155 Threat Intelligence Jobs - Page 3

Role & responsibilities Threat Hunter JD : 5 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections

LTI Mindtree hiring Threat Hunting Lead role. 6 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections Job Location: Pan India Experience: 8 to 12 years If you are ready to embark on a new chapter in your career, kindly share your resume at Muthu.Pandi@ltimindtree.com Please share below details: Contact Number: Preferred time to connect: Total Experience : Relevant Experience : Current Location: Preferred Location: Notice Period: Current CTC: Expected CTC: Reason for job change: Regards, Muthu Pandi HR LTIMindtree

Qualifications • BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. • Security certifications like CEH or equivalent preferred. Experience and Skillset • Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). • In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. • Proficient in Incident Management and Response. • Basic knowledge of Windows and Unix environments. • Knowledge of OSI Model, TCP/IP Protocols, network security. • Knowledge about other security tools like – Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities • Responsible for working in a 24x7 Security Operation center (SOC) environment. • Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. • Monitor various dash boards from different security solutions on shift basis. • Work with the engineering team for Sensor and SIEM rules fine-tuning. • Prepare various management reports from SIEM and other security solutions. • Provide analysis and trending of security log data from a large number of heterogeneous security devices. • Provide threat and vulnerability analysis as well as security advisory services. • Analyze and respond to previously undisclosed software and hardware vulnerabilities. • Investigate, document, and report on information security issues and emerging trends. • Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. • Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Location: Guwahati If you’re interested please share below mention details for the same. Location Are you willing to relocate to Guwahati? : Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email ID:ashwini.chakor@ril.com Regards,

Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation. Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies. Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents. Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations. Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications. Conduct root cause analysis and post-incident reviews to enhance detection capabilities. Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS). Document configurations, detection logic, and incident response processes. 3+ years of experience in cybersecurity with direct hands-on Internal SIEM experience. Proficiency in one or more SIEM platforms (e.g., Splunk, QRadar, Sentinel, Elastic Stack, etc.). Solid understanding of network protocols, system logs, attack techniques, and MITRE ATT&CK framework. Experience with scripting and automation (e.g., Python, PowerShell) is a plus. Familiarity with EDR, SOAR, IDS/IPS, firewalls, and other security tools.

Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation. Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies. Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents. Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations. Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications. Conduct root cause analysis and post-incident reviews to enhance detection capabilities. Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS). Document configurations, detection logic, and incident response processes. 3+ years of experience in cybersecurity with direct hands-on SIEM experience. Proficiency in one or more SIEM platforms (e.g., Splunk, QRadar, Sentinel, Elastic Stack, etc.). Solid understanding of network protocols, system logs, attack techniques, and MITRE ATT&CK framework. Experience with scripting and automation (e.g., Python, PowerShell) is a plus. Familiarity with EDR, SOAR, IDS/IPS, firewalls, and other security tools.

LTIMindtree Hiring for Threat Hunter/Threat Hunter Lead Notice period-immediate to 15 days. Exp-5 to 12 yrs. Location- Hyderabad if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview- Are you okay with Rotational shift- Job description- 6 years experience in Cyber Security. Has experience in Threat Hunting Experience in managing a team and customer business meetings effectively. Ability to handle the client team Excellent written & verbal communication skill Excellent in Reporting & presentation skills Experience on different tools and language like Excel, Splunk, KQL etc. Performing Threat Hunting activity to look for potential threat in the organization. Experience in vulnerability management team to remediate existing vulnerabilities found during Assessment or scan. Practical knowledge of common threat analysis models such as the Cyber Kill Chain, and MITRE ATT&CK. Experience on Power BI to provide interactive visualizations to create reports and dashboards is a plus. Good at Event logging Experience in Response Good Knowledge of Windows Defender Through knowledge of Event logging and detections

LTIMindtree Hiring for Malware Analyst. Notice period-immediate to 15 days. Exp-3 to 5 yrs. Location- Hyderabad, Chennai, Pune, Bangalore if interested Share me these details along with CV-Richa.Srivastava@ltimindtree.com Total Experience- Current CTC- Expected CTC- Holding offers if any- Current Location- Preferred Location- Notice period- Skills- Date of Birth- PAN No- Passport size photo- Pan no- Availability for interview- Are you okay with Rotational shift- Job description- Static and dynamic malware analysis(aware of file structure like, PE, PDF, OLE, windows short cut files etc...) someone who has hands on writing signatures for malware samples(at-least initial vector malware). Aware of trending malware family campaign and analysis for threat write ups for that follow up family. (example malware family - Emotet/Qakbot/AgentTesla etc..) Email security and Endpoint Security (EOP) Investigating the Phishing campaign and spam emails which users have received and reported. Threat Intelligence analysis/ Threat hunting Analyzing PE files (Dynamic and static analysis) and providing detection for malicious PE files.(RE/Malware Analysis) Analyzing non-PE file s (like OLE / PDF / HTML / HTA / VBS|VBE /JS/ WSF/JAR/LNK) and providing detection for malicious files. Malware Analysis and Reversing. Reverse Engineering skills: familiar with debuggers, disassemblers, network protocols, file formats, sandboxes, hardware/firmware internals, software communication mechanisms, Classification, clustering and labelling of Malware. Knowledge of Advanced Techniques of Malware Analysis. Knowledge of Malware kill chain and MITRE ATT&CK techniques and tactics. Knowledge of AV evasion techniques and Pen testing tools like - Veil (equal rank), PowerShell Empire, Meterpreter, Unicorn, Cactus Torch, and Any other similar tools Additionally, Experience with advanced persistent threats, human adversary compromises and incident response. Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvements. Excellent analytical skills and ability to identify patterns and trends. Strong research skills, data knowledge, and ability to analyze and present complex data in a meaningful way. Strong understanding of Cyber Security, modern security problems and threat landscape, Operating Systems (internals), computer networking concepts. Required Skills: Olly DBG, IDA PRO, Static and dynamic malware analysis, PE and non-PE file analysis

About Zerodha Fund House At Zerodha fund house, we are enabling the next generation of Indian investors We feel mutual funds as a product needs to be reimagined to build simple & relevant investment solutions for the next 10 crore individuals to participate in and grow the capital markets in India Built by the people behind Zerodha & smallcase, Zerodha fund house brings the principles of simplicity, cost-effectiveness, and transparency to the mutual funds We are building the founding team and are looking for smart and passionate people to join us Where you fit in This will be an Individual Contributor role to start and can evolve over time based on how this function matures You will play a critical role in the companys tech infrastructure, processes which will be fully aligned with regulatory, security and business continuity standards Key Responsibilities Draft, coordinate & monitor IT processes & policies to ensure compliance as per IT Act, regulatory bodies (e g RBI, SEBI, GDPR, UIDAI etc ), info security (ISM) guidelines and other applicable laws with respect to Technology, in coordination with internal & external stakeholders Prepare & update business-wise IT infra details required by the Compliance/Legal teams for regulatory filings and 3rd party audits Conduct vendor risk assessment audits & ensure identified gaps are proactively filled Introduce new processes & policies by conducting market studies & surveys relevant to our business Plan, formulate, coordinate, implement & monitor the cyber crisis management plan (CCMP) Incident Management and resolution Interface with external auditors and set up processes to ensure all Infosec audits go smoothly Formulate, implement, review & monitor BCP Requirements 4-6 years of experience, including being SPOC for Infosec audits In-depth knowledge of technology, security, risk, and compliance best practices Strong capability in interfacing with both technology and business teams Detailed understanding of security monitoring, threat intelligence & vulnerability management A self-driven attitude with a strong sense of ownership Experience with RBI and/or SEBI (preferred) audits is a big plus Assisting the team to conduct Technology Committee Assisting the Risk Officer to conduct independent assessments of the business functions Provide timely data for Risk Management Committee

As an India lead, Cyber Response, you will lead a team of talented and passionate cyber security professionals who are responsible for defending the cyber threats. You will be part of the global Cyber Response function and you will collaborate with your peers and stakeholders across the organisation. You will have a dual role of people leader and technical leader. You will use your extensive experience and skills in cyber incident response to guide and coach your team and occasionally be hands-on with the data and tools. You will also ensure that your team has the resources, support, and direction they need to perform their core mission. You will also contribute to the continuous improvement and maturity of the Cyber Response function, by driving innovation, quality, and efficiency in the processes, methods, and capabilities. You will need to have a strong background in managing and leading global teams, leading an operational SOC/IR function, and demonstrating excellent technical and leadership skills. Your key accountabilities will include: - Managing 24/7 Cyber Response function in India, including daily operations, escalation, quality, reporting, supplier management, etc - Leading and directing Cyber Response on major incidents as part of the global team - Uplifting the Cyber Response capability, methodology and tradecraft - Managing and reporting on operational performance and meeting KPIs and stretch targets - Contributing to strategy, planning and investment activities to enhance the Cyber Response capability - Leading and supporting projects delivering new Cyber Response capability or requiring integration to Cyber Response services, including requirements, delivery and operational acceptance - Working with stakeholders to improve BAU security posture and defence against current & emerging threats - Working closely with other related teams including Cyber Threat Intelligence, Red Team, Vulnerability Management and Application Security - Performing other related activities as required by Management

R1 RCM Inc. is a leading provider of technology-enabled revenue cycle management services which transform and solve challenges across health systems, hospitals and physician practices. Headquartered in Chicago, R1 is a publicly-traded organization with employees throughout the US and international locations. Our mission is to be the one trusted partner to manage revenue, so providers and patients can focus on what matters most. Our priority is to always do what is best for our clients, patients and each other. With our proven and scalable operating model, we complement a healthcare organizations infrastructure, quickly driving sustainable improvements to net patient revenue and cash flows while reducing operating costs and enhancing the patient experience. We are looking for a self-motivated Cybersecurity Analyst to join the R1 Cybersecurity Operations Team. We have a relentless focus on driving results for our customers and enabling them to invest more in patient care; in turn, this allows us to continue to grow our company and your career. The successful candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. They will serve as an expert and be responsible for providing network and security operations technical analysis, assessment, and recommendations in the areas of real-time security situational awareness, operational network system and applications systems security monitoring. Responsibilities : Monitoring various security tools (e.g., Crowdstrike, Proofpoint, MS Sentinel, Azure VM ) to identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability of R1s architecture and information systems are protected Reviewing and analyzing log files to report any unusual or suspect activities. Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating. Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events using open-source intelligence (OSINT) Following established incident response procedures to ensure proper escalation, analysis and resolution of security incidents. Analyzing and correlating incident event data to develop preliminary root cause and corresponding remediation strategy. Providing technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to protect the R1s network, and assessments for High Value Assets. In this role, the successful candidate will maintain and monitor compliance with enterprise change management policies and procedures. Develop and maintain metrics & reports on the status of the R1 cyber security operations program. Attend and participate in Cyber security projects and the change management process. This includes interacting with business units and technical teams to understand what is coming and how their projects can be more secure from the beginning. As part of the overall Cybersecurity Operations Team, work in tandem with the security operations center (SOC), incident responders (when anomalous activity and host compromise occurs), and technology infrastructure and development team members. Participate in established incident response procedures to ensure proper escalation,analysisand resolution of security events and incidents. Managing and maintaining change detection and auditing tools Researching technology and application processing environments, operation, and associated user workflow to design, build, configure, implement, and document change compliance and audit rules within designated technologies. Reconciling changes detected by the system to authorized changes documented in service desk and change management applications. Analyzing large volumes of security event data from a variety of sources to identify suspicious and malicious activity. Documenting, logging and investigating security incidents. Performing case management throughout the incident lifecycle for moderately complex security incidents Design, build, and documenting security technology standards, processes, and operational workflows Operating and maintaining physical security monitoring systems Review, investigate, track, and monitor viruses and malware propagation and eradication throughout the enterprise. Monitoring compliance with enterprise security, compliance, and change management programs, policies, and processes Researching Threat Intelligence sources on the latest malware, trends, patches in order to keep the Security Program up-to-date. Providing metrics & reports on the status of tools, environments, and assets within the organization. Database and Application security to prevent attacks via Input Validation, Cross-Site Scripting, Buffer Overflowetc Required Qualifications : A minimum of 4 years of professional experience in an IT-related field Intermediate knowledge of security, monitoring, and networking technologies, tools, protocols and standards Knowledge of security policy, programs, process, and metrics CompTIA Security+ certification or equivalent professional experience in security operations Intermediate or advanced security, networking, or audit certification Recent experience with static and/or dynamic code review process Strong drive and passion to deliver distinctive end-products, a quick learner with a strong attention to detail and quality. Excellent interpersonal and communication skills Desired Qualifications: A Bachelors degree in a technical discipline (e.g., Computer Science, Business Analyst, etc.) Certification (or ability to obtain certification) in at least one of the following areasGeneral Security (CISSP), Incident Handling (GCIH), Cloud Security (GCLD, Cloud+, CCSK), and Ethical Hacking (CEH) Experience with advanced cyber security tools, network topologies, intrusion detection, and secured networks In-depth understanding of NIST SP 800-61,SOC 2 AICPA controls and frameworks. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visit:R1RCM.com. R1 RCM Inc. (the Company) is committed to the principles of equal employment opportunity. The Companys practices and employment decisions, including those regarding recruitment, hiring, assignment, promotion, compensation, benefits, training, discipline, and termination shall not be based on any persons age, color, national origin, citizenship status, physical or mental disability, medical condition, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status or any other characteristic protected by federal, state or local law. Furthermore, the Company is committed to providing a workplace free from harassment based on any of the foregoing protected categories. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visitr1rcm.com Visit us on Facebook

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Data Loss Prevention (DLP) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous monitoring and improvement of security protocols to safeguard sensitive information and maintain compliance with industry standards. Roles & Responsibilities:- Expected to be an SME in DLP and Data masking solution implementation and support.- Collaborate and manage the team to perform.- Demonstrates excellent problem-solving skills and the ability to collaborate effectively with diverse stakeholders- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must Have Skills: Proficiency in Proofpoint and Microsoft Purview Data Loss Prevention (DLP) tools, Varonis Data Discovery and Data masking.- Creation of DLP detection and prevention policies- DLP agents compliance and incident monitoring- DLP agent upgradation- Design and implementation of Data masking solution across enterprise-wide applications- Perform Sensitive Data Discovery and analysis across enterprise data repositories- Create Technical documentation and installation/administration manuals- Strong understanding of risk management and mitigation strategies.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or GDPR, HIPAA, HiTrust- Familiarity with incident response and threat intelligence processes.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 8 years of experience in Data Loss Prevention (DLP) and Data Discovery- Good to have experience in Health care industry - Certifications on Proofpoint, Varonis is preferred.- This position is based in Coimbatore.- Willing to work in US shifts including support in late IST hours. Willing to work in office adhering to current HR policies.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Data Loss Prevention (DLP) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous monitoring and improvement of security protocols to safeguard sensitive information and maintain compliance with industry standards. Roles & Responsibilities:- Expected to be an SME in DLP and Data masking solution implementation and support.- Collaborate and manage the team to perform.- Demonstrates excellent problem-solving skills and the ability to collaborate effectively with diverse stakeholders- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must Have Skills: Proficiency in Proofpoint and Microsoft Purview Data Loss Prevention (DLP) tools, Varonis Data Discovery and Data masking.- Creation of DLP detection and prevention policies- DLP agents compliance and incident monitoring- DLP agent upgradation- Design and implementation of Data masking solution across enterprise-wide applications- Perform Sensitive Data Discovery and analysis across enterprise data repositories- Create Technical documentation and installation/administration manuals- Strong understanding of risk management and mitigation strategies.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or GDPR, HIPAA, HiTrust- Familiarity with incident response and threat intelligence processes.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 8 years of experience in Data Loss Prevention (DLP) and Data Discovery- Good to have experience in Health care industry - Certifications on Proofpoint, Varonis is preferred.- This position is based in Coimbatore.- Willing to work in US shifts including support in late IST hours. Willing to work in office adhering to current HR policies.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled Firewall Engineer with hands-on experience in managing and optimizing security infrastructure, specifically Check Point and FortiGate firewalls. The ideal candidate will also have a strong understanding of security policy management tools like Skybox and Tufin. You will be responsible for designing, implementing, maintaining, and supporting firewall environments to ensure the integrity and security of enterprise systems and data.Key Responsibilities:- Design, configure, implement, and maintain firewall infrastructure using Check Point and FortiGate platforms.- Manage and optimize firewall rules, NAT policies, VPNs, and threat prevention features.- Use Skybox and Tufin to audit, analyze, and optimize firewall rules and ensure compliance with security policies.- Monitor firewall logs and network activity to identify and respond to security incidents or misconfigurations.- Participate in security assessments, rule base cleanups, and change management processes.- Assist in the development of network security policies and procedures.- Collaborate with security teams, network engineers, and system administrators to implement robust defense-in-depth strategies.- Stay current on evolving cybersecurity threats and recommend improvements to firewall architecture and policies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Good To Have Skills: Experience with network security protocols and practices.- Strong understanding of threat intelligence and incident response.- Familiarity with compliance frameworks such as ISO 27001 and NIST.- Experience in conducting vulnerability assessments and penetration testing. Additional Information:- The candidate should have minimum 2 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Email Security Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented Proofpoint Email Security and DLP Administrator to manage, maintain, and optimize our organization's email security infrastructure. This role will focus on administering Proofpoints security and DLP solutions to ensure strong email protection, policy enforcement, and data loss prevention. Roles & Responsibilities:-Administer and manage Proofpoint Email Protection platform including policy configuration, spam/quarantine management, and advanced threat protection (e.g., TAP, TRAP).-Configure and maintain Proofpoint DLP policies to detect and prevent unauthorized transmission of sensitive data.-Monitor and analyze email traffic for threats such as phishing, spoofing, malware, and ransomware.-Respond to security alerts and conduct incident investigations involving email-based threats and data exfiltration attempts.-Implement email filtering rules, quarantine settings, and encryption policies based on compliance and business requirements.-Regularly review and optimize security policies and rulesets to ensure alignment with organizational risk and compliance frameworks.-Collaborate with the IT security team to identify and mitigate vulnerabilities and emerging email-based threats.-Generate reports and dashboards on email security events, DLP violations, and compliance metrics.-Assist in integrating Proofpoint with SIEM and other threat intelligence platforms.-Perform user training and awareness for phishing and DLP-related topics.-Ensure proper backup and redundancy configurations are in place for email protection systems. Professional & Technical Skills: - Must To Have Skills: Proficiency in Email Security.- Strong understanding of cloud security principles and frameworks.- Experience with security compliance standards such as ISO 27001, NIST, or GDPR.- Knowledge of risk assessment methodologies and security architecture design.- Familiarity with incident response and threat management processes. Additional Information:- The candidate should have minimum 5 years of experience in Email Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : Bachelor or college degree in related field or equivalent work experience" Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of the cloud security controls and transitioning to cloud security-managed operations. Roles & Responsibilities:Customize SIEM rules and correlation policies to meet the organization's specific security requirementsMonitoring and Analysis:Monitor security alerts and events generated by the SIEM systemConduct in-depth analysis of security incidents, identifying and mitigating potential threatsIncident Response:Respond promptly to security incidents, providing coordination and support for incident resolutionDocument and report incidents, including the root cause analysis and remediation stepsThreat Intelligence Integration:Integrate threat intelligence feeds into the SIEM for proactive identification of emerging threatsStay abreast of the latest cyber threats, vulnerabilities, and industry best practicesSecurity Compliance:Ensure SIEM configurations and processes align with relevant security standards and compliance requirementsParticipate in audits and assessments to demonstrate compliance with security policiesCollaboration:Work closely with other security professionals, IT teams, and stakeholders to enhance overall security postureProvide support and guidance to incident response teams during security incidents Professional & Technical Skills: - Must To Have Skills: Experience in Security Information and Event Management (SIEM) Operations.- Good To Have Skills: Experience in cloud security technologies such as AWS, Azure, or Google Cloud Platform.- Strong understanding of security architecture principles and best practices.- Experience in developing and maintaining security policies, standards, and procedures.- Experience in managing security incidents and providing technical guidance and support.- Excellent communication and collaboration skills. Additional Information:- The candidate should have a minimum of 3 years of experience in Security Information and Event Management (SIEM) Operations.- The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with a proven track record of delivering impactful security solutions.- This position is based at our Bengaluru office. " Qualification Bachelor or college degree in related field or equivalent work experience

We are seeking a highly experienced Cybersecurity Solutions Specialist to drive technical engagements and solution design for enterprise clients. This role combines strategic presales leadership with hands-on cybersecurity expertise, including L3 support, SOC operations, and threat intelligence. You will act as a trusted advisor to clients, guiding them through complex security challenges and aligning solutions with business needs. Lead technical discovery sessions and design tailored cybersecurity solutions. Deliver product presentations, demos, and Proof of Concepts (PoCs). Respond to RFPs/RFIs and develop comprehensive technical proposals. Evaluate new technologies, tools, and processes for inclusion in solution offerings. Manage and operate security tools including SIEM, IDS/IPS, EDR, DLP, and firewalls. Implement and maintain SOC and ISMS frameworks aligned with ISO 27001. Conduct threat intelligence analysis and stay updated on emerging threats. Perform vulnerability assessments, penetration testing, and system hardening. Analyze and respond to software/hardware vulnerabilities and security log data. Conduct security audits and document incident response procedures. Hands-on experience with EDR, Anti-Virus, Vulnerability Management, Forensics, and Encryption. Experience in cybersecurity presales, solution architecture, or consulting. Strong knowledge of security domains including: Network Security (Firewalls, IPS/IDS) Endpoint Security (EPP, EDR, XDR) Cloud Security (Azure, AWS, GCP) Identity & Access Management (IAM, PAM) Data Protection (DLP, encryption) Security Operations (SIEM, SOAR) Strong scripting skills (Python, PowerShell, Bash) for automation and analysis. Familiarity with MITRE ATT&CK framework and threat intelligence platforms. Experience in cybersecurity, including L3 support and presales roles. Advanced certifications preferred: CISSP, CISM, CEH, OSCP, GCIA, GCIH, CASP, CompTIA Security+ or vendor-specific certifications (e.g., Palo Alto, Fortinet, Microsoft Security). Strong understanding of cyber-attacks, threat vectors, risk management, and incident response. Flexible to work in 24x7 operations and rotational shifts.

Say hello to possibilities. Its not everyday that you consider starting a new career. We’re RingCentral, and we’re happy that someone as talented as you is considering this role. First, a little about us, we’re the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. We’re a $2 billion company that’s growing at 30+% annually. Job Type: Full-Time Department: Security This is a great opportunity to work at a rapidly growing, market leading Unified Communications as-a-service company. RingCentral provides Voice-over-IP (VoIP), hosted PBX, voicemail, SMS, e-fax, and HD video meeting solutions for business. About this role: As a SOC Analyst at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentral’s global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel. Successful Candidates will: Have proven skills in application security, security monitoring, incident response and intrusion analysis Have strong knowledge of the diverse methods and technologies used to attack web/mobile/desktop applications, SaaS infrastructure, and data Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills Demonstrated track record of quality processes in candidate’s work history Be strongly self-motivated with an aptitude for both individual and team-oriented work Have experience following and refining standard operating procedures and playbooks Responsibilities: Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment Engage teams within and outside of RingCentral to mitigate and resolve cases Maintain relevant documentation and audit artifacts Identify and track suspicious system activity Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems This role participates in on-call rotations Qualifications / Requirements: 3+ years in a security engineering, SRE, or SOC roles in a cloud services environment Experience with SIEM Experience investigating security incidents Basic knowledge AWS or GCP Experience with IDS, case management, and related tools and practices Experience with Linux, RedHat preferred Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc. Knowledge of network, VoIP and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP) Preferred Skills/Experience: Any combination of the following certifications: GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) GNFA (GIAC Certified Network Forensic Analyst) GCFE (GIAC Forensic Examiner) GASF (GIAC Advanced Smartphone Forensics) GICA GCTI (GIAC Certified Cyber Threat Intelligence) GPEN (GIAC Certified Pentester) GWAPT (GIAC Certified Web Application Pentester) GPYC (GIAC Certified Python Coder) OSCP (Offensive Security Certified Pentester) Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events Strong knowledge of Microsoft Windows Experience automating security tasks, including scripting, programming and/or SecDevOps Experience working with global teams

: Job TitleCSA SIEM Admin (Sentinel) Corporate TitleAssistant Vice President LocationBangalore, India Role Description The COO Chief Information Security Office (CISO) is responsible for addressing information security risks to the Deutsche Bank global IT, as a Security Engineer-AVP, you will play a key technical role in our SIEM Operations team within the Global Cyber Security Engineering & Architecture organization. You will serve as a technical expert for the platform engineering and provide 24x7x365 support for critical security technologies. The role primarily entails hands on technical product design, build & support of multi SIEM platforms Microsoft Sentinel, Chronicle,Splunk. You will be part of a global SIEM Operations Team. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Configure, manage, and optimize Microsoft Sentinel for efficient threat detection and response. Ensure SIEM infrastructure is running optimally, including performance monitoring and issue resolution. Regularly update and optimize SIEM policies, rules and configurations based on evolving threats. Onboard, configure, and manage data connectors from various log sources, including cloud, on-premises, and hybrid environments. Ensure log ingestion health and troubleshoot data collection issues. Develop, implement, and fine-tune analytics rules, detection logic, and playbooks in Sentinel. Assist SOC and incident response teams with log analysis, threat correlation, and incident investigation. Reduce false positives by refining detection rules and optimizing event filtering. Implements and maintains Splunk platform infrastructure and configuration. Designs and optimizes Splunk platform architecture for large-scale and distributed deployments. Good understanding of security frameworks, vulnerability management, and incident response Implement and enhance automation using Kusto Query Language (KQL), Logic Apps , and Microsoft Defender XDR integrations. Maintain SIEM compliance with security policies, industry regulations (e.g., GDPR, NIST, ISO 27001), and best practices. Generate reports and dashboards to provide visibility into security posture and SIEM performance. Experience managing Linux and Windows agents in a Splunk environment. Strong understanding of Splunk system architecture and best practices. Work with SOC, IT, and Cloud Security teams to enhance Sentinel capabilities. Document SIEM configurations, detection use cases, and operational procedures. Incident & Problem Management, Change & Release Management, Vendor Management, Capacity Management functions for the platform. Maintain up-to-date knowledge of technology standards, industry trends, emerging technologies, and cyber security best practices. Ensure technical issues are quickly resolved and help implement strategies and solutions to reduce the likelihood of recurrence. Passionate about data to drive information-based security analytics. Value add - Person in having experience in Cloud Management, Splunk and Chronicle. Your skills and experience The candidate must have Engineering Background in Computer Science, Information Technology, Cybersecurity or related field and a minimum of 8+ years of experience with recent experience in Security engineering, system administration, network engineering, software engineering/development with a focus on Cybersecurity. 8+ years of IT engineering experience with recent experience in building and managing infrastructure and security platforms. 3+ years of Experience implementing, architecting and administering SIEM platforms like Sentinel, Chronicle, Splunk for a large global organization. Knowledge of Azure services and data ingestion from those services into SIEM. Familiarity with MITRE ATT&CK, cyber threat intelligence and SOC Workflows Understanding of SOAR Principles Hands on Experience with Microsoft Azure platform, managing various configurations to enable & manage Sentinel. Experience developing in XML, Bash,Python, and PowerShell scripts. DevOps Engineering experience.(Terraform, SDLC, Actions) Independent, self-motivated, proactive approach to problem solving and prevention. Excellent written and verbal communication skills. Passionate about cyber security and the aptitude to identify and solve security problems. How well support you About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

: Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What well offer you , 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How well support you . . . . About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Essential knowledge• Have over 8+ years of rich experience in information security domain and at least 4-6 years of dedicated experience in Threat-hunting.• Proficiency in using threat intel platforms such as CybelAngel, ThreatConnect, Recorded Future, DarkTrace etc.• Proficiency in using SIEM and SOAR solutions.• Strong understanding of network protocols and security technologies.• Strong understanding of endpoint detection and response (EDR) tools.• Excellent analytical and problem-solving skills• Preferably worked in BFSI domain with proven experience in SOC function.• Knowledge of key security standards and regulations such as NIST 800-61, CERT/CC, ISO 27035 etc.Skills and Application• Maintaining up-to-date knowledge of security landscape, threats, attack patterns and counter measures• Assess and design threat-hunting processes through solutions, tools and methodologies• Reviewing use cases/playbooks for integrating threat-intel• Continuously monitor security hygiene and performance using tools and processes• Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilienceOther• Knowledge of evolving advanced tech stacks and related control and risk universe from a threat-hunting perspective.• The ideal candidate will have a technical or computer science degree.• Professional certifications: GCIH, CISSP, CEH,etc.

Job Summary Experienced Vulnerability Management and penetration testing Governance lead will manage a team to oversee the identification, assessment, and remediation of security vulnerabilities across enterprise systems. This role will focus on establishing a proactive security posture, ensuring compliance with industry standards, and driving governance initiatives to mitigate risks effectively along with strong leadership and project management skills. Vulnerability Assessment: Lead regular vulnerability scans and penetration testing across infrastructure, cloud environments and outside-In. Security Baseline: Lead development and implementation of Security Baseline using CIS Benchmarks by determining the systems, applications, and network devices to be secured (e.g., Windows, Linux, Cloud, Docker, Kubernetes). Risk Analysis & Prioritization: Evaluate identified vulnerabilities based on severity, exploitability, and potential business impact. Remediation Planning: Collaborate with IT, security, engineering and entity teams to ensure timely remediation of high-risk vulnerabilities. Governance & Compliance: Develop and enforce security governance frameworks in line with industry standards (e.g., NIST, CIS, ISO 27001, PCI-DSS). Threat Intelligence Integration Leverage global threat intelligence feeds to stay ahead of emerging security threats and vulnerabilities. Security Policy Development: Define policies and best practices for vulnerability management, reporting, and remediation. Automation & Continuous Monitoring: Implement automated vulnerability scanning tools and ensure ongoing security assessments. Incident Response Support: Provide technical guidance in vulnerability-related security incidents and audits. Reporting & Metrics: Establish key risk indicators and provide executive reports on vulnerability trends and remediation progress. Experience: 12+ years in cybersecurity, vulnerability management, or Penetration testing roles. Technical Expertise: Hands-on experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Nessus, OpenVAS), penetration testing and threat intelligence platforms. Penetration Testing & Ethical Hacking Experience with tools like Metasploit, Burp Suite, Nmap, and Wireshark for real-world security assessments. Security Framework Knowledge: Strong understanding of NIST, CIS benchmarks, OWASP Top 10, and CVSS scoring models. Compliance Awareness: Familiarity with regulatory standards affecting security risk management. Leadership & Communication: Ability to coordinate with multiple stakeholders, drive security improvements, and articulate risks effectively. Certifications such as CISSP, CISM, CEH, OSCP or equivalent. Experience in cloud vulnerability management (AWS, Azure, GCP). Knowledge of DevSecOps practices and security automation. Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

We are looking for a Lead Cybersecurity Engineer with deep technical expertise and leadership experience to drive innovative threat detection solutions and lead a team of security engineers. The ideal candidate will bring hands-on experience in research & development (R&D) , demo environment creation , endpoint security , SIEM operations , and cloud-native tools such as Azure Sentinel and the Microsoft Defender suite . This role will play a strategic part in shaping our security detection roadmap and mentoring a high-performing team. Key Responsibilities: Technical Leadership & Strategy Lead a team of cybersecurity engineers in R&D, detection engineering, and solution design. Define detection strategies and oversee implementation of new use cases across tools. Collaborate with security architects, threat intel, and SOC teams for end-to-end threat coverage. R&D & Security Innovation Drive continuous improvement through security research, PoCs, and new technology evaluations. Analyze evolving threats and proactively build defense strategies and custom detections. Lead the development of security content aligned with frameworks like MITRE ATT&CK. Demo Environment & Simulation Lab Design and lead the creation of demo/test environments to simulate real-world threats. Automate environment deployment for testing security tools, rules, and threat scenarios. Build reusable assets and playbooks for internal enablement and customer-facing demos. Endpoint & SIEM Security Lead implementation and optimization of Microsoft Defender for Endpoint , Defender for Identity , and Defender for Cloud . Oversee the configuration and tuning of Azure Sentinel , including custom KQL queries, analytics rules, and automation via playbooks. Ensure integration of diverse log sources and enrichment for advanced threat detection. People & Process Management Mentor junior engineers and promote skill development across the security engineering team. Establish standards and documentation for security engineering best practices. Drive cross-functional collaboration with IT, Cloud, Compliance, and SOC stakeholders. Required Skills & Experience: 8+ years in cybersecurity roles, with 3+ years in a leadership or senior engineering position . Strong hands-on experience with: Azure Sentinel (KQL, workbooks, playbooks) Microsoft Defender for Endpoint, Identity, and Cloud Endpoint security, EDR, and threat detection Security lab/demo environment setup Excellent understanding of security frameworks (MITRE ATT&CK, NIST, etc.). Strong scripting and automation skills (PowerShell, Python, etc.). Experience managing or mentoring technical teams and delivering complex security projects.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities:- Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities)- Collaborate and manage the team to perform- Responsible for decisions on team management, financial, project transitions- Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop and implement security operations strategies, processes, architecture standards and guidelines- Conduct security reviews and manage internal/external audits- Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management.- Strong understanding of threat intelligence analysis- Knowledge of security compliance frameworks- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at Bengaluru office.- 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities:- Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities)- Collaborate and manage the team to perform- Responsible for decisions on team management, financial, project transitions- Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop and implement security operations strategies, processes, architecture standards and guidelines- Conduct security reviews and manage internal/external audits- Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management.- Strong understanding of threat intelligence analysis- Knowledge of security compliance frameworks- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at Gurugram office.- 15 years of full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As SOC Operations Manager, you will oversee and manage day to day activities of a security operations center on Security incident management delivery. You will be expected to support the documentation, enhancement of SOC Operations through SIEM for external client service. Roles & Responsibilities:- Should be an SME in SOC Operations (SIEM Infrastructure and Incident Response activities)- Collaborate and manage the team to perform- Responsible for decisions on team management, financial, project transitions- Engage with multiple teams and contribute on key decisions on project intake, solution reviews and end to end incident response cycle- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop and implement security operations strategies, processes, architecture standards and guidelines- Conduct security reviews and manage internal/external audits- Support continuous service improvement cycle, through collaboration with Onshore or client stakeholders Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), deep understanding of cybersecurity principles, threat detection, and incident management.- Strong understanding of threat intelligence analysis- Knowledge of security compliance frameworks- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education