Cyber Security Analyst Jobs
3201 Jobs Found
Cybersecurity Data/ Detection/ Implementation Engineer
Netenrich Technologies
Job Summary We are seeking a skilled and experienced Cybersecurity Detection and Implementation Engineer with expertise in YARA rules creation, playbook implementation, and data ingestion techniques. This role presents an exciting opportunity to contribute to the design and implementation of cutting-edge cybersecurity solutions while collaborating with a talented team of professionals. Responsibilities Design, develop, and maintain YARA rules for threat detection and malware analysis, ensuring high accuracy and effectiveness. Conduct research and analysis to identify emerging threats and vulnerabilities and develop proactive detection mechanisms. Identify and implement detection use cases based on emerging threats and TTPs using MITRE ATT&CK framework. Contribute to optimization of detection rules to eliminate false positives and improve detection efficiency. Collaborate with cross-functional teams to understand customer requirements and customize cybersecurity solutions to meet their needs. Participate in security incident response activities, providing technical expertise and support as needed. Stay abreast of the latest cybersecurity trends, technologies, and best practices, and share knowledge with the team. Work closely with customers to understand their security challenges and requirements and provide expert guidance and support. Qualifications Bachelor s degree in computer science, Information Security, or related field. 3 years of experience in cybersecurity, with a focus on detection engineering and implementation. Proficiency in creating and maintaining YARA rules for threat detection and malware analysis. Solid understanding of MITRE ATT&CK framework and developing detection rules based on it. Solid understanding of data ingestion techniques and technologies, including log management systems and data lakes. Knowledge and experience in developing use cases for Cloud, Identity, Endpoint and Data Exfiltration use cases. Hands-on experience with SIEM (Security Information and Event Management) solutions such as Splunk, ELK, or QRadar. Excellent analytical and problem-solving skills, with the ability to troubleshoot complex technical issues. Strong communication and interpersonal skills, with the ability to effectively collaborate with internal teams and customers. Relevant cybersecurity certifications (e.g., CISSP, CEH, GIAC) are a plus. If you are a passionate and driven cybersecurity professional with expertise in writing detection rules and is enthusiastic about emerging threats and protecting customers, we want to hear from you. Join us in our mission to protect our organization and our customers from cyber threats. Qualification : Bachelors degree in computer science, Information Security, or related field.
Associate Director IT Security
Rxlogix Corporation
IT Security Manager General Purpose: Security leader with a background in AWS and cloud Security. A successful candidate will have excellent written and verbal skills, be organized, and have expert level skills in the field of IT and Cloud Security. You will help define and enforce our security policies and procedures. You must have demonstrable experience and skills in Cloud based security and have managed and built successful security operations in the past. You must be capable of leading from the front lines, this position requires both hands on technical experience as well as management skills. Reporting to the Director of Information Technology, you will be responsible for architecting and implementing our IT Security policies. Job Status: Full Time Essential Duties & Responsibilities: Provide leadership and technology vision to the IT Security team Perform internal Security Audits Participate in external Security Audits Document, implement and monitor adherence to IT security standards Assess and improve security metrics Work on improving security tools and operations Monitor and manage IDS, vulnerability scanning & assessments Work as DPO (Data Privacy Officer) for the company Create awareness in the company on Security, Privacy and compliance requirements Ensure security and privacy training for staff involved in data processing Conducting security and privacy audits to ensure compliance and address potential issues proactively Serving as the point of contact between the company and clients for privacy controls Log aggregation and analysis Manage Anti-Virus Address security and data breach related issues and incidents Minimum Requirements: CISSP, Security+ or equivalent certification 10+ years of Cyber Security experience 5+ years of IT management experience 5+ years of AWS experience 3+ years of experience with Identity & Access Management tools 10+ years of Linux & Windows Security administration Experience with managing Cloud and Container Security Experience with Network and Application penetration testing Experience with Vulnerability scanners, IDS and IPS deployment and monitoring Experience with SIEM tools Experience in developing, documenting and implementing security standards Experience with Security Automation and Orchestration tools Experience with Incident Response & Management, Vulnerability Management, Patch Management Experience managing security operations and teams Ensure Customer Satisfaction Ensure success and be accountable for individual product/project Accountable for Quality of the product/project and deliverables Drive Continual improvement programs to bring organization efficiencies process, tools, skills etc. Represent as appropriate in Inspections and Audits (External and Internal) and drive action plans to closure Ensure deep dive conduct of RCAs and ensure CAPAs to closure Ensure a metrics driven organization Additional Qualifications: Experience with Datadog or equivalent monitoring tools (Logz.io, Splunk, Nagios, SumLogic) Experience with practices such as Change Management and Configuration Management Experience with Infrastructure as Code and tools such as Chef, Ansible, Puppet Experience hardening Operating Systems and Applications (Centos, RHEL, Ubuntu, Windows) Endpoint security management Experience working in GxP environments Experience with practices such as Change Management and Configuration Management
Cyber Security Lead
Pricol Limited
Job Title: Cyber Security Lead Department: ETG Location: Coimbatore Experience Required: 10 15 Years Education: B.E / B.Tech in ECE, EEE, or EIE M.E / M.Tech in ECE, EEE, or EIE Job Summary: We are looking for an experienced and highly skilled Cyber Security Lead to oversee the implementation and compliance of ISO 21434 within our automotive systems. The ideal candidate will have a deep understanding of the cybersecurity lifecycle, threat analysis, and risk assessment processes, with a strong focus on automotive embedded systems. Key Responsibilities: Lead the implementation of ISO 21434 standards and ensure full organizational compliance. Conduct Threat and Risk Assessment (TARA) based on HARA, and define cybersecurity goals and concepts. Translate cybersecurity goals into robust system-level designs and validation strategies. Develop and implement cybersecurity design features including Secure Boot, Intrusion Detection Systems, and Secure Communication protocols. Drive cybersecurity planning activities, assessments, and design reuse strategies across projects. Prepare, review, and maintain technical documentation; support DFMEA activities and obtain stakeholder approvals. Work directly with customers on RFQ analysis, technical proposals, and design clarifications. Collaborate with Functional Safety teams to align cybersecurity goals with safety objectives. Actively participate in Cross-Functional Team (CFT) meetings to ensure integration across all system domains. Utilize industry-standard tools for evaluating cybersecurity and functional safety compliance. Technical Expertise Required: In-depth knowledge and practical experience in ISO 21434 implementation. Strong hands-on experience in TARA, the cybersecurity lifecycle, and associated tools. Expertise in automotive/embedded security concepts and architectures. Solid understanding of system-level design, validation, and cybersecurity concept development. Strong documentation and presentation skills for technical and stakeholder communication. Excellent interpersonal and stakeholder management skills. Qualification : M.E / M.Tech in ECE, EEE, or EIE
Cyber Security Reporting Analyst
Astrazeneca
Job Title: Cyber Security Reporting Analyst Career Level -D2 Introduction to role We are seeking a highly skilled and motivated Cyber Security Data Analyst to join our dynamic Cyber Security Risk & Reporting team. The successful candidate will have extensive experience in Power BI reporting, ETL (Extract, Transform, Load) processes, and AWS S3, and will be responsible for designing, developing, and maintaining our Cyber Security Reporting suite, enabling data-driven decision-making by our senior leaders. This role requires close collaboration with colleagues both within Cyber Security and IT functions across AstraZeneca s Enterprise Services and Business Technology Groups (BTGs). Accountabilities Data Analysis: Perform data analysis to identify trends, patterns, and anomalies. Work with large datasets to extract meaningful information and provide recommendations. Collaborate with business units to understand their data needs and deliver solutions accordingly. ETL Processes: Design, develop, and maintain ETL workflows to extract data from various sources, transform it according to business requirements, and load it into target systems. Ensure data integrity and quality throughout the ETL process. Fix, communicate, and support resolution of any ETL-related issues. Aws s3: Apply AWS S3 for data storage and management. Ensure effective data transfer and integration between AWS S3 and other data systems. Handle and maintain data security and access controls in AWS S3. Power BI Reporting: Develop, design, and maintain interactive Power BI dashboards and reports. Create data visualizations that provide actionable insights to stakeholders. Optimize Power BI models for performance and usability. Collaboration and Communication: Work closely with data and process owners, and business stakeholders to evaluate reporting needs. Communicate findings and insights effectively through presentations and reports. Deliver training and support to users on Power BI and data analysis techniques. Essential Skills/Experience A Bachelor s degree in Data Science, Computer Science, Information Technology, or a related field. 2 years+ experience as a Data Analyst or in a similar role within an IT capacity. High proficiency in Power BI, including DAX, Power Query, and the creation of complex data visualizations. Strong ETL (Extract, Transform, and Load) skills, with experience in tools such as SQL Server Integration Services (SSIS), Informatica, Talend, or similar. Experience using Power Automate to streamline repetitive processes. Experience with AWS S3 for data storage and integration. Solid understanding of databases and SQL. Ability to communicate at multiple levels within an organization and to confidently talk to and represent data sets. Skills and Capabilities Excellent analytical and problem-solving skills. Strong written and verbal communication skills along with the proven ability to present complex, technical information to both technical and non-technical audiences. Experience of autonomous working with direction and goal setting and ability to prioritize, re-schedule and adapt to changes in a dynamic environment. Be valued and respected for teamwork, integrity, and enablement. Desirable Skills/Experience Knowledge of cloud-based data warehousing solutions such as Azure Data Factory or AWS Glue. Familiarity with programming languages such as Python or R. Experience providing and delivering reports and metrics across multiple functions. Knowledge of presentation skills and styles. Experience in the pharmaceutical or healthcare industry. Experience of working in other IT disciplines and across a range of industries and sectors. Experience working in a global organization where stakeholders and team members are geographically dispersed. Qualification : Job Title: Cyber Security Reporting Analyst Career Level -D2 Introduction to role We are seeking a highly skilled and motivated Cyber Security Data Analyst to join our dynamic Cyber Security Risk & Reporting team. The successful candidate will have extensive experience in Power BI reporting, ETL (Extract, Transform, Load) processes, and AWS S3, and will be responsible for designing, developing, and maintaining our Cyber Security Reporting suite, enabling data-driven decision-making by our senior leaders. This role requires close collaboration with colleagues both within Cyber Security and IT functions across AstraZenecas Enterprise Services and Business Technology Groups (BTGs). Accountabilities Data Analysis: Perform data analysis to identify trends, patterns, and anomalies. Work with large datasets to extract meaningful information and provide recommendations. Collaborate with business units to understand their data needs and deliver solutions accordingly. ETL Processes: Design, develop, and maintain ETL workflows to extract data from various sources, transform it according to business requirements, and load it into target systems. Ensure data integrity and quality throughout the ETL process. Fix, communicate, and support resolution of any ETL-related issues. Aws s3: Apply AWS S3 for data storage and management. Ensure effective data transfer and integration between AWS S3 and other data systems. Handle and maintain data security and access controls in AWS S3. Power BI Reporting: Develop, design, and maintain interactive Power BI dashboards and reports. Create data visualizations that provide actionable insights to stakeholders. Optimize Power BI models for performance and usability. Collaboration and Communication: Work closely with data and process owners, and business stakeholders to evaluate reporting needs. Communicate findings and insights effectively through presentations and reports. Deliver training and support to users on Power BI and data analysis techniques. Essential Skills/Experience A Bachelors degree in Data Science, Computer Science, Information Technology, or a related field. 2 years+ experience as a Data Analyst or in a similar role within...
Lead Cyber Security Auditor
Iserveu
Job Position: Lead Cyber Security Auditor Job Locations: Bhubaneswar Experience: 4-6 Years Qualification: Bachelor's or Master's in IT/ Computer Science /Information Security or related field Compensation: Negotiable Job Type: Full Time COMPANY INTRODUCTION iServeU is a modern banking infrastructure provider in the APAC region, empowering financial enterprises with embedded fintech solutions for their customers. iServeU is one of the few certified partners with National Payment Corporation of India (NPCI), VISA for various products. iServeU also provides a cloud-native, micro services-enabled, distributed platform with over 5000 possible product configurations with a low code/no code interface to banks, NBFCs, Fintech, and other regulated entities. We process around 2500 transactions per second by leveraging distributed & auto scale technology like K8. Our core platform combines 1200+ micro services. Our customer list includes Fintech start-ups, top tier private banks to PSU bank. We operate in five countries and help customers constantly change the way financial institutions operate and innovate. Our solutions currently empower over 20 banks and 250+ enterprises across India and abroad. Our platform seamlessly manages the entire transaction lifecycle, including withdrawals, deposits, transfers, payments, and lending through various channels like digital, branch, agents. Our team of 500+ employees, with over 80% in technology roles, is spread across offices in Bhubaneswar, Bangalore, and Delhi. We have raised $8 million in funding to support our growth and innovation. Responsibilities Lead comprehensive security audits of complex digital environments including web, mobile, cloud, and network infrastructures. Assess and ensure compliance with multiple international standards and frameworks such as ISO/IEC 27001, PCI-DSS, CISSP best practices, and regulatory requirements. Perform advanced risk assessments, penetration testing, and vulnerability analyses; interpret results to provide actionable recommendations. Prepare detailed audit reports and present findings to senior management and stakeholders, guiding remediation strategies. Mentor and supervise junior and mid-level auditors, defining audit methodologies, frameworks, and ensuring quality and consistency across audits. Requirements Certifications: Mandatory: CISA and ISO/IEC 27001 Lead Auditor Preferred: CEH, CISSP, PCI-DSS knowledge Desired Skills: Deep expertise in auditing complex digital environments including web/mobile/cloud systems. Strong grip over OWASP, DevSecOps pipeline review, API security, and network security assessment. Client-facing experience with report presentation and regulatory audit preparedness. Ability to define audit methodology, frameworks, and mentor team. Qualification : Bachelor's or Master's in IT/ Computer Science /Information Security or related field
Security Operations Engineer
Falconx
Security Operations Engineer FalconX Location: Bangalore Experience: 3+ Years Education: Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field About FalconX FalconX is a pioneering team of operators, investors, and builders transforming institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX simplifies the complex and fragmented digital asset ecosystem. Our platform empowers clients to navigate the crypto landscape seamlessly, providing access, liquidity, and tools to execute institutional strategies from start to scale. Role Overview We are looking for a Security Operations Engineer to strengthen our cybersecurity posture and protect our systems, data, and clients. In this role, you will monitor, detect, and respond to threats across on-premise and cloud environments, conduct investigations, perform threat hunting, and automate security operations. Key Responsibilities Monitor, detect, and respond to security incidents across cloud and on-premise environments. Analyze security alerts from various tools to identify potential threats and anomalies. Conduct forensic investigations and deep-dive analysis to identify trends and attack techniques. Perform proactive threat hunting across endpoints, networks, and cloud environments. Analyze security logs and behavioral patterns to detect Indicators of Compromise (IOCs). Investigate security incidents and provide actionable mitigation and remediation recommendations. Develop and refine threat hunting methodologies using frameworks like MITRE ATT&CK. Automate threat detection and response processes using scripting languages such as Python, PowerShell, or Bash. Continuously monitor emerging threats, vulnerabilities, and attack trends to improve strategies. Required Qualifications Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field. 3+ years of experience in Security Operations, Threat Hunting, or a similar cybersecurity role. Hands-on experience working with log data for detection and response (Cloud, EDR, Network, etc.). Experience developing and deploying detection rules (Yara, Sigma, SQL-based rules, etc.). Strong understanding of network security monitoring, packet analysis, and log correlation. Deep knowledge of advanced threat detection methodologies and threat intelligence. Proficiency in analyzing attacker TTPs using frameworks like MITRE ATT&CK. Skilled in scripting and automation for security operations (Python, PowerShell, Bash). Familiarity with endpoint security, identity management, cloud security, and incident response. Protect critical systems, data, and client assets from emerging cyber threats. Play a key role in detecting, investigating, and responding to security incidents. Collaborate with cross-functional teams to strengthen security posture and operational resilience. Drive proactive threat hunting and automation to improve efficiency and effectiveness. Qualification : Bachelors degree in Cybersecurity, Computer Science, Information Technology, or related field
Security Operations Engineer
Falconx
Security Operations Engineer Location: Bangalore About Us FalconX is a pioneering team of operators, investors, and builders committed to transforming institutional access to the digital asset markets. By bridging traditional finance with cutting-edge technology, we address the industry's most complex challenges. We offer a comprehensive solution for all digital asset strategies from startup to scale enabling our clients to navigate the ever-evolving cryptocurrency landscape with confidence. We are seeking an experienced Security Operations Engineer to help secure FalconX s infrastructure and protect our clients digital assets. As a part of our security team, you will monitor, detect, and respond to cyber threats across both on-premise and cloud environments, ensuring the integrity and safety of our systems and data. Key Responsibilities Security Monitoring & Incident Response: Monitor and respond to security incidents across both on-premise and cloud environments, ensuring timely detection and remediation of potential threats. Threat Detection & Analysis: Analyze security alerts from various security tools to identify, investigate, and mitigate security risks. Conduct in-depth forensic investigations to identify trends, attack techniques, and vulnerabilities. Proactive Threat Hunting: Conduct proactive threat hunting across endpoints, networks, and cloud environments, looking for sophisticated and emerging threats that may not yet be detected by traditional security measures. Forensics & Incident Investigation: Investigate and analyze security incidents to identify the root cause. Provide actionable recommendations for improving security posture and preventing future incidents. Detection Engineering: Develop and refine threat detection methodologies and rules (e.g., Yara, Sigma, SQL-based rules, network protocols) to enhance security monitoring capabilities. Utilize frameworks like MITRE ATT&CK and the Cyber Kill Chain to guide threat hunting and analysis. Automation & Scripting: Leverage scripting languages (Python, PowerShell, or Bash) to automate threat detection, analysis, and response processes, improving overall efficiency and effectiveness. Threat Intelligence & Trend Analysis: Stay informed about emerging threats, vulnerabilities, and attack trends to continuously improve detection strategies and enhance the response to new security challenges. Qualifications Education & Experience Education: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience). Experience: Minimum of 3 years in a security operations, threat hunting, or similar cybersecurity role. Security Expertise Strong experience working with security tools and log data (Cloud, EDR, Network, etc.) for detection and response. Deep understanding of network security, packet analysis, and log correlation. Proficiency in advanced threat detection methodologies and threat intelligence, with a strong grasp of attacker tactics, techniques, and procedures (TTPs), especially using frameworks like MITRE ATT&CK. Technical Skills Proficiency in scripting and automation (Python, PowerShell, Bash). Experience with detection engineering and developing custom detection rules (e.g., Yara, Sigma, SQL-based, Network). Familiarity with endpoint security, identity management, vulnerability management, cloud security, and incident response. Soft Skills Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication skills, with the ability to work effectively in a collaborative, fast-paced environment. Be part of a rapidly growing company at the cutting edge of finance and technology. A dynamic, fast-paced work environment where your expertise will directly impact business success. Competitive salary and benefits package. Opportunities for professional growth in a highly innovative industry. Qualification : Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience)
Platform Administrator Nextgen Siem
Colortokens
Platform Admin NextGen SIEM Location: Bangalore (Onsite) About ColorTokens At ColorTokens, we re all about helping businesses stay secure and keep running, no matter what cyber chaos hits. Our game-changing Xshield platform stops ransomware and malware from spreading sideways, so companies can keep their critical stuff safe and business uninterrupted. We bring insane visibility into traffic flows between workloads, IoT devices, users basically everything to create super tight security zones that isolate threats fast. We re a Forrester Wave Leader (Q3 2024) for microsegmentation and protect global giants from costly cyber disruptions. Our Culture We love self-starters who bring energy, curiosity, and big ideas. You ll get to own projects, collaborate with passionate teammates, and work on security that actually protects real people from hospitals to cities to entire nations. What You ll Do The Role You ll run and manage our NextGen SIEM platform think Splunk, Sentinel, Exabeam, Stellar Cyber, or similar making sure it s up-to-date, humming smoothly, and packed with the right alerts. Admin & Ops: Install, configure, patch, and keep the SIEM platform running 24/7. Log Boss: Bring in new log sources, troubleshoot ingestion issues, and ensure data is clean and compliant. Rule Maker: Build and tweak detection rules and alerts to catch real threats while cutting down false alarms. Integrate & Automate: Connect SIEM with other security tools and automate incident workflows. Lock It Down: Manage user access, keep the platform secure, and nail compliance requirements. Team Player: Work closely with SOC analysts, threat hunters, and engineers to level up detection and response. Support & Train: Help users get the most from the platform and be the go-to expert when incidents hit. Optimize & Report: Track performance, fix bottlenecks, and share insights to keep the platform sharp. What You Bring Your Skills & Experience 8+ years managing SIEM platforms, especially NextGen ones like Splunk, Sentinel, or Exabeam. Expert in log management, rule creation, and onboarding data from all sorts of sources. Solid scripting skills (Python, PowerShell) to automate and customize workflows. Deep knowledge of log formats (Syslog, JSON, XML), querying languages (KQL, SPL, AQL), and data pipelines. Experience integrating SIEM with EDR, SOAR, NDR, and threat intel platforms. Familiar with security frameworks like MITRE ATT&CK, NIST, or CIS. Bonus points if you know cloud security (AWS, Azure, GCP), machine learning in SIEM, or SOAR tools like Cortex XSOAR or Phantom. Your Credentials Bachelor s degree in Computer Science, InfoSec, or related field (or equivalent experience). Relevant certifications like Splunk Certified Admin, Microsoft Security Operations Analyst, QRadar cert, or CISSP are a major plus. What Success Looks Like Keep SIEM uptime near 100%. Smoothly onboard new log sources and build killer detection use cases. Reduce noise fewer false positives, sharper alerts. Fast, effective fixes when platform issues pop up. Align SIEM capabilities tightly with security and business goals. Qualification : Bachelors degree in Computer Science, InfoSec, or related field (or equivalent experience).
Platform Engineer
Colortokens
Platform Engineer Location: Bengaluru, Karnataka, India Full-time partially remote About ColorTokens At ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen but with our cutting-edge ColorTokens Xshield platform, companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to continue operating while breaches are contained, ensuring critical assets remain protected. Our innovative platform provides unparalleled visibility into traffic patterns between workloads, OT/IoT/IoMT devices, and users, allowing businesses to enforce granular micro-perimeters, swiftly isolate key assets, and respond to breaches with agility. Recognized as a Leader in the Forrester Wave : Microsegmentation Solutions (Q3 2024), ColorTokens safeguards global enterprises and delivers significant savings by preventing costly disruptions. Our culture We foster an environment that values customer focus, innovation, collaboration, mutual respect, and informed decision-making. We believe in alignment and empowerment so you can own and drive initiatives autonomously. Self-starters and high-motivated individuals will enjoy the rewarding experience of solving complex challenges that protect some of world s impactful organizations be it a children s hospital, or a city, or the defense department of an entire country. Position Overview: Colortokens is looking for a Junior Platform Administrator to assist in managing, maintaining, and optimizing our NextGen Security Information and Event Management (SIEM) platform. The ideal candidate will support the day-to-day operations, help onboard customer log sources, troubleshoot integration issues, and provide technical assistance to the security operations team. This role is ideal for a motivated professional with 3+ years of experience in SIEM administration, security operations, or log management. Key Responsibilities: SIEM Platform Administration Assist in deploying, configuring, and maintaining the NextGen SIEM platform (e.g., Stellar Cyber, Splunk, Sentinel, QRadar, Chronicle, Exabeam). Perform basic updates and patches to ensure platform security and functionality. Monitor SIEM health, performance, and uptime under the guidance of senior administrators. Log Source Management Onboard new log sources and validate data ingestion. Help troubleshoot log ingestion, parsing, and formatting issues. Maintain log retention policies for compliance. Rule and Use Case Management Support the development and deployment of detection rules, correlation use cases, and alerts. Tune existing use cases to minimize false positives. Work closely with security analysts to refine alerting strategies. Integration and Automation Assist in integrating SIEM with other security tools (e.g., EDR, microsegmentation, vulnerability scanners). Work on basic automation tasks using scripting (Python, PowerShell) to enhance SIEM efficiency. Platform Security and Compliance Support role-based access control (RBAC) and platform security policies. Help ensure SIEM adheres to compliance standards like SOC2, ISO 27001. Participate in periodic security audits. Network Debugging & Troubleshooting Have a basic understanding of TCP/IP, networking concepts, and protocols. Assist in debugging network connectivity issues related to SIEM log ingestion. Use basic network troubleshooting tools. Collaboration and Support Work alongside SOC analysts, threat hunters, and security engineers. Provide basic technical support for SIEM users. Assist in training and documentation for security teams. Performance Monitoring and Optimization Monitor storage and indexing performance to ensure optimal operations. Report any performance issues to senior administrators. Contribute to platform health reports and alerting metrics. Incident Support Assist SOC teams in log analysis, incident response, and forensic investigations. Ensure log data is readily available for security incidents. Education and Certifications: Bachelor s degree in Computer Science, Information Security, or a related field. Certifications (Preferred but not mandatory): Splunk Certified User/Admin Microsoft Certified: Security Operations Analyst Associate QRadar Certification Any SIEM-related certification Experience: 3+ years of experience in SIEM administration, security operations, or log management. Hands-on experience with at least one SIEM platform (e.g., Stellar Cyber, Splunk, Sentinel, Chronicle, Exabeam). Basic knowledge of log ingestion, rule creation, and data parsing. Exposure to scripting (Python, PowerShell) for automation. Basic understanding of TCP/IP networking concepts and network debugging. Technical Skills: Understanding of log formats, Syslog, JSON, XML, and data pipelines. Basic knowledge of querying languages (KQL, SPL, AQL). Familiarity with SIEM integration with security tools like EDR, SOAR, NDR. Awareness of MITRE ATT&CK, NIST, or CIS security frameworks. Basic experience with network troubleshooting tools (ping, traceroute, netcat (nc)). Soft Skills: Strong problem-solving and troubleshooting abilities. Good verbal and written communication skills. Ability to work collaboratively in a security operations environment. Preferred Skills: Basic understanding of cloud-based security solutions (AWS, Azure, Google Cloud). Exposure to SOAR tools (e.g., Cortex XSOAR, Splunk Phantom). Interest in machine learning-based anomaly detection for SIEM. Key Metrics for Success: Successful onboarding of log sources. Improvement in log ingestion and parsing accuracy. Contribution to fine-tuning detection rules. Timely resolution of SIEM-related support requests. Ability to identify and troubleshoot basic network connectivity issues.
Senior Soc Analyst
Colortokens
Senior SOC Analyst Location: Bangalore (Hybrid, work from office) Experience: 4 to 7 years Shifts: Rotational 24/7 shifts gotta keep the cyber world safe around the clock! About ColorTokens We re on a mission to help businesses stay secure and running smoothly, even when cyber threats hit hard. Our ColorTokens Xshield platform stops ransomware and malware from spreading sideways, so companies can keep their critical assets locked down and business uninterrupted. We bring unmatched visibility into traffic flows whether it s servers, IoT devices, or users helping teams isolate threats fast and respond smartly. Forrester named us a Leader in Microsegmentation (Q3 2024), and we protect global enterprises from costly cyber disasters. Our Culture If you re a self-starter who loves solving complex problems and making an impact, you ll fit right in. Work alongside passionate teammates who protect hospitals, cities, and even national defense. We value innovation, respect, and letting you own your work. What You ll Be Doing Lead as a senior SOC analyst, mentoring juniors and shaping SOC playbooks and processes. Dive deep into escalated incidents analyze, manage end-to-end, and nail root cause analysis. Monitor alerts and events across SIEM tools (Splunk, QRadar, Stellar Cyber, LogRhythm), firewalls, IDS/IPS, VPNs, and more. Hunt proactively for threats and vulnerabilities using threat intel feeds and frameworks like MITRE ATT&CK and Cyber Kill Chain. Perform forensic and malware analysis from logs to memory and disk images to track down attackers and gather evidence. Collaborate closely with SecOps, IT, Platform, and Engineering teams to creatively solve security challenges. Automate SOC workflows with PowerShell, regex, and APIs to level up efficiency. Lead detection tuning and gap analysis to sharpen SOC s ability to spot threats early and accurately. What You Bring 4+ years experience in cyber incident response, SOC operations, and investigations. Solid knowledge of SIEM platforms, network and endpoint security, malware analysis, and threat intel. Certifications like CISSP, GCIH, GSOC, OSCP, or GCIA (or working toward them). Strong communication skills you can explain complex security issues clearly to any audience. Integrity, professionalism, and eagle-eye attention to detail. Ability to work well under pressure and collaborate with diverse teams. Qualifications Bachelor s degree in IT, Computer Science, Engineering, or related field (or equivalent experience). Protect critical digital assets, learn cutting-edge cyber defense tech, and grow your career at a company recognized as a market leader. Plus, work with passionate people who genuinely care about making the world safer. Qualification : Bachelors degree in IT, Computer Science, Engineering, or related field (or equivalent experience).
Cyber Security Analyst
Camsdata Technologies India Pvt. Ltd.
Cyber Security Analyst Bangalore, India Location: Bangalore (Bengaluru) Experience: 4 to 12 Years Industry: IT Security / Cybersecurity Job Summary: We are seeking a highly skilled Cyber Security Analyst with advanced knowledge in cybersecurity principles, risk assessment, and threat prevention. The ideal candidate will have hands-on experience with security tools, network defense, vulnerability assessments, and malware analysis to safeguard our organization s digital assets. Key Responsibilities: Analyze and mitigate cyber and IT security risks using advanced techniques and best practices Conduct vulnerability assessments and penetration testing across networks, platforms, and applications Utilize scripting and programming languages such as Python, PowerShell, Perl, HTML, and JavaScript for automation and security analysis Monitor network security devices including firewalls, proxies, NIDS/NIPS, and respond to security incidents Perform dynamic and static malware analysis and memory forensics to identify and counter threats Conduct reverse engineering of malware and apply countermeasures based on adversary tactics and protocols Apply in-depth knowledge of network protocols, network security monitoring, and incident response Ensure compliance with security standards and frameworks Collaborate with cross-functional teams to implement security improvements and ensure robust defense mechanisms Required Skills & Qualifications: Minimum 4+ years of professional experience in cybersecurity or related IT security roles Advanced understanding of cyber threats, risk management, and prevention techniques Proficiency in security system analysis, network security, and vulnerability assessment tools Experience with malware analysis, penetration testing, and reverse engineering Strong programming/scripting skills in Python, PowerShell, Perl, or similar languages In-depth knowledge of security standards, protocols, and industry best practices Hands-on experience with network security monitoring and defense technologies Preferred Certifications: Technical cybersecurity certifications from recognized bodies such as SANS, ISACA (CISA, CISM), (ISC) (CISSP), CompTIA Security+, Cisco (CCNA Security), CERT, or equivalent Work in a challenging role protecting critical digital infrastructure Collaborate with a talented cybersecurity team to combat evolving threats Access to continuous learning, professional development, and certification opportunities
Quoting Analyst Ii
Rubrik
Quoting Analyst II Renewals & Revenue Operations Location: Bangalore, India Shift Timing: 5:30 PM 2:30 AM IST Job Type: Full-Time | Global Renewals Team | Quote-to-Cash About the Role Rubrik is seeking a detail-oriented and analytical Quoting Analyst II to join our Global Renewals Operations team. In this role, you will support the timely and accurate creation of renewal quotes for our existing customer base, working closely with Renewals Representatives, Sales Operations, and other cross-functional teams. Your focus will be to streamline quoting processes, enhance contract alignment, and drive data accuracy to improve revenue predictability and retention. You will manage a high-volume quoting pipeline, contribute to quote validation, and provide insights on upgrade, refresh, and expansion opportunities. This is a mission-critical role where your precision and attention to detail directly impact Rubrik s recurring revenue performance. Key Responsibilities Partner with Renewals Reps to ensure all subscription renewal quotes are generated and delivered on time. Validate and ensure quote accuracy across SKUs, pricing, expiration dates, contractual terms, and upgrade details. Manage and monitor a pipeline of upcoming renewals and prepare corresponding quoting packages. Identify opportunities for refreshes, product flips, or upgrades early in the renewal lifecycle. Review changes in installed base and validate updates executed by Sales and Account Management teams. Work with Salesforce CRM and reporting tools to maintain clean, actionable data. Analyze large datasets to deliver actionable insights related to customer retention, product adoption, and renewal expansion. Collaborate with cross-functional teams to resolve discrepancies and improve overall quote-to-cash efficiency. Support the standardization of quoting workflows to enhance team scalability and consistency. Required Skills & Qualifications 3 8 years of experience in Renewals Operations, Revenue Operations, or Quote-to-Cash (QTC) processes. Strong working knowledge of Salesforce CRM and quoting tools (e.g., CPQ platforms). Excellent organizational skills with the ability to prioritize and multitask in a high-volume environment. Strong analytical and data interpretation skills with attention to detail. Effective written and verbal communication skills to interact with both internal teams and external stakeholders. Experience with installed base or inventory management is a plus. Ability to work independently, manage deadlines, and drive process improvements proactively. Bachelor s degree in Business, Finance, Operations, or a related field preferred. Preferred Competencies Understanding of SaaS renewal cycles, subscription billing, and contract management. Familiarity with B2B sales operations, customer lifecycle management, and forecasting methodologies. Experience in a fast-paced technology environment or global support function. At Rubrik (NYSE: RBRK), our mission is to secure the world s data. Through Zero Trust Data Security and Rubrik Security Cloud, we help enterprises defend against cyber threats, ensure data resilience, and guarantee business continuity across hybrid, SaaS, and multi-cloud environments. Be part of a team that's transforming how organizations protect their most valuable asset: data. Qualification : Bachelors degree in Business, Finance, Operations, or a related field preferred.
Technical Consultant-security Intel & Operations Consulting Svcs
International Business Machines
Technical Consultant - Security Intel & Operations Consulting Services Location: Bangalore, Karnataka, India Job Type: Full-Time Experience Level: Senior Introduction: At IBM Consulting, we believe that work is more than just a job it's a calling. In the role of Technical Consultant - Security Intel & Operations, you will be part of our Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to both public and private sector clients across the globe. Our team helps clients to innovate, adopt new technologies, and improve their security posture. Your Role and Responsibilities: As a Senior SOC Analyst working within the 24/7 Cyber Fusion Center (CFC), your role will involve the proactive monitoring, triaging, analyzing, and escalating incidents in client environments. You will be tasked with utilizing various cyber operations tools and technologies to analyze data, detect security threats, and mitigate risks. Your expertise will contribute to maintaining the security integrity of client systems and ensuring efficient incident response. Key Responsibilities: Incident Monitoring & Analysis: Monitor and analyze security events using various cybersecurity tools like SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to detect potential threats and mitigate risks. Perform event correlation using multiple data sources to understand the nature of security incidents and determine their impact on client environments. Threat Detection & Mitigation: Analyze alerts to identify active threats, perform root cause analysis, and apply appropriate mitigation techniques for both structured and unstructured environments. Evaluate security incidents across AWS and Azure environments, analyzing system, network, and email security events. Proactive Cybersecurity Measures: Conduct root cause analysis of security events and recommend actions to address vulnerabilities. Contribute to the development and constant improvement of SOC runbooks and playbooks to optimize security operations. Collaboration & Reporting: Work closely with cross-functional teams to escalate critical incidents and provide daily summary reports on activities relevant to cyber operations. Lead discussions on incident trends, perform cyber operations trend analysis, and report on findings to ensure continuous security enhancement. Continuous Improvement: Recommend improvements to automations, alert fidelity, and security controls to improve security efficacy and response time. Engage in team meetings, calls, and chats, contributing technical insights to enhance security strategies and tactics. Required Education and Experience: Education: Bachelor s Degree in Computer Science, Information Technology, Cybersecurity, or related fields. A Master s Degree is preferred but not required. Experience: Extensive experience working as a SOC Analyst or similar cybersecurity roles, especially in a 24/7 security operations center environment. Proficient in event analysis, log analysis, and network event management. Hands-on experience with cloud environments such as AWS and Azure, with a focus on cybersecurity threats and mitigations. Solid understanding of TCP/IP network security, modern attack techniques, exploitation methods, and operating system security. Preferred Technical and Professional Experience: Security Tools & Platforms: Experience with CyberArk, Azure SSO, and other enterprise security technologies. Knowledge of enterprise web technologies and cutting-edge security infrastructures. Familiarity with security automation tools and best practices for improving alert fidelity and security controls. Advanced Event & Threat Analysis: Proven ability to perform high-quality triage and in-depth analysis of security alerts. Experience in documenting incidents and escalating critical issues with appropriate cyber operations reports. Communication & Collaboration: Strong verbal and written communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders. Ability to actively contribute to team discussions, runbook creation, and security playbook updates. Global Impact: Join a globally recognized team working at the forefront of cybersecurity, helping to shape the future of digital security. Career Development: IBM offers a strong focus on professional growth, offering learning opportunities, certifications, and exposure to the latest security technologies. Collaborative Culture: Be part of a collaborative and dynamic team, working together to tackle the most pressing security challenges faced by businesses around the world. If you are ready to contribute to the security and resilience of leading global organizations, we invite you to apply and be a part of our forward-thinking security team at IBM Consulting. Qualification : Bachelors Degree in Computer Science, Information Technology, Cybersecurity, or related fields.
Analyst - Secops
Einfochips
Position: Analyst - SecOps (SOC Level 2) Job Overview: We are looking for a skilled SOC Level 2 Analyst to join our global Cyber Operations team. This critical role ensures the security of our organization by monitoring, detecting, and responding to security incidents. The Analyst will work on a rotating 24x7 shift schedule, including night shifts. The ideal candidate will have strong experience in SOC operations, incident response, and proficiency with cybersecurity tools and technologies. Key Responsibilities: Threat Detection and Incident Response: Monitor, analyze, and respond to global security alerts using SIEM/SOAR tools. Perform triage and analysis with sandboxing technologies and threat intelligence platforms. Investigate security events, implement containment and recovery strategies, and expedite workflows with AI/ML capabilities. Query and correlate security data using KQL (Kusto Query Language) to identify and address threats. Develop and manage automated detection rules and playbooks in Microsoft Sentinel. Enhance endpoint protection and data security using Microsoft Defender and MS Purview Data Loss Prevention (DLP) tools. Threat Hunting and Data Forensics: Perform proactive threat hunting and data forensics to identify and investigate potential threats. Use advanced threat intelligence platforms to refine detection strategies. Develop and execute SOC playbooks to improve response times and operational efficiency. Team Collaboration and Leadership: Provide assistance with complex incidents and investigations. Collaborate with USA security escalation teams and other departments to improve the organization s overall security posture. Contribute to the development and refinement of SOC procedures and best practices. Career Development: Opportunities for progression to roles like SOC Lead or SOC Architect. Access to continuous learning, certifications, and professional development resources. Regular performance reviews to discuss career growth and advancement. Qualifications: Bachelor s degree in Computer Science, Cybersecurity, or related field (preferred). 3-5 years of experience as a SOC Analyst, with lead responsibilities being a plus. Strong proficiency in KQL (Kusto Query Language) for querying and analyzing security data. Hands-on experience with Microsoft Sentinel (including rule creation, playbook implementation, and workbooks). Proficiency in Microsoft Defender and MS Purview DLP for endpoint protection and data security. Certifications such as CISSP, CEH, or CompTIA Security+ are a plus. Core Technologies and Expertise: Microsoft Sentinel: Expertise with SIEM, rule creation, playbooks, and workbooks. KQL (Kusto Query Language): Proficiency in querying and data correlation. Microsoft Defender: Strong knowledge of endpoint protection and threat detection. MS Purview DLP: Experience in data loss prevention strategies. Incident Response Tools: Knowledge of containment and recovery strategies. Vulnerability Management: Familiarity with assessments, penetration testing, and monitoring. Threat Intelligence Platforms: Ability to leverage and analyze threat intelligence. Network Security: Working knowledge of firewalls, IDS/IPS, and network security protocols. Data Forensics: Skilled in forensic analysis and investigation. SOC Playbooks: Ability to create and manage effective SOC playbooks. Additional Skills: Strong understanding of incident response processes and procedures. Excellent analytical, problem-solving, and communication skills. Ability to work collaboratively within a well-managed team. Rotational 24x7 shift coverage. Location: Bangalore, India (SKAV Seethalakshmi, GESC) Employment Type: Full-time Job Category: Information Technology Qualification : Bachelors degree in Computer Science, Cybersecurity, or related field (preferred).
Cyber Security Analyst
Wipro Limited
Location: Bengaluru, India Role: Cybersecurity Analyst Company: Wipro Limited In a world where data is power, protecting that data is a mission, not just a job. As a Cybersecurity Analyst at Wipro, you ll be the guardian of sensitive information, spotting threats before they strike and building a resilient security posture for the organization. What You ll Do 1 Keep Customers Safe Deliver customer-centric cybersecurity, ensuring systems are fortified and risks are minimized. Monitor logs, security events, and access patterns to detect unusual, unauthorized, or illegal activity. Safeguard log sources, security configurations, and access controls. 2 Hunt, Analyze & Respond Track, analyze, and respond to security incidents escalated by L1 teams (24x7 rotational shifts). Perform log reviews and forensic analysis to understand unauthorized access or breaches. Use advanced analytics tools to identify emerging threat patterns. Conduct detailed root cause analysis and recommend specific, actionable improvements. 3 Be the Incident Commander Lead incident response efforts, coordinating with internal teams and customers for swift resolution. Plan and refine disaster recovery strategies for potential breaches. Create incident reports, dashboards, and analysis summaries to share insights and learnings. 4 Collaborate & Educate Work closely with internal technical leads, practice teams, and external customers to manage security concerns. Assist with internal and external audits, maintaining the information security risk register. Deliver cybersecurity awareness training for colleagues, turning every employee into a security ally. Provide hands-on advice and guidance on handling malicious emails, phishing attempts, and suspicious activity. Key Relationships Stakeholder Why You ll Work Together Internal Tech & Project Leads Regular updates, security reporting, coordination Security Intelligence Team For threat intelligence sharing and practice alignment Customers Direct support during incidents, ensuring transparency & fast resolutions What You Need to Succeed Technical Mastery Deep knowledge of Network Security devices, Firewalls, Endpoints, SIEM, Application Security, IDS/IPS, Vulnerability Assessments & Penetration Testing (VA/PT). Process Excellence Solid understanding of standards, processes, and automation tools to improve consistency and reduce risk. Communication & Collaboration Clear, effective communication skills you ll be the go-to person for explaining security risks to both techies and non-techies. How Your Success Will Be Measured Performance Area Measure Customer Focus Fast, effective resolution of security incidents for internal & external users Process Adherence 90-95% SLA compliance for response & resolution times Key Competencies Effective Communication Collaborative Working Execution Excellence Analytical Thinking & Problem Solving Reinvent Cybersecurity With Wipro This isn t just a job it s your chance to reinvent how organizations protect themselves in a rapidly evolving threat landscape. Join Wipro. Own the mission. Protect the future. Applications from people with disabilities are explicitly welcome.
Infosec Lead
Gameskraft
Infosec Lead Experience: 5-7 Years | Location: Bengaluru About Gameskraft: Founded in 2017, Gameskraft is one of India s fastest-growing online gaming companies. Our mission is to build a safe, secure, and responsible gaming ecosystem while delivering unmatched experiences through innovation and technology. As the industry s only ISO 27001 and ISO 9001 certified company, we set the highest benchmarks in security, design, and performance. Job Summary: We are seeking an experienced Infosec Lead to drive our security strategy, ensuring robust web security, application security, and compliance across the organization. You will be responsible for leading a team of security professionals, implementing best-in-class security measures, and ensuring compliance with industry regulations such as HIPAA, PCI-DSS, ISO, and GDPR. Key Responsibilities: Security Strategy & Program Management: Develop, implement, and maintain a comprehensive security program to safeguard company assets, systems, and data. Collaborate with cross-functional teams to integrate security into product development and business operations. Conduct risk assessments and vulnerability analyses to identify and mitigate security threats. Compliance & Regulatory Adherence: Ensure compliance with HIPAA, PCI-DSS, ISO, GDPR, and other relevant security frameworks. Maintain security certifications and drive adherence to regulatory standards. Develop and enforce security policies, standards, and procedures. Incident Response & Risk Management: Lead incident response efforts, including investigation, containment, and remediation. Continuously monitor security threats, emerging trends, and vulnerabilities to strengthen cyber resilience. Provide security guidance and risk analysis during product launches and infrastructure changes. Team Leadership & Stakeholder Collaboration: Lead and mentor a team of security professionals, fostering a culture of security awareness across the organization. Work closely with engineering, IT, legal, and business teams to embed security best practices. Present regular security reports and key performance metrics to senior management. What You Bring to the Table: Education: Bachelor s or Master s degree in Computer Science, Information Security, or a related field. Experience: 5-7 years of experience in information security, with a strong focus on web security, application security, and compliance. Proven track record in leading security teams and managing enterprise security programs. Technical Expertise: Strong knowledge of security technologies such as firewalls, IDS/IPS, SIEM, encryption, authentication protocols, and penetration testing tools. Experience with cloud security (AWS, Azure, GCP) and DevSecOps methodologies. Familiarity with secure coding practices and application security frameworks (OWASP, NIST, CIS Controls). Hands-on expertise in risk assessment, vulnerability management, and security architecture design. Certifications (Preferred): CISSP, CISM, CISA, CEH, or equivalent industry-recognized security certifications. Soft Skills & Leadership: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to influence and drive security initiatives across multiple teams. Work Culture at Gameskraft: Startup Environment: Fast-paced, ownership-driven culture where innovation and agility thrive. Impactful Work: Direct contribution to securing one of India s largest gaming platforms. Collaboration: Work alongside some of the best minds in the gaming and consumer internet industry. Data-Driven: Leverage analytics to enhance security posture and decision-making. Compensation & Benefits: Attractive Compensation & ESOPs Competitive salary with equity options. Health Insurance 5 Lakh medical cover for you and your family. Car Lease Policy Exclusive leasing options for employees. Relocation Benefits Assistance with moving to Bengaluru. Free Lunch & Stocked Pantries Enjoy great food while you work! Performance-Based Growth Transparent appraisals and rapid career progression. Join Us & Secure the Future of Gaming! If you re passionate about cybersecurity, risk management, and building secure digital ecosystems, we d love to have you on board. Apply now and be part of an exciting journey at Gameskraft! Qualification : Bachelors or Masters degree in Computer Science, Information Security, or a related field.
Deputy Manager - Engineering
Schneider Electric
About the Role: We are seeking a highly skilled Cybersecurity and Automation Systems Engineer to design and implement automation systems, safety systems, and package system networks with a focus on digital transformation and cybersecurity. The ideal candidate will have experience in managing complex network and cybersecurity configurations and hardening, including solutions like Active Directory, SIEM, IDS, Firewalls, Cloud Computing (AWS/Azure), and other key technologies. This role will involve working with various teams, including OEMs, vendors, and customers, to ensure that all project activities meet deadlines, adhere to safety standards, and align with the overall project requirements. Key Responsibilities: Project Management & Coordination: Manage and oversee project scope, including coordination between various project teams, ensuring all activities align with project goals. Act as the main focal point for coordination with OEMs, subcontractors, and vendors. Cybersecurity & Network Design: Design, configure, deploy, and maintain cybersecurity systems, including firewalls, routers, switches, IDS/IPS, patch management, antivirus software, and more. Ensure networks are resilient to cyber-attacks and monitor traffic for suspicious activity. Engineering & Documentation: Prepare and review engineering and construction documents, such as method statements, testing procedures, and planning documents. Ensure timely approvals and compliance with industry standards. Network & Cybersecurity Tools: Deploy and manage solutions for Active Directory, EDR, WSUS, RADIUS, Log Management, SIEM, NCM, backup solutions, and other key cybersecurity protocols. Maintain a secure network infrastructure to prevent unauthorized access and potential cyber threats. Standards & Best Practices: Ensure that all systems and configurations comply with industry standards (e.g., ISA, Shell, CERT, NIST, ISO 27001/2, CIS, PCI-DSS). Stay up-to-date on emerging trends in cybersecurity and apply relevant frameworks. Collaborative Support: Work closely with the project team to achieve goals within the scheduled timelines, providing technical expertise and guidance on network security and automation solutions. Technical Analysis & Risk Management: Identify and evaluate opportunities for technical improvements in cybersecurity systems and network designs. Provide recommendations for system enhancements and communicate the economic justification for those improvements. Communication & Stakeholder Engagement: Communicate complex technical concepts to both technical and non-technical stakeholders, ensuring alignment across all parties. Collaborate effectively within a fast-paced environment to meet project deliverables. Professional Attributes: Strong analytical skills with a structured approach to problem-solving. Excellent communication and interpersonal skills, able to explain technical topics clearly to clients and stakeholders. Creativity and innovation in solving complex problems and the ability to perform under pressure. Leadership and proactive attitude to motivate teams and drive successful project outcomes. Required Qualifications & Certifications: Educational Requirements: Bachelor's degree in Engineering (Electrical & Electronics, Electronics & Communication, Electronics and Instrumentation, Control & Instrumentation, Computer Science, IT). Professional Experience: 8-10 years of relevant experience in cybersecurity, network design, and automation systems. Cybersecurity Certifications: CISSP, CISA, CISM, GICSP, ISA/IEC62443, or equivalent certifications are required. Technical Expertise: In-depth understanding of networking and cybersecurity concepts, tools, and techniques, including Active Directory, SIEM, IDS/IPS, firewalls, routers, switches, and cloud security (AWS, Azure). Industry Knowledge: Familiarity with industry standards like ISA, Shell, CERT, NIST, and relevant cybersecurity frameworks. Desired Skills: Experience with Cybersecurity Certifications such as Certified Information Systems Security Professional (CISSP), CompTIA Security+, and related certifications. Proficient in MS Office and related project management tools. Ability to work independently and as part of a team, meeting deadlines and managing multiple tasks. Qualification : Bachelor's degree in Engineering (Electrical & Electronics, Electronics & Communication, Electronics and Instrumentation, Control & Instrumentation, Computer Science, IT).
Principal Threat Research Engineer
Aryaka Networks
The Principal Threat Research Engineer will identify, analyze, and mitigate evolving cyber threats by creating and maintaining effective threat detection signatures. This role requires deep expertise in understanding modern cyber threats, malware behavior, and signature writing for advanced threat detection technologies. You will work closely with cross-functional teams, such as threat intelligence, incident response, and security product development, to enhance the organization s defense capabilities and provide strategic insight into the threat landscape. Key Responsibilities: Signature Writing & Development: i) Design and develop accurate, high-quality signatures and detection rules for threat detection systems (IDS/IPS, AV, EDR). ii) Improve and update detection logic to adapt to the latest threats, exploits, and attack vectors. iii) Optimize detection signatures to minimize false positives and maximize detection efficiency across various security platforms. Threat Research & Analysis: i) Lead in-depth research into emerging cyber threats, malware, APT groups, and TTPs (Tactics, Techniques, and Procedures). ii) Analyze attack patterns, behavior, and malicious code to identify new detection opportunities. iii) Track and understand evolving threat landscapes, including new vulnerabilities, exploits, and attack campaigns. Collaborative Threat Intelligence: i) Collaborate with global threat intelligence teams to share threat research findings and develop a comprehensive understanding of adversarial behavior. ii) Maintain relationships with external threat-sharing communities and organizations to stay up-to-date on the latest threat information. iii) Support the security team in responding to active threats, providing detection strategies and remediation guidance. Detection Engineering & Optimization: i) Work closely with the detection engineering team to integrate custom and third-party signatures into existing detection platforms (SIEM, IDS/IPS, EDR). ii) Identify gaps in current detection methodologies and implement improved detection capabilities for advanced threats, such as zero-day exploits, fileless malware, and APT campaigns. iii) Conduct performance testing and tuning of signatures to ensure system stability and effectiveness under various network environments. Thought Leadership & Knowledge Sharing: i) Act as a subject matter expert on threat detection, signature development, and malware analysis for internal and external stakeholders. ii) Lead and mentor junior threat researchers and engineers by providing guidance, training, and technical expertise. iii) Create research reports, blogs, whitepapers, and presentations to communicate key research findings and trends to technical and non-technical audiences. Required Qualifications: Bachelor s or Master s degree in Computer Science, Cybersecurity, Information Security, or a related field. 8+ years of experience in cybersecurity, with a focus on threat research, signature development, or malware analysis. Proven experience in writing and optimizing signatures for IDS/IPS, antivirus, and endpoint detection and response (EDR) solutions. Deep knowledge of cyber threats, including malware, ransomware, phishing, and advanced persistent threats (APTs). Strong understanding of network protocols, system internals (Windows, Linux), and attack techniques such as fileless malware, obfuscation, and evasion. Proficiency with malware analysis tools (e.g., IDA Pro, Ghidra), network analysis tools (e.g., Wireshark, Zeek), and sandbox environments. Experience with signature formats such as YARA, Snort, Suricata, and regular expression-based detection logic. Familiarity with MITRE ATT&CK framework and how it maps to threat detection and signature development. Strong problem-solving and analytical skills, with an ability to think critically about threat detection and mitigation strategies. Excellent verbal and written communication skills, with the ability to convey complex threat intelligence and detection strategies to a diverse audience. Ability to work collaboratively across teams and mentor junior team members. Preferred Qualifications: Relevant cybersecurity certifications such as CISSP, GIAC, OSCP, or GREM. Expertise in scripting and automation (Python, PowerShell, Bash) to automate threat research and signature writing processes. Experience with cloud-based threat detection and response (e.g., AWS GuardDuty, Azure Sentinel). Familiarity with advanced hunting techniques, including threat hunting using logs, endpoint data, and network data. Employee Value Proposition (EVP): At Aryaka, we offer a dynamic and innovative work environment where you will have the opportunity to make a significant impact in the network security industry. Our commitment to cutting-edge technology and customer satisfaction provides a platform for continuous learning and professional growth. Qualification : Bachelors or Masters degree in Computer Science, Cybersecurity, Information Security, or a related field.
Consultant, Cyber Incident Response
Dell Technologies
What You ll Achieve: As a Consultant, Cyber Incident Response, you will be responsible for handling complex cybersecurity incidents, providing advanced analysis, and offering support to L1 and L2 analysts. Your role will require extensive experience in the full lifecycle of Cybersecurity Incident Response, including preparation, analysis, notification, response, recovery, and post-mortem activities. Key Responsibilities: Global Escalation Point: Serve as the primary escalation point for complex cybersecurity incidents that are not resolved by L1/L2 analysts, offering regional subject matter expertise on incident response. Incident Analysis and Investigation: Conduct in-depth analysis of security incidents, determining the root cause and potential impact to the organization. Investigate and analyze large, unstructured datasets, malicious artifacts, and EDR (Endpoint Detection and Response) tools to identify trends, anomalies, and potential threats. Incident Response Lifecycle: Oversee all phases of incident response, including preparation, analysis, response, recovery, and post-mortem reviews to identify lessons learned and enhance future response efforts. Liaison with Stakeholders: Act as a liaison between various stakeholders and internal CSIRT (Computer Security Incident Response Team) teams, helping implement best security practices and driving process improvements for incident response. Mentorship and Training: Provide guidance and training to L1 and L2 analysts, sharing your knowledge to enhance their skills in cybersecurity incident response. Essential Requirements: Cybersecurity Expertise: 10+ years of experience in cybersecurity incident response and hands-on experience within a Security Operations Center (SOC). Incident Investigation Skills: Exceptional ability to conduct investigations, analyze findings, and determine the root cause of incidents. Strong Technical Knowledge: In-depth understanding of security technologies such as SIEM (Security Information and Event Management), full packet capture, firewalls/NGFW, IDS/IPS, EDR, DLP (Data Loss Prevention), UEBA (User Entity Behavior Analytics), and familiarity with networking protocols. Experience with Cloud Computing, Microsoft Windows, and Linux/Unix platforms. Experience with Cyber-attacks: Strong knowledge of various cyber-attack types and techniques, including incident response, threat hunting, and understanding attack lifecycles. Analytical and Communication Skills: Excellent analytical thinking, time management, and coordination skills. Strong command of English, both written and verbal, for clear communication with stakeholders and teams. Desirable Requirements: Certifications: Industry-recognized certifications such as CISSP, SANS GCIH, GCIA, GNFA, GREM, etc. Additional Skills: Experience in Digital Forensics and reverse malware tools. Proficiency in scripting languages for incident analysis and automation.
Manager, Cloud Operations
Druva
Job Title: Manager, Cloud Operations Company: Druva Location: Pune, Maharashtra, India About Druva: Druva is a global leader in data security solutions, empowering organizations to protect and recover their data from all threats. Our Druva Data Security Cloud is a fully managed SaaS platform providing air-gapped and immutable data protection across cloud, on-premises, and edge environments. By centralizing data protection, we strengthen traditional security approaches and enable faster incident response, effective cyber remediation, and robust data governance. Trusted by nearly 7,500 customers including 75 of the Fortune 500 Druva safeguards critical business data in an increasingly connected world. Learn more at druva.com and follow us on LinkedIn, X, and Facebook. Role Overview: As Manager of Cloud Operations, you will lead the team responsible for the stability, scalability, and performance of Druva s cloud infrastructure within our large-scale SaaS environment. This hands-on leadership role demands a deep technical background in AWS cloud operations combined with strong people management skills. You will drive operational excellence through automation, cost management, and rigorous adherence to security and compliance standards, ensuring our services remain highly available 24x7. Key Responsibilities: Team Leadership & Development: Lead, mentor, and support a team of cloud engineers to deliver high-quality results. Foster a collaborative environment and remove blockers to maximize team productivity. Manage hiring, coaching, and retention to build a high-performing team. Technical Strategy & Execution: Drive automation initiatives to minimize manual tasks, boost reliability, and optimize operational workflows. Enforce compliance with security policies and industry regulations. Collaborate closely with DevOps and SRE teams to continuously enhance infrastructure and processes. Champion cost-efficiency while maintaining top-tier system performance. System Reliability & Performance: Monitor and review system health regularly; identify and address any breaches in Service Level Objectives (SLOs). Ensure cloud infrastructure is secure, scalable, and highly available through proactive incident management. Lead incident response, root cause analysis, and post-mortems to improve service resilience. Cross-Functional Collaboration: Partner with engineering teams to ensure smooth deployment of SaaS services to production. Conduct cross-team meetings to communicate deployment quality and status with Release and Host Domain (RHD) owners. Cost of Goods Sold (COGS) Management: Maintain adherence to reservation posture and optimize cloud resource usage. Detect and report COGS anomalies using automated tools and internal alerts. Analyze unit cost trends and customer behavior to identify and address cost irregularities. Security & Compliance: Conduct regular compliance validations and audits. Work with security teams to plan and execute quarterly security roadmap initiatives. Respond promptly to critical security alerts and incidents. Qualifications: 8 10 years of experience in Cloud Operations with at least 2 years in a leadership role. Strong expertise in AWS cloud infrastructure management. Proven track record in driving automation and operational improvements. Deep understanding of system reliability engineering (SRE) and incident management. Experience with cost management and security compliance in cloud environments. Excellent communication and people management skills. If you re passionate about leading cloud operations teams and building secure, reliable SaaS infrastructure at scale, we d love to hear from you!
1 - 20 of 3201 Cyber Security Analyst jobs
* No exact matches found. Showing closest results insteadNo results found
Modify search criteria or create an alert to get relevant jobs as soon as they’re posted
1 - 20 of 3201