48 Xdr Jobs

We are seeking a Cloud Engineer to design, implement, and maintain cloud infrastructure (AWS, Azure, GCP). Key responsibilities include cloud architecture, system administration, automation, security, cost management, and documentation. Experience with migrating Exchange and SharePoint to cloud solutions is required. Collaborate with, cross-functional teams to design, implement, and maintain cloud infrastructure solutions. Provide technical guidance and support to resolve complex issues related to cloud services, Cyber Security, Networks. Perform regular assessments and audits to ensure the security, reliability, and efficiency of cloud environments. Participate in planning and executing cloud migration projects, including workload assessments, resource provisioning, and data migration strategies. Work as a Technical Consultant for Various Microsoft Technologies and its Security products. Hosted Exchange and Online Exchange Migration SharePoint and OneDrive Migration Teams, Enterprise Roaming Profile and Intune Deployment Spam Filters and Endpoint Security, EDR, XDR, NDR, MDR Work with Pass-through, Federated auth, SSO, Hybrid access, Cloud Sync, Delegation, Self Service. MFA, Conditional Policies, PIM, Vulnerabilities and risk assessment. Encryption, Risk Asses, Incidence management, VA, Penetration test, IDS/IPS, compliance

Job Description: As an L2 DLP Resource, you will be an integral part of our cybersecurity team located at a client site in BKC, Mumbai. Your primary responsibility will be to oversee and provide support for DLP, XDR, and EDR platforms, manage incident escalations at L2 level, and ensure the implementation of robust data protection measures. Your duties will include managing and troubleshooting DLP, XDR, and EDR security platforms, conducting root cause analysis for escalated incidents, and maintaining comprehensive technical documentation and incident reports. You will collaborate closely with compliance and IT teams to uphold data protection policies and may also be involved in operating and administering Forcepoint DLP solutions. The ideal candidate for this role should possess hands-on experience with DLP, XDR, and EDR technologies, demonstrate proficiency in incident handling and security operations at L2 level, and exhibit excellent documentation, communication, and analytical skills. Prior experience with Forcepoint or other enterprise-grade DLP tools would be advantageous. Additionally, flexibility for occasional travel to deployment locations such as Chennai, Hyderabad, or Lucknow is required for this full-time, onsite position based at the client's office in BKC, Mumbai. The job entails day and morning shifts, and the work location is in person. This is an excellent opportunity for a skilled professional to contribute to a dynamic cybersecurity environment and play a crucial role in ensuring effective data protection practices. Job Types: Full-time, Permanent,

The Security Operations Centre (SOC) department is seeking a candidate with strong oral and written communication skills. Experience in managing global customers, particularly in the US and Canada, is an advantage. The ideal candidate should be proficient in Incident Management and Response, with in-depth knowledge of security concepts such as cyber-attacks, threat vectors, risk management, and incident management. Strong familiarity with EDR and XDR is preferred. A strong understanding of various security solutions including EDR, XDR, NDR, EPP, Web Security, Firewalls, Email Security, O365, SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset Web Security, AV, UBEA, and Advanced SOC is required. The role involves working in a 24x7 Security Operation Centre (SOC) environment and includes creating, performing, reviewing, and delivering Incident Response playbooks and procedures. The responsibilities also include providing analysis and trending of security log data, threat and vulnerability analysis, security advisory services, and experience with Security Information Event Management (SIEM) tools. Hands-on experience in creating advanced correlation rules and conducting Vulnerability Assessments is a must. The candidate should have experience in threat hunting and forensic investigations. Other tasks and responsibilities may be assigned, including creating and fine-tuning rules, playbooks, etc. Strong knowledge of various operating systems such as Windows, Linux, and Unix, as well as TCP/IP Protocols, network analysis, and common Internet protocols and applications, is essential. Effective communication skills are required for contributing to the development and delivery of various written and visual documents for diverse audiences. Location: Ahmedabad Experience: 3-6 yrs Essential Skills/Certifications: GCFA, GCFE, CISP, CISSP, CCNP, CCIE Security, CEH; CSA If you meet the requirements and possess the essential skills/certifications, please send your CV to careers@eventussecurity.com.,

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Grow your career at Qualys where innovation and talent thrive! About Qualys: Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance, and IT solutions with over 10,000 subscription customers worldwide, including most of the Forbes Global 100 and Fortune 100. We help organizations streamline and automate security and compliance workflows onto a single platform, delivering greater agility, stronger security outcomes, and substantial cost savings. As part of the evolving Qualys Enterprise TruRisk Platform, we are expanding into Cloud Detection and Response (CDR) helping organizations detect active threats, manage cloud risk, and respond quickly in cloud-native, multi-cloud, and hybrid environments. We are building deep capabilities around cloud log analysis, eBPF-based runtime security, network security, and Zero Trust enforcement integrating technologies such as Sysdig Falco, Tetragon, and advanced runtime behavioral analytics. We are seeking a dynamic and experienced Senior Product Manager to join our growing Cloud Detection and Response (CDR) team at Qualys. In this role, you will drive the strategy and execution for key areas of our CDR product line focused on cloud threat detection, investigation, and automated response capabilities. You will bring a strong background in cloud security, detection and response technologies, and a can-do attitude to help global enterprise customers secure their cloud infrastructure and containerized workloads. You will collaborate closely with engineering, product design, product marketing, sales, and solution engineering teams, and interface with product leadership in a globally distributed environment. This is an exciting opportunity to have a high-impact role at a company known for innovation and trusted by the worlds leading enterprises. Qualifications: - Bachelors degree in Computer Science, Engineering, Cybersecurity, or a related technical field (MBA or equivalent experience preferred). - 5+ years of experience in product management, or 8+ years in a technical leadership, security engineering, or solution architecture role in cybersecurity or cloud security. - Deep understanding of cloud security, cloud-native environments (AWS, Azure, GCP), Kubernetes, and containerized workloads. - Familiarity with Cloud Detection and Response (CDR), CNAPP, or adjacent technologies such as SIEM, XDR, EDR, or threat hunting platforms. - Hands-on experience or strong working knowledge of cloud telemetry (e.g., AWS CloudTrail, Azure Activity Logs), cloud audit logging, and event-based threat detection. - Knowledge of modern runtime security technologies, including eBPF-based monitoring, Sysdig Falco, Tetragon, and cloud-native network security techniques. - Understanding of Zero Trust architectures and least-privilege enforcement in cloud environments. - Experience working with cybersecurity concepts such as malware detection, file integrity monitoring, secure configuration management, and policy compliance. - Strong analytical, organizational, and technical writing skills, with a data-driven approach to decision-making. - Exceptional communication skills, both technical and non-technical, across geographically distributed teams and customer environments. - Experience collaborating across multiple time zones and managing complex projects in a fast-paced environment. Role and Responsibilities: - Define and execute product strategy and roadmap for cloud detection and response capabilities within the Qualys platform. - Gather and prioritize requirements based on customer feedback, industry trends, and competitive analysis. - Develop clear product themes, epics, and user stories as input to engineering and design teams. - Work closely with engineering teams to deliver high-quality product features on time and within scope. - Drive key initiatives in cloud log ingestion and analysis, runtime threat detection using eBPF/Falco/Tetragon, network security analytics, and Zero Trust policy enforcement. - Actively engage with enterprise customers to understand needs, gather feedback, and validate product direction. - Track product success through metrics and KPIs, iterating based on customer impact and business outcomes. - Support product marketing with positioning, messaging, launch readiness, and field enablement. - Collaborate with sales teams to support key customer opportunities and strategic accounts. Join Us: This is a highly visible and impactful role where you will be part of a passionate and collaborative product team shaping the future of cloud security. If you're excited about building next-generation security solutions, helping customers stay ahead of modern threats, and growing your career at a company known for excellence and innovation - we would love to hear from you.,

As a Manager, Information Security Incident Response at NTT DATA, you will be responsible for leading the Information Security Incident Response Management team. Your role will involve ensuring that your team is well-equipped to detect and monitor threats and suspicious activities affecting the organization's technology domain. You will serve as the escalation point for incident workflows and actively participate in delivering security measures through analytics and threat hunting processes. Your primary responsibilities will include managing a team of security professionals while fostering a collaborative and innovative team culture focused on operational excellence. You will be expected to have at least 10 years of experience in SOC, with a minimum of 4 years as a SOC Manager. Additionally, you should have 4+ years of experience in SIEM (Splunk) and hold a CISM/CISSP certification. Your role will also involve troubleshooting technical issues to ensure project success, implementing changes to align with client demands, and providing guidance to the team to achieve specific objectives. You will be responsible for developing and executing a timeline for the team to achieve its goals, monitoring incident detection and closure, and presenting regular metrics and reports. Furthermore, you will be required to conduct periodic DR drills, design SIEM solutions to enhance security value, and conduct root-cause analysis for security incidents. It will be vital for you to ensure that the SIEM system is optimized for efficient performance, align reports SIEM rules and alerts with security policies, and compliance reports requirements. You will also collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. To qualify for this role, you should have a Bachelor's degree or equivalent in Information Technology, Computer Science, or a related field, along with industry certifications such as CISSP or CISM. You should possess advanced experience in the Technology Information Security industry, prior experience working in a SOC/CSIR, and advanced knowledge of tools, techniques, and processes used by threat actors. Additionally, you should have practical knowledge of indicators of compromise (IOCs), end-point protection, enterprise detention, response software, SIEM, and IPS technologies. This is an on-site working position at NTT DATA, where diversity and inclusion are embraced, and you will have the opportunity to continue growing, belonging, and thriving in a collaborative environment. NTT DATA is an Equal Opportunity Employer, and your career progression here will involve seizing new opportunities, expanding your skills, and preparing for future advancements within the global team.,

Tower Research Capital, a leading quantitative trading firm established in 1998, has earned a stellar reputation for its high-performance platform and independent trading teams. With over 25 years of innovation, the firm is renowned for its ability to identify unique market opportunities. Home to exceptional systematic trading and engineering talent, Tower empowers portfolio managers to develop their teams and strategies independently, while benefiting from the advantages of being part of a large, global organization. Engineers at Tower excel in developing electronic trading infrastructure at a world-class level, tackling complex challenges in low-latency programming, FPGA technology, hardware acceleration, and machine learning. The firm's continuous investment in top engineering talent and cutting-edge technology ensures that its platform remains unparalleled in terms of functionality, scalability, and performance. Every employee at Tower contributes to its success. The Business Support teams play a crucial role in constructing and maintaining the platform that drives the firm's operations, combining market access, data, compute, and research infrastructure with risk management, compliance, and a range of business services. These teams enable the trading and engineering teams to achieve their best performance. At Tower, employees thrive in a stimulating, results-driven environment where highly intelligent and motivated colleagues inspire each other to reach their full potential. As a member of the Global Cybersecurity team, you will work to enhance the security posture and services by monitoring, identifying, and addressing security gaps and countermeasures. Location: Gurgaon, India Team: Global Security Operations Shift Timing: 6:00 AM IST 3:00 PM IST with rotational weekend support as part of 24x7 operations Responsibilities: - Monitoring alerts for potential security incidents and information requests, utilizing real-time channels, tools, dashboards, reports, chat sessions, and tickets. - Following incident-specific procedures to conduct basic triage of potential security incidents, determining their nature, priority, and eliminating false positives. - Investigating and validating alerts to identify scope, impact, and root cause using available telemetry and threat intelligence. - Escalating confirmed incidents with comprehensive evidence, impact assessment, and recommended containment/remediation actions. - Collaborating with stakeholders and third-party security service providers to triage alerts, events, or incidents. - Monitoring and analyzing Security Information and Event Management (SIEM) to identify security issues for remediation. - Developing detection content, correlation rules, and queries in SIEM platforms to enhance threat detection capabilities. - Contributing to incident response playbooks, runbooks, and process enhancements. - Participating in threat hunting activities, adversary emulation exercises, and purple teaming efforts. - Maintaining accurate documentation of investigations, incidents, and actions in ticketing systems. - Staying informed of the current threat landscape, attacker tactics, and vulnerabilities relevant to Tower's environment. - Interacting with customers/users in a professional and positive manner. Requirements: - Bachelor's Degree in Computer Science, Information Security, or Information Technology. - 3+ years of hands-on experience in a Security Operations Center (SOC) or threat detection/incident response role in a mid to large-scale organization. - Proven track record in performing triage of potential security incidents and experience with various technologies including SIEM, EDR/NDR/XDR, web proxies, vulnerability assessment tools, IDS/IPS, firewalls, and data leakage prevention. - Strong understanding of various operating systems, network protocols, malware behavior, attacker techniques, and common attack vectors. - Willingness to work in early shifts and provide round-the-clock support, including weekend shifts. Soft Skills & Work Traits: - Strong analytical, investigative, and troubleshooting skills. - Effective written and verbal communication skills, with the ability to simplify complex security issues. - Organized, detail-oriented, and capable of managing multiple priorities under pressure. - Passion for security, continuous learning, and operational excellence. - Comfortable working in a rotating shift model, including weekend support. - Strong desire to understand security incidents thoroughly. Benefits: - Tower's headquarters are located in the historic Equitable Building in NYC's Financial District, with a global impact and offices worldwide. - The firm fosters a culture where smart, driven individuals thrive in a collaborative environment without egos. - Benefits include generous paid time off, financial wellness tools, hybrid working opportunities, daily meals and snacks, wellness experiences, volunteer opportunities, social events, continuous learning opportunities, and more. At Tower, you will find a welcoming and collaborative culture, a diverse team, and a workplace that values both performance and enjoyment. Join a team of great people doing great work together. Tower Research Capital is an equal opportunity employer.,

Job Responsibilities: Provide Technical Support to customers and partners Provide technical services include writing scripts, troubleshooting and best practices to customers Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed in a timely manner Provide fault isolation and root cause analysis for technical issues Publish Technical Support Bulletins and other technical documentation in the Knowledge Base Review of technical documentation for training materials, technical marketing collateral, manuals, troubleshooting guides, etc. Travel to customer sites in the event of a critical situation to expedite resolution as required Provide on-call support 24x7 on an as needed basis Provide configurations, troubleshooting and best practices to customers. Work with our Engineering team and influence the operability of the product. Participate in regular weekend on-call rotation and provide after-hours support on an as-needed basis. Able to effectively communicate to all levels and stakeholders - internally and externally on complex technical issues Desired Skills 3+ years of related experience. Provide configurations, troubleshooting and best practices to customers. Required experience with supporting EndPoint software products. Required strong experience with Windows OS, Linux OS and macOS based applications (Installation, troubleshooting, Debugging). Experience with Android OS based applications (Installation, troubleshooting, Debugging). Strong experience with MS environment (SCCM, GPO, AD, MSSQL, IIS). Experience with EndPoint security software is a plus (Antivirus, DLP, IPS, NAC). Knowledge of SIEM, vulnerability management tools and firewalls. Experience understanding malware, exploits, operating system structure and behavior. Experience with batch scripting and Python is a plus Strong ability to independently troubleshoot, reproduce issues and identify feasible workarounds in broad, complex, and unique environments with mixed applications and protocols required. Knowledge of Cloud infrastructure a plus Knowledge of VDI (VMWare Horizon, Citrix XenApp and XenDesktop) is a plus BS/MS or equivalent experience require Role & responsibilities Preferred candidate profile

You will be responsible for administering and maintaining Deep security systems to ensure the security of IT Infrastructure. This includes monitoring and analyzing security alerts to identify potential threats, ensuring proper integration with existing systems, troubleshooting and debugging problems related to TrendMicro Deep Security Manager and Agent, as well as managing TrendMicro Deep Security Agent (installation, reconciliation, troubleshooting, etc.). Additionally, you will be involved in fine-tuning policies in Deep security features such as FIM, Log Inspection, IPS, Firewall, Anti-malware module, and developing/updating security policies and procedures related to Deep security. Your role will also involve log monitoring, incident investigation, maintaining, generating, and analyzing all deep security related reports, manager version upgradation, and capacity management. You will be required to engage with OEM in case of any Deep security related issues reported and ensure compliance with industry standards, regulations, and best practices. Mandatory Skills required for this position include expertise in Antivirus, Microsoft EDR, and XDR. The ideal candidate should have 5-8 years of relevant experience in this field. Wipro is undergoing a transformation towards a modern approach, and as part of this journey, we are seeking individuals who are inspired by reinvention. We are looking for people who are willing to evolve constantly - in terms of themselves, their careers, and their skills. We strive for continuous improvement and adaptability as the world around us changes. Join us at Wipro, a place where you can realize your ambitions and be empowered to design your own reinvention. We welcome applications from individuals with disabilities.,

As a seasoned Technology Leader specializing in cybersecurity solutions, you will be responsible for developing and executing a comprehensive technology roadmap that aligns with business objectives and industry standards. Your role will involve designing and managing enterprise-grade cybersecurity platforms such as Splunk and QRadar to ensure seamless integration across diverse OT and IT environments. Innovation will be a key aspect of your responsibilities, as you lead the design and development of advanced cybersecurity tools including SIEM, XDR, next-gen firewalls, and secure networking solutions. Your focus will be on driving innovation to address the unique challenges of OT/IT environments, emphasizing threat detection, incident response, and compliance while ensuring scalability, efficiency, and future-readiness of the technology strategy. Building partnerships and fostering collaborations with technology providers, OEMs, and stakeholders will be essential to enhance the company's offerings and ensure interoperability and seamless integration of solutions across different platforms and ecosystems. You will play a vital role in establishing and maintaining technology standards and best practices for OT/IT cybersecurity, monitoring the adoption of emerging technologies to maintain a competitive advantage and address evolving threats. Additionally, your expertise will be crucial in providing technical oversight for cybersecurity frameworks to protect critical infrastructure and collaborating with delivery and operations teams to implement cutting-edge security measures. To excel in this role, you should hold a Bachelors or Masters degree in Engineering, Technology, or a related field, coupled with over 15 years of experience in technology leadership roles with a strong focus on cybersecurity solutions. Your proficiency in platform development, particularly with systems like Splunk and QRadar, as well as industrial control systems, will be highly valued. Strong leadership, innovation, and strategic thinking abilities are key qualifications that will contribute to your success in this dynamic and challenging position.,

Hi All, Movate ( Formerly known as CSSCorp ) is hiring for Senior Endpoint Security Engineer Role. Job Responsibilities: Provide Technical Support to customers and partners Provide technical services include writing scripts, troubleshooting and best practices to customers Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed in a timely manner Provide fault isolation and root cause analysis for technical issues Publish Technical Support Bulletins and other technical documentation in the Knowledge Base Review of technical documentation for training materials, technical marketing collateral, manuals, troubleshooting guides, etc. Travel to customer sites in the event of a critical situation to expedite resolution as required Provide on-call support 24x7 on an as needed basis Provide configurations, troubleshooting and best practices to customers. Work with our Engineering team and influence the operability of the product. Participate in regular weekend on-call rotation and provide after-hours support on an as-needed basis. Able to effectively communicate to all levels and stakeholders - internally and externally on complex technical issues Desired Skills 3+ years of related experience. Provide configurations, troubleshooting and best practices to customers. Required experience with supporting EndPoint software products. Required strong experience with Windows OS, Linux OS and macOS based applications (Installation, troubleshooting, Debugging). Experience with Android OS based applications (Installation, troubleshooting, Debugging). Strong experience with MS environment (SCCM, GPO, AD, MSSQL, IIS). Experience with EndPoint security software is a plus (Antivirus, DLP, IPS, NAC). Knowledge of SIEM, vulnerability management tools and firewalls. Experience understanding malware, exploits, operating system structure and behavior. Experience with batch scripting and Python is a plus Strong ability to independently troubleshoot, reproduce issues and identify feasible workarounds in broad, complex, and unique environments with mixed applications and protocols required. Knowledge of Cloud infrastructure a plus Knowledge of VDI (VMWare Horizon, Citrix XenApp and XenDesktop) is a plus BS/MS or equivalent experience require

As a member of the Cyber Incident Response Team (CIRT) at Ingka Group, you will play a crucial role in developing and operating threat detection, investigation, and response capabilities to ensure a secure environment for the organization. Based in Malm, Helsingborg, or Amsterdam, you will lead the response to complex, major, or recurring cyber security incidents across the global organization. Your responsibilities will include reporting on the overall performance of incident response, writing comprehensive documentation such as plans, playbooks, and runbooks, and developing automated incident response playbooks using SOAR. Additionally, you will engineer threat detections using SIEM and XDR technology. The ideal candidate for this role should have over 5 years of experience in a security operations role and be familiar with tools like XDR, SIEM, and SOAR. You should also have knowledge of endpoint systems like Windows, macOS, and Linux, cloud platforms such as Azure and Google Cloud, and Entra ID. A strong curiosity, a willingness to learn, and the ability to work in an on-call rotation for major incident response are essential qualities we are looking for in potential candidates. We believe that you are passionate about exploring and understanding the intricacies of cybersecurity, combining theoretical knowledge with practical skills to address challenges effectively. Your analytical capabilities, structured problem-solving approach, and pragmatic mindset will contribute to the success of our team in enabling the business to thrive today and in the future. If you are someone who thrives in open-ended situations, values collaboration, and seeks continuous growth, we encourage you to apply for the position of Senior Cyber Engineer with us. We understand the importance of diversity and inclusion, and we welcome applicants from all backgrounds and experiences. Your application, submitted in English, will be a step towards joining our team dedicated to creating a better everyday life for the many people. Please note that we expect the majority of your time to be spent in the office, aligning with our value of togetherness and fostering a collaborative work environment. Interviews will be conducted on an ongoing basis, and we are excited to review your application submitted through our recruitment program.,

As an Infrastructure Security Architect at our organization, you will be responsible for designing and maintaining secure infrastructure systems to uphold the highest cybersecurity standards. Your role will be crucial in safeguarding systems and data against emerging threats, ensuring regulatory compliance, and maintaining operational resilience. You will play a key role in protecting digital assets from unauthorized access, disruptions, or misuse to maintain confidentiality, integrity, and availability. Developing and managing Data Loss Prevention (DLP) strategies will be essential to safeguard sensitive data both in motion and at rest. Additionally, you will be required to detect, analyze, and mitigate threats using tools such as XDR, Dark Web Hunting, and other threat intelligence solutions. Leading security incident response processes including investigation, containment, remediation, and post-mortem analysis will be part of your responsibilities. Regular risk assessments and security audits will also be conducted to ensure compliance with established standards like NIST, ISO 27001, or GDPR. Your role will involve evaluating existing and planned infrastructure to identify vulnerabilities and recommend architectural enhancements, along with collaborating across teams to integrate security by design principles into systems architecture. To qualify for this position, you should hold an M.Tech/B.Tech degree in Computer Science, Information Security, Information Technology, or a related field, and have at least 4 years of professional experience in infrastructure or cybersecurity roles. A deep understanding of network security, cloud security (AWS/Azure), firewalls, VPNs, IDS/IPS, and encryption protocols is necessary. Hands-on experience with SIEM, XDR, DLP, vulnerability scanners, and incident response tools will be beneficial. A strong grasp of compliance, governance, and regulatory frameworks such as ISO, NIST, and PCI DSS is also required. Preferred certifications for this role include CISSP, CISM, CEH, or related certifications, as well as Cloud Security Certifications like AWS Security Specialty or Azure Security Engineer Associate. Join our team and contribute to enhancing our organization's cybersecurity posture while ensuring the integrity of our infrastructure and data.,

The Associate Technical Security Specialist plays a critical role in supporting cybersecurity operations by implementing technical security controls, monitoring security events, and ensuring compliance with company contractual and regulatory obligations. This role focuses on operational information security tasks, responding to information security incidents, and continuously improving information security processes to protect the managed information and technical assets. Key Responsibilities Information Security Operations & Incident Response: Monitor information security alerts and logs using XDR and other security tools. Investigate potential information security incidents, escalate critical issues, and support information security incident response processes. Endpoint, Cloud, and Network Security: Assist in managing security controls for endpoints, cloud services, and network environments. Support security hardening initiatives to reduce risks. Email Security Gateway & Anti-Phishing: Manage and optimize email security solutions to prevent phishing, malware, and spam attacks. Work on email filtering policies, domain security (DMARC, DKIM, SPF), and respond to email-based threats. Vulnerability & Patch Management: Perform routine security assessments to identify vulnerabilities and misconfigurations. Work with IT teams to prioritize and implement security patches and updates. Threat Intelligence & Risk Mitigation: Analyze emerging threats and recommend proactive security measures. Assist in conducting risk assessments and security reviews of new technologies and processes. Compliance & Security Governance: Assist in maintaining security policies and ensuring compliance with contractual regulatory requirements (ISO 27001, GDPR, HIPAA, etc.). Support audits and security assessments. Security Awareness & Training: Promote cybersecurity awareness by assisting with security training sessions and phishing simulations. Support internal teams with security best practices. Functional Competencies (Technical knowledge/Skills) - Strong understanding of cybersecurity frameworks (ISO 27001, NIST, CIS Controls). - Experience with XDR, firewalls, endpoint security, and cloud security solutions. - Familiarity with Email Security Gateways (Proofpoint, Mimecast, etc.) and anti-phishing technologies. - Basic knowledge of penetration testing and vulnerability scanning tools. - Hands-on experience with IAM and access control mechanisms. - Understanding of regulatory and compliance requirements in cybersecurity. - Strong analytical skills with attention to detail. - Good communication and collaboration skills to work across teams. Experience, Education, and Certifications - 3-5 years of experience in cybersecurity operations or security administration. - Bachelors degree in Cybersecurity, Information Technology, or a related field. - Certifications such as CompTIA Security+, CEH, or equivalent preferred. - Experience working with email security solutions and incident response processes. - Knowledge of cloud security in AWS, Azure, or GCP is an advantage. Note: This role has working shifts from 02:00 PM IST - 11:00 PM IST.,

As a Junior Security Engineer, you will work closely with senior engineers to ensure the security of an organization's systems and data. Your responsibilities will include monitoring networks, identifying vulnerabilities, and implementing security measures with guidance. You will be involved in various areas such as Vulnerability Management, XDR, EDR, Zero Trust, and DLP technologies. In the realm of Vulnerability Management, you will assist in identifying and assessing vulnerabilities in systems and applications. You will also support the remediation process for these vulnerabilities by utilizing vulnerability scanning tools and reporting on findings. For XDR/EDR, you will be tasked with monitoring security alerts from these platforms and aiding in the investigation of security incidents that are identified. Additionally, you will contribute to the tuning and optimization of XDR/EDR solutions. In the domain of Zero Trust, your role will involve supporting the implementation of Zero Trust principles, including least privilege access, and helping in the configuration of network segmentation and access controls. Regarding DLP, you will monitor data loss prevention alerts and incidents, participate in the development and implementation of DLP policies, and assist in identifying and protecting sensitive data. Your day-to-day responsibilities will encompass monitoring security systems and alerts, analyzing security data to detect potential threats, responding to security incidents, maintaining accurate records of security events, generating reports on security posture, vulnerabilities, and incidents, implementing security solutions and controls, collaborating with other teams to ensure security best practices, and continuously learning about new threats and security technologies. Overall, as a Junior Security Engineer, you will play a crucial role in supporting the overall security posture of the organization and contributing to the ongoing protection of systems and data.,

Role & responsibilities This position is responsible for supervising all aspects of IT security, which includes: * Designing and developing security measures * Implementing security protocols * Managing incident response * Overseeing product selection * Ensuring adherence to relevant regulations This role is a mandatory work-from-office position based in our Gurgaon location, and the person in this role must be willing to work in 24/7 rotational shifts. Key responsibilities include: 1. Cybersecurity defense for endpoints and servers. 2. Investigation of alerts through SIEM, EPP, and XDR. 3. Vulnerability assessment and patch management. 4. Authorization of third-party software. 5. Collaboration with various departments to reduce risk. 6. Awareness of potential harm from new threats to network infrastructure and existing security procedures. 7. Providing security training to employees. 8. Facilitation of system and software configuration through Endpoint Management. 9. Willingness to work in a 24/7 SOC environment. Preferred candidate profile Perks and benefits

As the Cybersecurity Program Delivery Director, you will play a pivotal role in coordinating the planning, execution, and delivery of key cybersecurity projects and programs on a global scale. You will work closely with technical teams, security experts, and various stakeholders to ensure that critical security initiatives are implemented effectively and in alignment with corporate strategies. Your responsibilities will span across program portfolio management, global delivery and execution, governance, risk, and compliance (GRC), team coordination, budget control, and technical strategy support. You will be tasked with managing a diverse portfolio of cybersecurity projects, encompassing new technology deployments, risk mitigation, policy updates, and compliance enhancements. It will be your responsibility to establish project goals, timelines, and budgets, while also overseeing cross-regional resource integration and priority management. Additionally, you will ensure the quality and timely delivery of key security projects, manage external suppliers and service providers, and establish standardized delivery processes to drive global project replication capabilities. Collaboration with compliance, legal, and audit teams will be essential to ensure that all projects adhere to relevant regulations and standards such as GDPR, ISO 27001, and NIST. You will lead a global team of project managers, security architects, and business analysts, fostering open communication with senior management, IT, Security Operations Center (SOC), and regional heads. Regular reporting on project progress and key risks to the CISO and senior management will be a key aspect of your role. Your background should include a Bachelor's degree or above in information security, computer science, engineering, or related fields, with a preference for a Master's/MBA. You should possess more than 10 years of experience in information security or project delivery, including over 5 years in cross-border security project management. Proficiency in project management frameworks such as PMP, PRINCE2, and agile delivery methods like Scrum/SAFe is required. Familiarity with information security frameworks and technologies such as NIST, CIS Controls, SOC, IAM, SIEM, XDR, and SASE is crucial, along with certifications like CISSP, CISM, and PMP being preferred. Your leadership skills, cross-cultural communication abilities, and global vision will be essential for this role. You should be comfortable with remote management across different time zones and occasional international travel. Keeping abreast of security technology trends and providing strategic investment recommendations will also be part of your responsibilities. Your contribution to cybersecurity budget formulation, resource allocation, and technology roadmap adjustments will ensure the maximum safety benefits of project investments.,

You should have a minimum of 12 years of experience in Sales, Consulting, or Presales in the cybersecurity domain. A consultative problem-solving services-oriented, solution-led approach and experience are preferred. Your demonstrated ability for consultative sales in the cybersecurity domain should be targeting CISO/CXOs. Skills in areas of risk advisory and various cybersecurity frameworks, along with an understanding of the cybersecurity OEM ecosystem and dexterity in crafting winning services proposals are critical. Expertise in any core security element of Device Management, Network Security, Zero Trust Frameworks, and Managed Detection and Response (MDR) Services is required. Knowledge in Data Security and Privacy, various Industry compliance Frameworks from SEBI, RBI, IRDA, DPDP, Security Assurance, and Cloud Security areas is essential. You should have proven expertise and experience in crafting complex managed security services (MSS) proposals which include multiple cybersecurity domains like network security, device management, security operations, SOC services, etc. Reviewing technology designs with technology architects and engineers while considering local and regional regulatory requirements is part of the role. Experience with assessment of a comprehensive and broad set of security technologies and processes, data protection, identity and access management (IAM), network security within SaaS, IaaS, PaaS, and other cloud environments is necessary. Additionally, expertise in Infra security architecture and any subject matter expertise within network infrastructures and perimeter security technologies such as firewalls, load balancers, WAF, CASB, proxies, SDN, DNS, and DDOS solutions is expected. A solid grasp of private/hybrid/public clouds and legacy IT infrastructures is required. You should be highly familiar with public and private cloud technologies (e.g., AWS, Azure, GCP, VMWare, etc.) and their Security offerings, preferably based on certifications and some hands-on experience. Maintaining in-depth knowledge of the competition's offerings and strategies is important. You will lead the development of integrated solutions, including terms and conditions, to create a final customer proposal. An understanding of emerging technologies & trends like XDR, MDR, CASB, SASE, Microservices, Kubernetes, containers, Intelligent Automation, DevSecOps, Zero Touch, etc., is preferred. A Bachelor's degree or Master's degree is also desirable for this role.,

As a seasoned Technology Leader specializing in Cybersecurity, you will be responsible for developing and executing a comprehensive technology roadmap for both Operational Technology (OT) and Information Technology (IT) cybersecurity solutions. Your role will involve aligning technology initiatives with business goals, industry standards, and market opportunities. You will lead the design and management of enterprise-grade cybersecurity platforms such as Splunk, QRadar, and similar systems, ensuring seamless integration across diverse OT and IT environments. Innovation is at the core of this role, where you will drive the design and development of advanced cybersecurity platforms and tools including Security Information and Event Management (SIEM), Extended Detection and Response (XDR), next-gen firewalls, and secure networking solutions. Your focus will be on addressing the unique challenges of OT/IT environments, encompassing threat detection, incident response, and compliance. You will define technology strategies for cybersecurity solutions, emphasizing scalability, efficiency, and future-readiness to support high-performance security operations globally. Building partnerships and collaborations will be key, as you foster relationships with technology providers, Original Equipment Manufacturers (OEMs), and other stakeholders to enhance the company's offerings. You will ensure seamless interoperability and integration of solutions across various platforms and ecosystems. Your role will also involve establishing and maintaining technology standards and best practices for OT/IT cybersecurity, along with monitoring and managing the adoption of emerging technologies to maintain a competitive edge and address evolving threats. Providing technical oversight for cybersecurity frameworks to ensure the protection of critical infrastructure will be crucial. Collaboration with delivery and operations teams will be essential to implement cutting-edge security measures effectively. To excel in this role, you should hold a Bachelor's or Master's degree in Engineering, Technology, or a related field, coupled with over 15 years of experience in technology leadership roles, particularly focusing on cybersecurity solutions. Expertise in platform development, such as Splunk, QRadar, and industrial control systems, is required. Strong leadership skills, innovative thinking, and a strategic mindset are essential to drive success in this dynamic and challenging environment.,

Agoda is an online travel booking platform that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, as well as flights, activities, and more. As part of Booking Holdings and based in Asia, Agoda has a diverse team of 7,100+ employees from 95+ nationalities across 27 markets. The work environment at Agoda is characterized by diversity, creativity, and collaboration, fostering a culture of experimentation and ownership to enhance the travel experience for customers. The Security Department at Agoda oversees security, compliance, GRC, and security operations to ensure the safety and protection of the company and its employees. As a member of the Security Operations (SecOps) Team, you will be at the forefront of designing, implementing, and maintaining cutting-edge security solutions to safeguard Agoda's large-scale global environment. This role offers the opportunity to work with advanced security tools, collaborate across multiple teams, and contribute directly to Agoda's mission of secure, seamless travel for millions of users worldwide. Key responsibilities in this role include implementing and managing secure cloud deployments across AWS, Azure, and GCP using Infrastructure-as-Code (IaC) tools like Terraform, identifying and remediating misconfigurations in cloud resources, providing expert guidance on cloud architecture and deployment strategies, and utilizing advanced tools for monitoring, detecting, and mitigating security threats. Additionally, you will be expected to develop scalable solutions using programming languages like Python and Go, design automated workflows to enhance threat detection capabilities, and establish secure practices for Kubernetes environments and CI/CD pipelines. To succeed in this role, you should have a minimum of 4 years of experience in a hands-on information security role, expertise in IDP/IAM solutions, familiarity with Microsoft security tools, proficiency in programming languages for automation tasks, and experience in managing cloud environments such as AWS, Google Cloud, or Azure. Effective communication skills are essential for conveying complex security concepts clearly to various stakeholders. Agoda offers a relocation package for those interested in moving to Bangkok, Thailand, along with a range of benefits including a hybrid working model, WFH set up allowance, remote working opportunities, employee accommodation discounts, a diverse global team, annual CSR/volunteer time off, and access to various subscription services and support programs. Agoda is an Equal Opportunity Employer and keeps applications on file for future vacancies. Please note that Agoda does not accept third-party resumes and is not responsible for any fees related to unsolicited resumes. For more details, please refer to the privacy policy.,

Experience with Network Architecture Review and Firewall Rule-base Audit. Strong understanding of OWASP top 10 and SANS top 25 programming errors.Threat Hunting, attack identification, investigation, correlation and suggesting mitigation measures. Required Candidate profile Experience on Vulnerability Assessment and Penetration Testing for Infrastructure / network / web application / databases.Propose, plan, & execute Red Team operations based on threats to organization.

Design & deploy Microsoft Modern Workplace solutions, lead M365 projects, implement EMS & Defender tools, manage compliance (DLP, IRM), handle licensing, migrate from 3rd-party tools to MDE, and provide expert client support and communication.

Job Title: Sr. Office 365 Support Specialist Business Function/Sub Function: IT Infra & Operation Location: Noida, India Position Overview: We are looking for a highly accomplished IT Infrastructure, Operations, and ITSM Specialist to join the GEDU IT Infra & Operations Team at our Noida office. This role requires a dynamic professional with expertise in IT infrastructure, operations, network support, and IT service management, along with hands-on experience in Microsoft Azure, Office 365, and endpoint security solutions. The ideal candidate should have a strong technical background, proven leadership skills, and a user-centric approach. They will be responsible for leading IT support teams, ensuring the stability and security of IT infrastructure, and driving operational excellence. Working across multiple time zones as per business needs, they will collaborate with product managers, architects, and R&D teams to enhance IT services and align technology strategies with business objectives. This role demands a proactive mindset, the ability to manage critical IT projects, and a focus on continuous improvement, automation, and security compliance. If you are passionate about delivering seamless IT experiences, driving innovation, and building robust IT operations, we encourage you to apply. Key Responsibilities: IT Operations Management Oversee the design, implementation, and maintenance of IT infrastructure, including cloud, on-premises and hybrid environments. Manage Azure Active Directory, Entra ID, Office 365, and endpoint security solutions to ensure seamless IT operations. Monitor system performance, availability, and security to proactively address potential risks and minimize downtime. Ensure effective backup, disaster recovery, and business continuity planning for IT services. IT Service Management (ITSM) & Support Lead incident, problem, change, and service request management in alignment with ITIL best practices. Establish and enforce ITSM processes and SLAs to ensure prompt and effective resolution of IT issues. Maintain and update ITSM documentation, including SOPs, knowledge base articles, and system documentation. Collaborate with cross-functional teams to enhance service efficiency and user experience. Security, Compliance & Identity Management Implement and manage security baselines, compliance policies, and endpoint security solutions (e.g., Microsoft Defender, Purview). Oversee Multi-Factor Authentication (MFA), Single Sign-On (SSO), and Privileged Identity Management (PIM) for enhanced security. Ensure compliance with global security standards and regulatory requirements. Manage Zero Trust principles and enforce security hardening practices. Team Leadership & Vendor Management Lead and mentor a team of IT support engineers, ensuring high performance and continuous skill development. Manage relationships with third-party vendors and service providers, ensuring SLA adherence and prompt resolution of escalations. Drive collaborative problem-solving and knowledge sharing across the IT team. Automation & Process Optimization Develop and automate IT workflows using PowerShell scripting and Microsoft Graph API. Continuously optimize IT processes and drive innovation to improve operational efficiency. Identify opportunities to reduce manual effort and enhance self-service capabilities. Project & Stakeholder Management Manage IT infrastructure projects, upgrades, and migrations based on business requirements. Collaborate with business leaders, product managers, and R&D teams to align IT strategies with organizational goals. Provide regular reports and insights on IT performance, risks, and improvement plans. Qualifications: Bachelors degree in computer science, Information Technology, Engineering, or a related field. Masters degree in IT Management or related disciplines is a plus. Professional Certifications (Preferred but not mandatory): Microsoft Certifications : Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Identity and Access Administrator (SC-300) Microsoft 365 Certified: Modern Desktop Administrator Associate IT Service Management (ITSM) & Security Certifications : ITIL v4 Foundation (or higher) for ITSM best practices CompTIA Security+ or CISSP for security management Networking Certifications : Cisco CCNA/CCNP, Aruba, or Arista networking certifications are a plus Work Experience: 7 to 10 years of experience in Office 365 Administrator, Operations, ITSM, and Cloud Administration. Hands-on experience in Microsoft Azure, Office 365, Entra ID, Intune, and Endpoint Security. Strong knowledge of ITIL processes, service management tools, automation, and PowerShell scripting. Proven experience in leading IT support teams, managing IT projects, and collaborating with cross-functional teams. Key Skills & Competencies: Deep expertise in cloud, hybrid IT environments, and IT service management. Strong problem-solving skills and the ability to troubleshoot complex technical issues. Excellent communication, leadership, and stakeholder management skills. Ability to work across different time zones as per business needs. Strong analytical mindset, with a focus on continuous improvement and automation.

Role & responsibilities Cyber Security Engineer Preferred candidate profile EDR /XDR , PAM , VA Specialist , MDM would be added advantage , Good knowledge of SIEM.

We are looking for UI Developer & DevOps - Cybersecurity Engineer for Hyderabad Location, if interested share your profiles to sushma.p@s9tech.in Required Technical Skills - *Frontend Development*: Proficiency in Angular (latest versions preferred) - *DevOps*: Experience with CI/CD pipelines, containerization (Docker/Kubernetes), and cloud platforms - *Security Tools Experience*: Hands-on development experience with any of the following: - *SIEM Tools*: Security Information and Event Management platforms - *XDR Tools*: Extended Detection and Response solutions - *MDR Tools*: Managed Detection and Response platforms ## Preferred Experience - Previous work experience at leading cybersecurity product companies such as: - *Splunk* - Security and observability platforms - *IBM QRadar* - SIEM and security analytics - *Stellar Cyber* - Open XDR platform - Other established cybersecurity product vendors ## Additional Qualifications - Strong understanding of cybersecurity concepts and threat landscapes - Experience with security data visualization and analytics dashboards - Knowledge of security compliance standards (SOC 2, ISO 27001, etc.) - Familiarity with threat intelligence and security orchestration workflows - Experience working in agile development environments

Job Description . Lead with consultative customer conversations and proactively identify cyber security sales opportunities in company's existing account base & new accounts. • Own, develop and execute all areas of the sales cycle for cyber security opportunities. • Understand and map customer business objectives, IT strategy, technical and commercial requirements to relevant technology solutions. • Clearly articulate how security solutions can deliver customer business value. • Collaborate with cross-functional teams like coverage, pre-sales, delivery teams etc. for overall success of business. • Contribute to the development and growth of the company's cyber security proposition. Requirements Minimum of bachelor's degree in engineering and MBA or equivalent Minimum 5+ Years of experience managing sales of cybersecurity solutions across OEM or Systems Integration organizations. Existing relationships with CIO/CISO/Security decision-makers and with key cybersecurity OEMs Ability to develop strategy, be creative, have technical aptitude, solve problems, and adapt. Enthusiastic and self-motivated. Excellent interpersonal, verbal and written communication skills