk assessment Core experience with Crowdstrike or SPLUNK L3 level experience into investigation, recommendation and take decisions related to Security Incident Investigation, Worked with Leadership Manage End-2-End Security Incident Investigation Experience in creating MITRE Attack Framework Knows basics of Vulnerability Analysis & Risk Assessment Manual Hunt Actively search for threats that may not have been detected by automated security tools. Detect hidden or undisclosed threats using advanced techniques and tools. Develops hypotheses about potential threats based on threat intelligence and industry trends. Performs an in-depth analysis of the network and system to uncover IOCs and APTs. Works closely with other cybersecurity teams to improve detection capabilities and share findings. Have a high level of knowledge in scripting (e.g. Python, PowerShell) to automate threat hunting tasks. Deeply analyze the tactics, techniques, and procedures (TTPs) of the attacker. Advanced Threat Detection Scripting and Programming Knowledge Advanced PowerShell, Bash, and Cmd Analysis Threat Intelligence, Malware Analysis, Vulnerability Analysis, Cloud Security, Data Analysis Required skills : Ability to perform threat hunting using MITRE attack framework Ability to identify/detect/explain malicious activity that occurs within environments with high accuracy/confidence level Ability to develop advanced correlation rules for threat detection. Must be expertise in creating queries using SPL (Search processing language used by Splunk) or CQL (CrowdStrike Query language) Ability to create threat intelligence reports based on available threat intel Ability to perform static and dynamic analysis of possible malicious files Ability to perform Vulnerability analysis and risk assessment Should have strong log analytical skills Should be able to demonstrate good incident response skills in case of critical security incidents Moderate understanding of Windows and Linux operating systems, as well as command line tools Strong verbal as well as written communication skills Basic understanding of malware analysis Year of Experience : 5+ years (Security Operations + Threat Hunting - [Minimum 2 years should be in threat hunting]) Tools - CrowdStrike, Splunk, Logscale Humio Certification : GIAC / Offensive Security certifications preferred CTHP (CTHP (Certified Threat Hunting Professional): An advanced certification for threat hunters.) , C|TIA (Certified Threat Intelligence Analyst), GIAC Certified Threat Intelligence (GCTI), Certified Threat Hunting Professional (CTHP). One of this is a must have. Programing language - Python (Good to have) Qualification : Bachelor of Engineering in any stream

: Job Title Information Security Specialist Corporate Title Assistant Vice President LocationPune, India Role Description Everyday DB observes thousands of cyber security intrusion attempts. Deutsche Banks COO Chief Security Office (CSO) integrates both Corporate Security (CS) and Information Security (CISO) as both teams are responsible for mitigating these risks. The CSO team enables the business of Deutsche Bank by providing agile security operational capabilities. With their expertise in Threat Intelligence, Cyber Threat Analytics, Malware Response & Research, Security Monitoring, Incident Response, Forensics and Vulnerability Management, they provide global services from key locations in Frankfurt, Jacksonville and Singapore while leveraging offshore capabilities in Pune and Bucharest. Deutsche Bank AG is looking for Cyber Security professional to support the banks global security monitoring and threat detection capabilities. This role requires a heavy focus on all areas of security monitoring, risk management on privileged access management and familiarity with regulations impacting technology (e.g. MAS TRM Guidelines), requiring at least 5 to 8 years of experience. Candidate will be responsible to provide an oversight of the various security monitoring process to manage security risks and to drive the organizations compliance to regulatory and audit requirements including facilitation of audit activities, address process related queries and drive automation and audit remediation projects. The candidate will need to drive process improvements, procedure document updates, KPI monitoring and operations team management. Candidate will engage across all functional areas of business, operations, and global technologies working in a dynamic, multi-OS environment. This role will play a vital role in present organizations compliance to regulators and managing interactions with auditors. The chosen candidate will be required to provide a degree of strategic, tactical, and day-to-day operational experience to enhance the overall security monitoring, detection, and mitigation process. Candidate must also possess excellent soft skills and verbal communications dealing with senior executive management, customers, clients, auditors, and third-party vendors. What well offer you , 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Oversee the performance, efficiency, and accuracy of security monitoring operations team ensuring SLAs are met. Proactively review, propose, and implement process changes and monitoring improvements to remediate most significant risks including audit findings, self-identified issues, compliance issues, control gaps and regulatory requirements. Identify opportunities for streamlining of control processes, develop and socialize potential risk mitigation strategies particularly in privileged access management (e.g., bypass monitoring, session log review), and work with various divisions to execute. Improve the delivery of effective control process through technical review and process quality checks. Provide support in the delivery of effective governance including tracking and reporting. Ensure proper training of monitoring teams on new coverage and use cases. Offer subject-matter expertise and act as escalation point when required. Prepare and present monthly functional and operational report. Manage stakeholder queries, facilitate audit activities, and address data requests in a timely manner. Collaborate across CSO and technology teams to respond to internal and external audits, and regulatory inquiries and assessments. Drive automation projects and manage audit remediation deliverables to closure. Practice and promote good risk culture and risk management to manage the risks within banks appetite. Act as primary point-of-contact for regulatory inquiries and engagements. Collaborate with internal and external auditors and stakeholders, providing necessary evidence and artefacts, to facilitate audit processes. Your skills and experience Minimum 5 to 7 years of working Experience with security monitoring platforms and workflows. Proven Experience in area of privileged access management specifically in session log review and bypass monitoring. Proven experience and In-depth knowledge of technology regulations and understanding of regulatory risk management specially of MAS requirements and guidelines. Proven experience and strong understanding of audit process and compliance monitoring and reporting. Analytical mindset and ability to identify, assess and address compliance gaps and security risks. Strong operational background in risk analysis and risk identification. Degree from a university or major course work in computer science, networking, engineering, or other computer-related field of study. One of the following certifications will be an advantageCISSP, CISM, CISA, CRISC Expectations It is the Banks expectation that employees hired into this role will work in the office at least 2-3 days a week in accordance with the Banks hybrid working model. How well support you . . . .