185 Threat Intelligence Jobs - Page 7

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Cyber Threat Intelligence Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide insights that enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cyber Threat Intelligence.- Strong understanding of cloud security principles and frameworks.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security compliance standards such as ISO 27001, NIST, and GDPR.- Ability to analyze and respond to security incidents effectively. Additional Information:- The candidate should have minimum 3 years of experience in Cyber Threat Intelligence.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Endpoint Extended Detection and Response Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled cybersecurity professional with hands-on experience in managing and optimizing CrowdStrike EDR, FIM, Host Firewall, MxDR solutions. As a CrowdStrike EDR Specialist, you will play a critical role in endpoint threat detection, incident response, and continuous monitoring of the enterprise environment to identify and remediate cyber threats. Roles & Responsibilities:-Deploy, configure, and maintain CrowdStrike Falcon EDR agents across enterprise endpoints.-Monitor CrowdStrike dashboards and alerts for suspicious activity, malware, and unauthorized behavior.-Investigate, analyze, and respond to endpoint-related security incidents.-Create and tune detection rules, indicators of compromise (IOCs), and response workflows.-Collaborate with SOC teams, IT administrators, and incident responders on security investigations.-Perform threat hunting using CrowdStrike Falcon and other tools.-Develop reports and dashboards that provide visibility into the EDR environment and incident trends.-Ensure EDR platform integration with SIEM and other cybersecurity tools.-Stay updated on emerging threats and recommend configuration or policy improvements.-Knowledge and Exposure on Service Now ticketing for Incident Management, Problem Management and Change Management. Professional & Technical Skills: -Experience in a EDR (CrowdStrike) or threat detection role.-Strong hands-on experience with CrowdStrike Falcon EDR (deployment, policy management, investigation, etc.).-Solid understanding of malware, endpoint threats, and attack vectors.-Familiarity with MITRE ATT&CK framework and threat intelligence principles.-Experience with scripting (PowerShell, Python, etc.) and automation tools is a plus.-Knowledge of SIEM platforms (Splunk, QRadar, etc.) and their integration with EDR.-Relevant certifications preferred (e.g., CrowdStrike CCFA, FIM, Azure Fundamental). Additional Information:- The candidate should have minimum 3 years of experience in Endpoint Extended Detection and Response.- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the architecture aligns with organizational objectives, while also addressing any emerging security challenges in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular assessments of security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and threat intelligence.- Familiarity with compliance frameworks and regulatory requirements.- Ability to analyze security risks and develop mitigation strategies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and ensuring the integrity and confidentiality of data. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Design and implement security solutions to protect the organization's cloud infrastructure.- Collaborate with cross-functional teams to ensure the integrity and confidentiality of data.- Conduct risk assessments and develop strategies to mitigate security risks.- Stay up-to-date with the latest security trends and technologies.- Ensure compliance with industry standards and regulations.- Train and educate employees on security best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Strong understanding of cloud security principles and best practices.- Experience with cloud security technologies and tools.- Knowledge of network security protocols and technologies.- Familiarity with security frameworks and standards such as ISO 27001 and NIST.- Good To Have Skills: Experience with cloud platforms such as AWS or Azure.- Experience with security incident response and management.- Knowledge of threat intelligence and vulnerability management.- Understanding of identity and access management concepts.- Solid grasp of encryption and cryptographic techniques. Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Architecture Design.- This position is based at our Mumbai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain security policies and procedures to ensure compliance with regulatory requirements.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and threat intelligence.- Familiarity with security frameworks such as NIST, ISO 27001, and CIS.- Ability to analyze and interpret security logs and alerts. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-Qualys Platform Ownership & Optimization:Act as the Qualys SME, leading the end-to-end lifecycle of vulnerability management using Qualys, including scanner appliance deployment, asset tagging, scan scheduling, and template creation.Configure and manage Qualys Global AssetView, Cloud Agents, and Scanner Appliances (physical and virtual) for internal, external, and authenticated scans.Develop and fine-tune custom scan templates to reduce false positives/negatives, tailored to OS, application stack, and business unit needs.Leverage Qualys Tagging, Dynamic Asset Groups, and Query Language (QQL) to segment, track, and report on assets across on-prem, cloud, and hybrid environments.Vulnerability Lifecycle Management:Analyze vulnerability data, correlate with threat intelligence, and provide risk-prioritized remediation plans to infrastructure, cloud, and devops teams.Build automated ticketing workflows with platforms like ServiceNow, integrating Qualys findings directly into change management processes.Design and deliver actionable dashboards and reports for different audiences (CISO, IT Ops, Audit, DevSecOps).Policy Compliance & Governance:Implement and manage Qualys Policy Compliance (PC) for baseline configuration and hardening checks aligned with CIS, NIST, ISO, and custom policies.Collaborate with GRC teams to support audits, compliance initiatives, and regulatory mandates (e.g., PCI-DSS, HIPAA, SOX).Strategic & Technical Leadership:Work cross-functionally to evangelize vulnerability management best practices, educate stakeholders, and shift security left in development and operations lifecycles.Identify opportunities to automate manual processes through APIs, scripting (Python, Bash, PowerShell), and integrations with DevOps tools.Stay ahead of new Qualys features/releases and coordinate their controlled rollout across environments.________________________________________ Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations- Strong understanding of cloud security principles- Experience with security architecture design- Knowledge of security compliance standards- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Red Teaming Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will oversee the strategic planning and execution of red team operations to emulate real-world threats and uncover security weaknesses across the organization. Your typical day will involve planning, scoping and conducting red team operations, including social engineering, network exploitation, and post-exploitation activities along with leading a team of offensive security experts, and aligning red team efforts with business risk priorities. You will work closely with incident response, and threat intelligence teams to identify detection gaps and provide actionable insights, ensuring the organization remains prepared against evolving threats, while fostering a culture of continuous learning and adversary-aware defense. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Plan, scope, and execute red team exercises simulating real-world attack scenarios.- Perform threat modeling and adversary emulation exercises based on MITRE ATT&CK framework.- Conduct internal and external penetration tests, including physical security and social engineering engagements.- Design and deliver phishing campaigns and other social engineering attacks to test human security posture.- Establish and manage command-and-control (C2) infrastructures using tools like Cobalt Strike.- Perform post-exploitation tasks including lateral movement, Active Directory (AD) exploitation, privilege escalation, and data exfiltration.- Identify gaps in detection and response capabilities and provide detailed reports and remediation recommendations.- Collaborate with Blue Team and Incident Response to enhance organizational defense.- Continuously research emerging threats, TTPs, and contribute to the development of new testing methodologies.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills.- Monitor and evaluate the effectiveness of security measures and recommend improvements. Professional & Technical Skills: - Deep understanding of red team tactics, techniques, and procedures (TTPs) align with MITRE ATT&CK framework.- Proven experience in conducting end-to-end red team engagements across different environments (on-prem, cloud, hybrid).- Proficient with red team tools such as Cobalt Strike, Mythic, Metasploit, Bloodhound, Sharp hound, PowerShell Empire, Impacket- Expertise in EDR/AV evasion techniques, custom payload development, and OPSEC-aware operations.- Skilled in Active Directory attacks, Kerberoasting, Pass-the-Hash/Ticket, and Golden/Silver ticket attacks.- Proficient in hardware-based and physical attack techniques including Rubber Ducky payload deployment, planting rogue devices such as LAN Turtle, Raspberry Pi, NAC bypass. Executing Wi-Fi attacks like Evil Twin attacks, and RFID cloning for physical access simulation and red team engagements.- Strong knowledge of data exfiltration methods and covert communication channels.- Experience with phishing toolkits and infrastructure for social engineering campaigns.- Familiarity with scripting and automation using PowerShell, Python, or Bash.- Comfortable working under strict ethical and legal boundaries, with a strong focus on operational safety. Additional Information:- The candidate should have minimum 7.5 years of experience in Red Teaming.- Certifications- OSCP, OSEP, CRTP, CRTE, CRTO.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

: Job Title Information Security Specialist Corporate Title Assistant Vice President LocationPune, India Role Description Everyday DB observes thousands of cyber security intrusion attempts. Deutsche Banks COO Chief Security Office (CSO) integrates both Corporate Security (CS) and Information Security (CISO) as both teams are responsible for mitigating these risks. The CSO team enables the business of Deutsche Bank by providing agile security operational capabilities. With their expertise in Threat Intelligence, Cyber Threat Analytics, Malware Response & Research, Security Monitoring, Incident Response, Forensics and Vulnerability Management, they provide global services from key locations in Frankfurt, Jacksonville and Singapore while leveraging offshore capabilities in Pune and Bucharest. Deutsche Bank AG is looking for Cyber Security professional to support the banks global security monitoring and threat detection capabilities. This role requires a heavy focus on all areas of security monitoring, risk management on privileged access management and familiarity with regulations impacting technology (e.g. MAS TRM Guidelines), requiring at least 5 to 8 years of experience. Candidate will be responsible to provide an oversight of the various security monitoring process to manage security risks and to drive the organizations compliance to regulatory and audit requirements including facilitation of audit activities, address process related queries and drive automation and audit remediation projects. The candidate will need to drive process improvements, procedure document updates, KPI monitoring and operations team management. Candidate will engage across all functional areas of business, operations, and global technologies working in a dynamic, multi-OS environment. This role will play a vital role in present organizations compliance to regulators and managing interactions with auditors. The chosen candidate will be required to provide a degree of strategic, tactical, and day-to-day operational experience to enhance the overall security monitoring, detection, and mitigation process. Candidate must also possess excellent soft skills and verbal communications dealing with senior executive management, customers, clients, auditors, and third-party vendors. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Oversee the performance, efficiency, and accuracy of security monitoring operations team ensuring SLAs are met. Proactively review, propose, and implement process changes and monitoring improvements to remediate most significant risks including audit findings, self-identified issues, compliance issues, control gaps and regulatory requirements. Identify opportunities for streamlining of control processes, develop and socialize potential risk mitigation strategies particularly in privileged access management (e.g., bypass monitoring, session log review), and work with various divisions to execute. Improve the delivery of effective control process through technical review and process quality checks. Provide support in the delivery of effective governance including tracking and reporting. Ensure proper training of monitoring teams on new coverage and use cases. Offer subject-matter expertise and act as escalation point when required. Prepare and present monthly functional and operational report. Manage stakeholder queries, facilitate audit activities, and address data requests in a timely manner. Collaborate across CSO and technology teams to respond to internal and external audits, and regulatory inquiries and assessments. Drive automation projects and manage audit remediation deliverables to closure. Practice and promote good risk culture and risk management to manage the risks within banks appetite. Act as primary point-of-contact for regulatory inquiries and engagements. Collaborate with internal and external auditors and stakeholders, providing necessary evidence and artefacts, to facilitate audit processes. Your skills and experience Minimum 5 to 7 years of working Experience with security monitoring platforms and workflows. Proven Experience in area of privileged access management specifically in session log review and bypass monitoring. Proven experience and In-depth knowledge of technology regulations and understanding of regulatory risk management specially of MAS requirements and guidelines. Proven experience and strong understanding of audit process and compliance monitoring and reporting. Analytical mindset and ability to identify, assess and address compliance gaps and security risks. Strong operational background in risk analysis and risk identification. Degree from a university or major course work in computer science, networking, engineering, or other computer-related field of study. One of the following certifications will be an advantageCISSP, CISM, CISA, CRISC Expectations It is the Banks expectation that employees hired into this role will work in the office at least 2-3 days a week in accordance with the Banks hybrid working model. How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs.

The SOC Analyst is responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents using a variety of tools and technologies. This role is critical in protecting the organizations digital assets and ensuring compliance with security policies and standards. Monitor SIEM systems and security tools for suspicious activity. Analyze and respond to security incidents and threats. Stay updated on threat intelligence and attack trends. Review logs from firewalls, IDS/IPS, and antivirus tools. Escalate critical incidents and document findings. Support vulnerability management and remediation tracking. Configure and tune security tools like SIEM and EDR. Ensure compliance with security policies and audits. Collaborate with IT and network teams on investigations. Contribute to process improvements and incident playbooks. Primary Skills SIEM (e.g., Splunk, QRadar, ArcSight) Incident Response Log Analysis Threat Intelligence Secondary Skills Scripting (Python, PowerShell, Bash) Cloud Security (AWS, Azure, GCP) Endpoint Detection and Response (EDR)

Senior individual delivery role for complex security functions reducing risk, improving defensive capabilities, and mitigating cyber threats to both Thomson Reuters and its customers. Works with Lead Cyber Defense Individual Contributors and Cyber Defense People Leaders to deliver high-quality and innovative cyber defense security solutions across the enterprise by applying analytic, engineering, or other relevant technical expertise. Employs critical subject matter knowledge to identify, develop, and deploy solutions to key operational cyber defense challenges across a range of functions. About the Role: Delivers high quality solutions across cyber security functions including, but not limited tothreat detection, cyber threat intelligence, network security, incident response, insider threat prevention, defensive platforms and engineering, vulnerability management, and attack surface reduction. Drives continuous improvement in key cyber defense capabilities by streamlining technology acquisition and deployment, engineering solutions, and implementing innovative processes and procedures that increase efficiency, enhance performance, and reduce risk. Executes cyber security plans, activities, and policies that protect Thomson Reuters’ information infrastructure, customer base, and products. Assists in maturing cyber defense capabilities, enforces organizational security principles and industry recognized best practices, and demonstrates responsible resource management. Works independently or as part of functional project teams to implement security controls, monitor and mitigate threats, tune and optimize security appliances, coordinate with enterprise information services teams, interface with product teams, or other tasks associated with cyber defense and cyber fusion centers. About you: Youre a fit for the Senior Cyber Security Platform Engineer if you Have at least 5 years of CyberSecurity experience (Administration and Security Tools and Threat Intelligence Platforms) Knowledge and proven experience with AWS Proven experience with Python and Linux. Proven Experience dealing with the administration of cybersecurity tools. Troubleshooting and support on the integration and automation of process flows. Knowledge in MISP and Confluence. #LI-HS1 What’s in it For You Hybrid Work Model We’ve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrow’s challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. About Us Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

Threat hunting experience is must. Familiarity with threat intelligence sources and frameworks (MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Ability to proactively find cybersecurity threats and mitigate them. Knowledge about Advanced persistent threats and treat actors, their TTPs. Ability to recognize attack patterns and corelate them with specific threat actors. Ability to obtain as much information on threat behaviour, goals and methods as possible. Knowledge of Analytics platforms for carrying out detailed analytics of obtained telemetry.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- SOC Operations:Lead and manage day-to-day operations of the SOC, including Tier 13 security analysts.Oversee security monitoring, threat detection, incident response, and threat intelligence activities.Ensure continuous tuning and enhancement of SIEM and EDR tools.Create and maintain incident response playbooks and workflows.Collaborate with infrastructure and application teams during security events.Security Governance, Risk & Compliance:Develop and enforce cybersecurity policies, standards, and procedures aligned with business objectives and regulatory requirements.Coordinate risk assessments, audits, and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA).Lead security awareness and training initiatives across the organization.Track and report on cybersecurity risks, mitigation plans, and audit findings.Partner with legal, audit, and compliance teams to ensure alignment with industry and legal frameworks.Strategic Leadership:Provide executive-level reporting on threat posture, key risks, and SOC performance.Guide long-term planning and roadmap development for security operations and governance initiatives.Mentor and develop SOC staff and GRC team members.Stay current with industry trends, threat landscape changes, and evolving compliance standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.-Reccomend use case fine tuning-Regularly review use cases and suggest enhancements. -Run internal Table top exercises to help train the team-Maintain IR quality as per industry standards Additional Information:- The candidate should have minimum 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Job Description- Cyber Defense Analyst We are looking for the next superstar Cyber Security Analyst to join our managed services team. Youll be part of a team responsible for the delivery of 24x7 security monitoring and analysis, with a primary focus on incident response and threat hunting. This is a customer-facing role and top-notch communication skills are absolutely essential. The Role Monitor, triage and respond to reported security incidents. Proactively hunt and manage unreported (aka. silent) phishing attacks (Intrusion Detection) Gather information, run correlation analysis and forensics to inform risk assessment Actively and timely communicate information about incidents or potential incidents to the wider team as per escalation policies Write post-incident reports Where required, develop security frameworks, contribute to run books, and lead the implementation of new security tools Work across multiple domains and technology stacks to identify vulnerabilities Ideal Personality Passion for cybersecurity Perseverance and tenacity Strong willingness to learn Logical problem-solver with a strongly analytical bent of mind Detail-oriented Ability to maintain a cool head and take decisive action in time-critical situations Natural team player. Good at building and maintaining relationships across the team, as well as getting others on board Understands the importance of proactive and clear communication in a large, busy environment Skills Very strong communication skills, report-writing and verbal communication. You must be excellent at explaining what's happening to other people in a clear and timely manner. Ability to identify, classify and breakdown the taxonomy of various types of phishing attacks. Good understanding of networks, applications, databases, systems, Active Directory, Cloud platforms and how they work together. PowerShell or Python scripting knowledge. Demonstrable expertise in any 4 of the following: Incident Management & Response, Threat Hunting with EDR & SIEM, IPS/IDS, Endpoint Monitoring & Detection, and Forensics Good understanding of Information Security Standards and Frameworks like NIST, GDPR, ISO27001, CIS Benchmarks Knowledge of information security tools and techniques and current industry best practices Qualifications & Experience: 2-3 years of real-world experience dealing with wide-ranging Incident Response with a strong understanding of phishing incidents and their mitigation steps. 2-3 years of real-world experience working with SEGs or general email systems 2-3 years of real-work experience working with the SIEM solutions. 2-3 years of real-world experience working with EDR solutions. 2-3 years of experience with Threat Assessment and Mitigation methods, Vulnerability Analysis, risk mitigation, information gathering and reporting 2-3 years of experience working in enterprise security operations Security qualifications i.e. a relevant security-related certification or degree

Job Title: ServiceNow SecOps Engineer Experience: 3+ Years Employment Type: Full-Time Industry: IT Services & Consulting Functional Area: IT Security / Cybersecurity / ServiceNow Job Description: We are seeking a dynamic and experienced ServiceNow Security Operations (SecOps) Engineer with 3+ years of hands-on experience in implementing and supporting Security Incident Response, Vulnerability Response, and Threat Intelligence modules. The ideal candidate will have a strong background in cybersecurity workflows, integrations, and automation within the ServiceNow platform. Key Responsibilities: Implement, configure, and support ServiceNow SecOps modules : Security Incident Response (SIR) Vulnerability Response (VR) Threat Intelligence (TI) Configuration Compliance (optional) Integrate ServiceNow SecOps with security tools such as Tenable, Qualys, Splunk, QRadar, MISP , and Threat Intel feeds using REST APIs or IntegrationHub. Build and customize playbooks, workflows, and automation using Flow Designer or Workflow Editor. Maintain integration between CMDB and SecOps , ensuring asset-vulnerability mapping and incident correlation. Customize vulnerability scoring algorithms and support remediation planning with stakeholders. Develop and maintain dashboards, reports, and KPIs for security operations. Collaborate with SOC teams, IT teams, and developers to streamline threat and vulnerability management processes. Perform routine upgrades, patching, and configuration audits for the SecOps suite. Participate in incident triage and threat hunting activities as required. Required Skills: 3+ years of hands-on experience with ServiceNow SecOps modules . Strong knowledge of cybersecurity concepts , frameworks (NIST, MITRE), and response workflows. Experience in ServiceNow scripting (Business Rules, Script Includes, Glide APIs). Working knowledge of REST API integrations , JSON parsing, and MID Server configurations. Familiarity with SIEM and vulnerability scanners (e.g., Splunk, Tenable, Qualys). Good understanding of CMDB , CI relationships, and data quality practices. Strong communication and problem-solving skills. ITIL v4 and/or ServiceNow Certified Implementation Specialist SecOps (preferred). Education: Bachelors degree in Computer Science, Information Security, or related field. Relevant certifications are a plus: ServiceNow Certified Implementation Specialist SecOps CEH, Security+, or equivalent

Security Specialist, Incident Response Responsibilities includes • Lead security incident response in a cross-functional environment and drive incident resolution. • Lead and develop Incident Response initiatives that improve Allianz capabilities to effectively respond and remediate security incidents. • Perform digital forensic investigations and analysis of a wide variety of assets including endpoints. • Perform log analysis from a variety of sources to identify potential threats. • Build automation for response and remediation of malicious activity. • Write complex search queries in the EDR as well as SIEM tools for hunting the adversaries. • Works on SOAR cases, automation, workflow & Playbooks. • Integrating and working on Identity solutions. • Developing SIEM use cases for new detections specifically on identity use cases. Minimum Qualifications: • 5-10 years of experience in Security Incident Response, Investigations • Working experience in Microsoft On-prem and Entra ID solutions • Good knowledge in Active Directories and Tier 0 concepts • Very good knowledge of operating systems, processes, registries, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux. • Experience investigating and responding to both external and insider threats. • Experience with attacker tactics, techniques, and procedures (MITRE ATT&CK) • Experience analyzing network and host-based security events

Strong expertise in AWS Security Services, XDR, CrowdStrike, Zscaler, Proofpoint, Defender, WAF, API Security. Knowledge of network security, IAM, SIEM, & automation tools. Certifications as CISSP, CHFI, GCIH, AWS Security Specialty are preferred.

Job Title: Threat Intelligence Analyst Corporate Title: AVP Location: Pune, India Role Description As a Threat Intelligence AVP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What we’ll offer you As part of our flexible scheme, here are just some of the benefits that you’ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience Requirements 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How we’ll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htmRole & responsibilities Preferred candidate profile

The role involves monitoring security threats, responding to emergencies, and communicating critical incidents to stakeholders while ensuring high customer service standards. A proactive, detail-oriented professional who can work under pressure Required Candidate profile Fluent English (verbal/written) with international voice support experience (US/UK/AU accents). Proven incident management skills in a BPO/SOC/security operations setting. Strong customer service

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and ensuring the integrity and confidentiality of data. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Design and implement security solutions to protect the organization's cloud infrastructure. Collaborate with cross-functional teams to ensure the integrity and confidentiality of data. Conduct risk assessments and develop strategies to mitigate security risks. Stay up-to-date with the latest security trends and technologies. Ensure compliance with industry standards and regulations. Train and educate employees on security best practices. Professional & Technical Skills: Must To Have Skills:Proficiency in Security Architecture Design. Strong understanding of cloud security principles and best practices. Experience with cloud security technologies and tools. Knowledge of network security protocols and technologies. Familiarity with security frameworks and standards such as ISO 27001 and NIST. Good To Have Skills:Experience with cloud platforms such as AWS or Azure. Experience with security incident response and management. Knowledge of threat intelligence and vulnerability management. Understanding of identity and access management concepts. Solid grasp of encryption and cryptographic techniques. Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Architecture Design. This position is based at our Mumbai office. A 15 years full time education is required. Qualifications 15 years full time education

We are looking for a highly skilled and experienced Cyber Exercise Analyst to join our team in Bengaluru. The ideal candidate will have 2-4 years of experience in cyber security, with a strong background in risk strategy, digital identity, cyber defense, application security, and technology solutions. ### Roles and Responsibility Collaborate with cross-functional teams to develop and implement comprehensive cyber security strategies. Conduct thorough analysis of complex data sets to identify potential threats and vulnerabilities. Develop and maintain detailed documentation of cyber security processes and procedures. Provide expert guidance on cyber security best practices to stakeholders at all levels. Stay up-to-date with emerging trends and technologies in cyber security. Participate in incident response efforts to mitigate the impact of security breaches. ### Job Requirements Strong understanding of cyber security principles, including risk management and compliance. Experience with cyber security tools and technologies, such as SIEM systems and intrusion detection systems. Excellent analytical and problem-solving skills, with the ability to interpret complex data sets. Effective communication and collaboration skills, with the ability to work with diverse stakeholders. Ability to stay current with emerging trends and technologies in cyber security. Strong attention to detail, with a focus on delivering high-quality results. Expert knowledge of red teaming, tabletop exercises, cyber incident response, and threat intelligence processes. Experience in test documentation, red team report creation, threat intelligence report creation, and analysis for red teaming. Skilled in using information technology/security, proficient in writing technical documentation including manuals, policies, and procedures. Good time management skills and versatility to present to technical audiences. Knowledge of TIBER-EU is an added advantage.

Greetings from IT.. I am now hiring a Threat Detection Engineer for my Clients. Location: Bangalore, Gurugram. Experience: 6-13 Years N[P: Immediate-30 days Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE). Kindly share your resume at chanchal@oitindia.com

The role is within the Information Security Risk Management (ISRM) Cyber Fusion Engineering team responsible for the support of Thomson Reuters Cyber Defense Engineering Tools. The successful candidate will have the opportunity to learn - and provide skilled technical support - for our current infrastructure security toolset as well as our future security services within the technical operations environment. About the role: Support the development and maintenance of security tools and infrastructure such as Confluence, MISP Threat Intelligence Platform, and ServiceNow Security Incident Response. Help build and maintain cloud infrastructure in support of our technologies Collaborate with Cyber Defense teams such as the SOC, Threat Detection, Threat Intel, and Incident Response teams to understand feature and support needs. Act as an interface with other IT disciplines inside the larger organization to develop deployment pipelines for AWS infrastructure to meet Enterprise standards. About You: Bachelor's Degree with 3+ years IT or Information Security experience Scripting experience with Python and bash Foundational knowledge of AWS Application/Infrastructure administration experience in an Enterprise environment. Excellent customer service and communication (oral / written) skills required. Strong critical thinking, analytical, and troubleshooting skills. Must be able to accept delegated work on assigned projects and initiatives and complete them successfully with minimum supervision. Preferred Qualifications: Knowledge of/and experience with a Linux OS distribution. Hands on experience deploying and managing infrastructure in AWS Knowledge of/or experience with Infrastructure as Code technologies (e.g. Terraform, CloudFormation) and/or CI/CD pipeline technologies (e.g. AWS CodeBuild, CodePipeline, etc) Understanding of the principles of IaaS, PaaS, SaaS cloud environments Knowledge of/and experience in Cyber Security or Security+ certification Knowledge of/or experience with security orchestration, automation, and response (SOAR) tools. Understanding of network transport protocols and services (TCP/IP, syslog, DNS, ODBC, SFTP, SSH, PKI, etc.) Experience working in a large enterprise environment Whats in it For You? Join us to inform the way forward with the latest AI solutions and address real-world challenges in legal, tax, compliance, and news. Backed by our commitment to continuous learning and market-leading benefits, youll be prepared to grow, lead, and thrive in an AI-enabled future. This includes: Industry-Leading Benefits: We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, and hybrid model, empowering employees to achieve a better work-life balance. Career Development and Growth: ?By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Culture: Globally recognized and award-winning reputation for inclusion, innovation, and customer-focus. Our eleven business resource groups nurture our culture of belonging across the diverse backgrounds and experiences represented across our global footprint. Hybrid Work Model: Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Social Impact: Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives.

Role & responsibilities Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred. Lead and mentor the SOC team, fostering a culture of continuous improvement and collaboration. Oversee the day-to-day operations of the SOC, ensuring efficient incident detection, response, and recovery processes Collaborate with IT and business units to integrate cybersecurity measures into existing and new technology deployments Manage cybersecurity projects, including the selection and implementation of state-of-the-art security tools and technologies. Conduct regular security assessments, penetration testing, and proactive threat hunting to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC. At least 5 years of experience in cybersecurity, with a minimum of 3 years in a leadership role within an SOC environment. Extensive knowledge of and experience with cybersecurity regulations and standards. Proficient in managing and configuring security technologies (e.g., SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools). Demonstrated ability to lead and develop high-performing teams. Excellent problem-solving, communication, and presentation skills. Must be a flexible to work in US Shift

Role & responsibilities Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE) Preferred candidate profile

•Review and triage information security alerts, provide analysis and determine and track remediation and escalate as appropriate •Assist with log management and security information and event management (SIEM) solutions design and configuration Required Candidate profile Scripting in one of the common scripting languages (Python, Bash, Powershell) is an asset. CISSP Certification is a plus.