Incident Detection Jobs in Bengaluru

Security Operations Engineer FalconX Location: Bangalore Experience: 3+ Years Education: Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field About FalconX FalconX is a pioneering team of operators, investors, and builders transforming institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX simplifies the complex and fragmented digital asset ecosystem. Our platform empowers clients to navigate the crypto landscape seamlessly, providing access, liquidity, and tools to execute institutional strategies from start to scale. Role Overview We are looking for a Security Operations Engineer to strengthen our cybersecurity posture and protect our systems, data, and clients. In this role, you will monitor, detect, and respond to threats across on-premise and cloud environments, conduct investigations, perform threat hunting, and automate security operations. Key Responsibilities Monitor, detect, and respond to security incidents across cloud and on-premise environments. Analyze security alerts from various tools to identify potential threats and anomalies. Conduct forensic investigations and deep-dive analysis to identify trends and attack techniques. Perform proactive threat hunting across endpoints, networks, and cloud environments. Analyze security logs and behavioral patterns to detect Indicators of Compromise (IOCs). Investigate security incidents and provide actionable mitigation and remediation recommendations. Develop and refine threat hunting methodologies using frameworks like MITRE ATT&CK. Automate threat detection and response processes using scripting languages such as Python, PowerShell, or Bash. Continuously monitor emerging threats, vulnerabilities, and attack trends to improve strategies. Required Qualifications Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field. 3+ years of experience in Security Operations, Threat Hunting, or a similar cybersecurity role. Hands-on experience working with log data for detection and response (Cloud, EDR, Network, etc.). Experience developing and deploying detection rules (Yara, Sigma, SQL-based rules, etc.). Strong understanding of network security monitoring, packet analysis, and log correlation. Deep knowledge of advanced threat detection methodologies and threat intelligence. Proficiency in analyzing attacker TTPs using frameworks like MITRE ATT&CK. Skilled in scripting and automation for security operations (Python, PowerShell, Bash). Familiarity with endpoint security, identity management, cloud security, and incident response. Protect critical systems, data, and client assets from emerging cyber threats. Play a key role in detecting, investigating, and responding to security incidents. Collaborate with cross-functional teams to strengthen security posture and operational resilience. Drive proactive threat hunting and automation to improve efficiency and effectiveness. Qualification : Bachelors degree in Cybersecurity, Computer Science, Information Technology, or related field

Senior Manager, Security Operations Center (SOC) Location: Bangalore Type: Full-Time Experience Required: 8+ Years (3+ in Leadership) Role Overview: Strategic Cyber Defense We are seeking a Senior Manager to lead and modernize our SOC operations across enterprise and product environments. You will oversee a high-performance team dedicated to threat detection, advanced detection engineering, and incident response. This role is a strategic blend of technical mastery leveraging AI and SOAR and people leadership, focused on building a resilient, automation-first security culture. Core SOC Service Offerings & Expertise Advanced Defense & Detection: Detection Engineering: Implement Detection-as-Code practices and prioritize backlogs based on the evolving threat landscape. Threat Intelligence & Hunting: Deliver actionable intel and execute structured threat hunting hypotheses to proactively identify stealthy adversaries. Deception & Validation: Manage deception strategies (honeypots/tokens) and use attack emulation tools to validate detection logic effectiveness. Forensics: Lead digital forensic investigations, evidence acquisition, and post-incident analysis. Automation & Technology Stack: Azure Ecosystem: Advanced proficiency with Microsoft Sentinel, Defender XDR, and Defender for Cloud using KQL. Cloud Operations: Strong knowledge of security operations across Azure, AWS, and preferably GCP. SOAR & AI: Champion the integration of Security Orchestration, Automation, and Response (SOAR) and AI to drive SOC efficiency. Key Responsibilities Leadership & Strategy: Team Development: Coach and mentor the SOC team, conducting regular 1-on-1s and fostering a growth-oriented culture to prevent burnout. Roadmap Execution: Help define a comprehensive SOC strategy and maturity framework aligned with organizational risk management. Stakeholder Liaison: Act as a trusted advisor to Product, IT, and Development leaders to integrate security into cross-functional workflows. Metrics & Operational Excellence: Data-Driven Reporting: Develop dashboards (e.g., Power BI) to track KPIs, KRIs, and detection coverage. Incident Lifecycle: Lead the lifecycle of escalated incidents, conduct root cause analysis, and execute tabletop exercises. 24/7 MDR Strategy: Define operational procedures for Managed Detection and Response (MDR) and sustainable on-call rotations. Qualifications for Success Proven Leadership: 8+ years in InfoSec with specific experience leading SOC or MDR functions. Azure Mastery: Deep technical expertise in the Microsoft security stack. Framework Knowledge: Familiarity with MITRE ATT&CK, Purple Teaming, and cloud-native detection. Soft Skills: Exceptional ability to simplify complex technical content for executive-level communication.

Security Research Engineer Security Research Experience: 5 8 Years | Location: Bangalore | Employment Type: Full-Time About SecPod SecPod is a SaaS-based cybersecurity products company focused on prevention-first security. Our Saner Cloud platform is a unified CNAPP solution that combines AI-driven threat intelligence, automated vulnerability detection, and Cloud Security Posture Management (CSPM) to secure multi-cloud environments. Role Summary We are seeking a highly skilled Security Research Engineer to join our Security Research team. This role focuses on researching emerging cloud security threats, developing security intelligence feeds, building proof-of-concepts (PoCs) for misconfigurations, and creating automated remediation and compliance content. Key Responsibilities Threat Research: Conduct security research to develop intelligence feeds and checks with a strong emphasis on cloud security. Vulnerability & Risk Analysis: Identify and create PoCs for emerging cloud misconfigurations and security risks. Automation: Develop automation for research and validation tasks using Python or other scripting languages. Compliance & Remediation: Build remediation feeds for cloud misconfigurations and compliance benchmarks. Lifecycle Management: Manage the end-to-end lifecycle of research outputs, from initial development through production release. Required Qualifications & Skills Professional Experience: 5 8 years in security research or engineering, with at least 3 years in a senior technical role. Cloud Infrastructure: Hands-on experience with AWS, Azure, or GCP. Technical Fundamentals: Strong understanding of operating systems, networking, and computer science security. Programming: Proficiency in languages such as Python, C, C++, or Java. Environment Expertise: Experience across Linux/Unix, Windows, and virtualization environments. Compliance: Solid knowledge of cloud security and security benchmark compliance. Education Bachelor s degree (or equivalent) in Computer Science or a related field. Qualification : Bachelors degree (or equivalent) in Computer Science or a related field

Security Operations Engineer Location: Bangalore About Us FalconX is a pioneering team of operators, investors, and builders committed to transforming institutional access to the digital asset markets. By bridging traditional finance with cutting-edge technology, we address the industry's most complex challenges. We offer a comprehensive solution for all digital asset strategies from startup to scale enabling our clients to navigate the ever-evolving cryptocurrency landscape with confidence. We are seeking an experienced Security Operations Engineer to help secure FalconX s infrastructure and protect our clients digital assets. As a part of our security team, you will monitor, detect, and respond to cyber threats across both on-premise and cloud environments, ensuring the integrity and safety of our systems and data. Key Responsibilities Security Monitoring & Incident Response: Monitor and respond to security incidents across both on-premise and cloud environments, ensuring timely detection and remediation of potential threats. Threat Detection & Analysis: Analyze security alerts from various security tools to identify, investigate, and mitigate security risks. Conduct in-depth forensic investigations to identify trends, attack techniques, and vulnerabilities. Proactive Threat Hunting: Conduct proactive threat hunting across endpoints, networks, and cloud environments, looking for sophisticated and emerging threats that may not yet be detected by traditional security measures. Forensics & Incident Investigation: Investigate and analyze security incidents to identify the root cause. Provide actionable recommendations for improving security posture and preventing future incidents. Detection Engineering: Develop and refine threat detection methodologies and rules (e.g., Yara, Sigma, SQL-based rules, network protocols) to enhance security monitoring capabilities. Utilize frameworks like MITRE ATT&CK and the Cyber Kill Chain to guide threat hunting and analysis. Automation & Scripting: Leverage scripting languages (Python, PowerShell, or Bash) to automate threat detection, analysis, and response processes, improving overall efficiency and effectiveness. Threat Intelligence & Trend Analysis: Stay informed about emerging threats, vulnerabilities, and attack trends to continuously improve detection strategies and enhance the response to new security challenges. Qualifications Education & Experience Education: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience). Experience: Minimum of 3 years in a security operations, threat hunting, or similar cybersecurity role. Security Expertise Strong experience working with security tools and log data (Cloud, EDR, Network, etc.) for detection and response. Deep understanding of network security, packet analysis, and log correlation. Proficiency in advanced threat detection methodologies and threat intelligence, with a strong grasp of attacker tactics, techniques, and procedures (TTPs), especially using frameworks like MITRE ATT&CK. Technical Skills Proficiency in scripting and automation (Python, PowerShell, Bash). Experience with detection engineering and developing custom detection rules (e.g., Yara, Sigma, SQL-based, Network). Familiarity with endpoint security, identity management, vulnerability management, cloud security, and incident response. Soft Skills Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication skills, with the ability to work effectively in a collaborative, fast-paced environment. Be part of a rapidly growing company at the cutting edge of finance and technology. A dynamic, fast-paced work environment where your expertise will directly impact business success. Competitive salary and benefits package. Opportunities for professional growth in a highly innovative industry. Qualification : Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience)

Lead Platform Engineer Observability Solutions Location: Bengaluru Experience: 6 10 Years Function: Observability Engineering | Platform Architecture | SRE Enablement Join VuNet Redefining Digital Observability at Scale VuNet is transforming the future of digital experiences through Business Journey Observability, combining Big Data and AI/ML to empower real-time visibility across payments, banking, and financial services. Monitoring 28+ billion transactions/month, our platform is trusted by top financial institutions and powers over 300 million users. Backed by Series B funding and recognized by Gartner, NASSCOM, and Forbes, we are leading the charge in building a new category of observability, proudly Made in India for global impact. Your Role: Lead Platform Engineer As the Lead Platform Engineer, you will architect and drive the development of packaged observability solutions across 100+ infrastructure and application technologies. You will define **golden signals**, build **data collection strategies**, and lead the standardization of alerts, dashboards, and RCA workflows for platforms like **Kubernetes, Oracle DB, and Tomcat**. This is a cross-functional leadership role that sits at the intersection of product, platform, DevOps, and SRE. You will **lead a team** and influence how observability is delivered, scaled, and adopted across complex environments. Key Responsibilities Observability Solution Development Design and lead the delivery of observability packages for databases, middleware, cloud-native, and legacy platforms. Define and implement data collection pipelines, including agents, APIs, logs, metrics, traces, and service discovery. Establish **golden signals, SLIs/SLOs**, and health KPIs for performance, availability, and anomaly detection. Dashboards, Alerts & RCA Develop standardized, reusable dashboards, alerts, reports, and troubleshooting playbooks. Automate **RCA workflows** to improve MTTR and reduce alert fatigue. Platform Enablement & Integration Work with engineering to enhance agent capabilities and support new data sources/formats. Guide implementation of platform features for better observability at scale. Team Leadership & Governance Lead and mentor a team of observability engineers and specialists. Define design patterns, reusable modules, and version-controlled libraries. Stakeholder Collaboration Partner with product managers, DevOps, SREs, and customer teams to gather requirements, align priorities, and validate use cases. Ensure deliverables are scalable, well-documented, and production-ready. What You Bring Must-Have Skills 6 10 years of experience in observability, platform engineering, or SRE roles. Hands-on with tools like Prometheus, Grafana, OpenTelemetry, ELK/EFK, Datadog, Splunk. Strong understanding of logs, metrics, traces, profiling, and collection strategies. Experience developing solutions for platforms like Kubernetes, Oracle, PostgreSQL, Tomcat, etc. Proficient in Python, Shell scripting, APIs, and automation tools (**Terraform**, etc.). Familiar with alert fatigue mitigation, anomaly detection, and RCA frameworks. Excellent communication, technical leadership, and documentation skills. Nice to Have Experience managing an observability marketplace or solution catalog. Contributions to open-source observability projects. Certifications in Kubernetes, Observability platforms, or cloud providers (AWS/GCP/Azure). Background in ITSM tools, CMDBs, or incident workflow automation. At VuNet, you ll help build a category-defining observability platform that s already transforming critical infrastructure for leading financial institutions. You ll work with passionate engineers, push technical boundaries, and grow in a high-trust, high-impact environment. What You ll Experience: Ownership of key observability initiatives impacting 300M+ users. Collaboration with SRE, DevOps, and product teams across real-time financial systems. Opportunity to experiment with and shape Gen AI, ML, and emerging telemetry trends. Perks & Benefits Health insurance for you, your parents, and dependents. 1:1 mental wellness support. Training programs, certifications, and career growth opportunities. Transparent, inclusive, and high-trust work culture. Access to cutting-edge technology and Gen AI-powered workspaces.

Job Title: Information Security Engineer Location: Bengaluru Company: Altisource (NASDAQ: ASPS) About Altisource At Altisource, we develop cutting-edge technologies and services for the mortgage and real estate industry. We re a trusted partner to 7 of the top 10 U.S. mortgage servicers, operate one of the leading real estate auction platforms, and support a cooperative with over 15% market share in the $1.8 trillion U.S. originations market. If you're passionate about cybersecurity and want to make an impact in a high-growth, tech-driven environment this is the role for you. Position Summary We re looking for a highly motivated Information Security Engineer to support our growing security operations. You will play a vital role in identifying and mitigating security risks across applications, systems, and networks. This role involves vulnerability assessments, code reviews, and automation of security tasks ensuring Altisource remains secure and compliant in a fast-paced environment. Key Responsibilities Conduct vulnerability assessments on applications, networks, and systems. Perform manual verification to reduce false positives and validate security fixes. Communicate identified vulnerabilities and recommend remediation steps to internal teams. Perform secure code reviews and assist development teams in fixing identified issues. Identify and mitigate risks throughout the software development lifecycle. Leverage commercial and open-source tools for vulnerability detection (e.g., Qualys, Nessus, Burp Suite). Assist in internal penetration testing initiatives. Develop internal tools and automate security tasks, leveraging AI where applicable. Stay updated on the latest threats, tools, and best practices in cybersecurity. Create detailed assessment reports and present findings to technical and non-technical stakeholders. Train and mentor team members on vulnerability management processes and tools. Required Qualifications Bachelor s degree in Computer Science, Engineering, or a related field. 3 to 5 years of hands-on experience in information security or related roles. Relevant certifications such as CEH, GIAC, or similar. Solid experience in: Network vulnerability assessments Application scanning and secure code review Windows, Linux, and Unix operating systems Familiarity with OWASP tools, methodologies, and security best practices. Strong communication skills both written and verbal. Preferred Skills Experience with tools like: Qualys, Nessus, Nexpose, SAINT Burp Suite Pro, HP WebInspect Static analysis tools (e.g., IBM AppScan Source, Fortify) Proficiency in one or more programming languages: Java, C, C++, .NET (C#, VB). Experience delivering training or presenting technical content to teams. Background in technical writing or web development is a plus. Be part of a team securing technologies used by top players in the mortgage and real estate space. Work with modern tools and frameworks. Enjoy a collaborative environment that supports innovation, growth, and learning. Qualification : Bachelors degree in Computer Science, Engineering, or a related field

Job Title: General Manager Network Infrastructure & Security Location: Bangalore Department: IT and Systems Employee Type: Permanent Experience Required: 10 20 years Job Summary We are seeking a seasoned and strategic IT Infrastructure and Cybersecurity Leader to oversee and drive the company s enterprise-wide infrastructure and security initiatives. This role is responsible for developing and executing the vision, strategy, and programs to ensure the availability, performance, and security of our IT systems and data. The ideal candidate will work closely with executive leadership to align technology and security efforts with organizational objectives and risk tolerance. Key Responsibilities IT Infrastructure Management Lead the planning, implementation, and management of core IT infrastructure including networks, servers, cloud platforms, storage, and enterprise systems. Ensure high availability, performance, and scalability of IT infrastructure to support business operations. Oversee disaster recovery and business continuity strategies to mitigate operational risk. Manage vendor relationships, contracts, and Service Level Agreements (SLAs). Monitor system performance and continuously implement efficiency improvements and optimizations. Cybersecurity Leadership Establish, implement, and maintain cybersecurity policies, procedures, and standards across the organization. Conduct regular risk assessments, vulnerability scans, and implement corrective actions. Oversee security tools and solutions, including firewalls, antivirus, endpoint protection, SIEM, and intrusion detection systems. Lead incident response efforts, forensic investigations, and post-event reviews. Ensure compliance with relevant cybersecurity and data privacy regulations (e.g., ISO 27001, GDPR). Leadership & Cross-functional Collaboration Lead, mentor, and manage a team of IT infrastructure and security professionals. Collaborate with stakeholders across departments to align IT and cybersecurity strategies with business goals. Provide executive-level reporting on infrastructure performance, risk posture, incident management, and compliance metrics. Drive a culture of cybersecurity awareness and operational excellence throughout the organization. Qualifications & Experience Education: Bachelor s degree in Computer Science, Information Technology, or a related field. Master s degree preferred. Certifications (Preferred): CISSP, CISM, CISA, or equivalent professional certifications. Experience: 18+ years of progressive experience in IT infrastructure, cybersecurity, and risk management. Deep knowledge of security frameworks such as ISO/IEC 27001 and regulatory standards like GDPR. Proven experience in formulating and implementing enterprise-wide security policies and managing dynamic IT environments. Key Skills: Strategic planning & execution Project & vendor management Security architecture and governance Cross-functional collaboration & stakeholder communication Managing Security Operations Centers (SOC) Preferred Skills & Competencies Strong analytical and problem-solving skills to align business needs with technology solutions. Experience in documenting and executing security architecture and strategic plans. In-depth knowledge of IT networks, infrastructure systems, and cloud environments. Ability to communicate technical concepts to both technical and non-technical audiences, including C-level stakeholders. Qualification : Bachelors degree in Computer Science, Information Technology, or a related field

Platform Admin NextGen SIEM Location: Bangalore (Onsite) About ColorTokens At ColorTokens, we re all about helping businesses stay secure and keep running, no matter what cyber chaos hits. Our game-changing Xshield platform stops ransomware and malware from spreading sideways, so companies can keep their critical stuff safe and business uninterrupted. We bring insane visibility into traffic flows between workloads, IoT devices, users basically everything to create super tight security zones that isolate threats fast. We re a Forrester Wave Leader (Q3 2024) for microsegmentation and protect global giants from costly cyber disruptions. Our Culture We love self-starters who bring energy, curiosity, and big ideas. You ll get to own projects, collaborate with passionate teammates, and work on security that actually protects real people from hospitals to cities to entire nations. What You ll Do The Role You ll run and manage our NextGen SIEM platform think Splunk, Sentinel, Exabeam, Stellar Cyber, or similar making sure it s up-to-date, humming smoothly, and packed with the right alerts. Admin & Ops: Install, configure, patch, and keep the SIEM platform running 24/7. Log Boss: Bring in new log sources, troubleshoot ingestion issues, and ensure data is clean and compliant. Rule Maker: Build and tweak detection rules and alerts to catch real threats while cutting down false alarms. Integrate & Automate: Connect SIEM with other security tools and automate incident workflows. Lock It Down: Manage user access, keep the platform secure, and nail compliance requirements. Team Player: Work closely with SOC analysts, threat hunters, and engineers to level up detection and response. Support & Train: Help users get the most from the platform and be the go-to expert when incidents hit. Optimize & Report: Track performance, fix bottlenecks, and share insights to keep the platform sharp. What You Bring Your Skills & Experience 8+ years managing SIEM platforms, especially NextGen ones like Splunk, Sentinel, or Exabeam. Expert in log management, rule creation, and onboarding data from all sorts of sources. Solid scripting skills (Python, PowerShell) to automate and customize workflows. Deep knowledge of log formats (Syslog, JSON, XML), querying languages (KQL, SPL, AQL), and data pipelines. Experience integrating SIEM with EDR, SOAR, NDR, and threat intel platforms. Familiar with security frameworks like MITRE ATT&CK, NIST, or CIS. Bonus points if you know cloud security (AWS, Azure, GCP), machine learning in SIEM, or SOAR tools like Cortex XSOAR or Phantom. Your Credentials Bachelor s degree in Computer Science, InfoSec, or related field (or equivalent experience). Relevant certifications like Splunk Certified Admin, Microsoft Security Operations Analyst, QRadar cert, or CISSP are a major plus. What Success Looks Like Keep SIEM uptime near 100%. Smoothly onboard new log sources and build killer detection use cases. Reduce noise fewer false positives, sharper alerts. Fast, effective fixes when platform issues pop up. Align SIEM capabilities tightly with security and business goals. Qualification : Bachelors degree in Computer Science, InfoSec, or related field (or equivalent experience).

Platform Engineer Location: Bengaluru, Karnataka, India Full-time partially remote About ColorTokens At ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen but with our cutting-edge ColorTokens Xshield platform, companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to continue operating while breaches are contained, ensuring critical assets remain protected. Our innovative platform provides unparalleled visibility into traffic patterns between workloads, OT/IoT/IoMT devices, and users, allowing businesses to enforce granular micro-perimeters, swiftly isolate key assets, and respond to breaches with agility. Recognized as a Leader in the Forrester Wave : Microsegmentation Solutions (Q3 2024), ColorTokens safeguards global enterprises and delivers significant savings by preventing costly disruptions. Our culture We foster an environment that values customer focus, innovation, collaboration, mutual respect, and informed decision-making. We believe in alignment and empowerment so you can own and drive initiatives autonomously. Self-starters and high-motivated individuals will enjoy the rewarding experience of solving complex challenges that protect some of world s impactful organizations be it a children s hospital, or a city, or the defense department of an entire country. Position Overview: Colortokens is looking for a Junior Platform Administrator to assist in managing, maintaining, and optimizing our NextGen Security Information and Event Management (SIEM) platform. The ideal candidate will support the day-to-day operations, help onboard customer log sources, troubleshoot integration issues, and provide technical assistance to the security operations team. This role is ideal for a motivated professional with 3+ years of experience in SIEM administration, security operations, or log management. Key Responsibilities: SIEM Platform Administration Assist in deploying, configuring, and maintaining the NextGen SIEM platform (e.g., Stellar Cyber, Splunk, Sentinel, QRadar, Chronicle, Exabeam). Perform basic updates and patches to ensure platform security and functionality. Monitor SIEM health, performance, and uptime under the guidance of senior administrators. Log Source Management Onboard new log sources and validate data ingestion. Help troubleshoot log ingestion, parsing, and formatting issues. Maintain log retention policies for compliance. Rule and Use Case Management Support the development and deployment of detection rules, correlation use cases, and alerts. Tune existing use cases to minimize false positives. Work closely with security analysts to refine alerting strategies. Integration and Automation Assist in integrating SIEM with other security tools (e.g., EDR, microsegmentation, vulnerability scanners). Work on basic automation tasks using scripting (Python, PowerShell) to enhance SIEM efficiency. Platform Security and Compliance Support role-based access control (RBAC) and platform security policies. Help ensure SIEM adheres to compliance standards like SOC2, ISO 27001. Participate in periodic security audits. Network Debugging & Troubleshooting Have a basic understanding of TCP/IP, networking concepts, and protocols. Assist in debugging network connectivity issues related to SIEM log ingestion. Use basic network troubleshooting tools. Collaboration and Support Work alongside SOC analysts, threat hunters, and security engineers. Provide basic technical support for SIEM users. Assist in training and documentation for security teams. Performance Monitoring and Optimization Monitor storage and indexing performance to ensure optimal operations. Report any performance issues to senior administrators. Contribute to platform health reports and alerting metrics. Incident Support Assist SOC teams in log analysis, incident response, and forensic investigations. Ensure log data is readily available for security incidents. Education and Certifications: Bachelor s degree in Computer Science, Information Security, or a related field. Certifications (Preferred but not mandatory): Splunk Certified User/Admin Microsoft Certified: Security Operations Analyst Associate QRadar Certification Any SIEM-related certification Experience: 3+ years of experience in SIEM administration, security operations, or log management. Hands-on experience with at least one SIEM platform (e.g., Stellar Cyber, Splunk, Sentinel, Chronicle, Exabeam). Basic knowledge of log ingestion, rule creation, and data parsing. Exposure to scripting (Python, PowerShell) for automation. Basic understanding of TCP/IP networking concepts and network debugging. Technical Skills: Understanding of log formats, Syslog, JSON, XML, and data pipelines. Basic knowledge of querying languages (KQL, SPL, AQL). Familiarity with SIEM integration with security tools like EDR, SOAR, NDR. Awareness of MITRE ATT&CK, NIST, or CIS security frameworks. Basic experience with network troubleshooting tools (ping, traceroute, netcat (nc)). Soft Skills: Strong problem-solving and troubleshooting abilities. Good verbal and written communication skills. Ability to work collaboratively in a security operations environment. Preferred Skills: Basic understanding of cloud-based security solutions (AWS, Azure, Google Cloud). Exposure to SOAR tools (e.g., Cortex XSOAR, Splunk Phantom). Interest in machine learning-based anomaly detection for SIEM. Key Metrics for Success: Successful onboarding of log sources. Improvement in log ingestion and parsing accuracy. Contribution to fine-tuning detection rules. Timely resolution of SIEM-related support requests. Ability to identify and troubleshoot basic network connectivity issues.

Senior SOC Analyst Location: Bangalore (Hybrid, work from office) Experience: 4 to 7 years Shifts: Rotational 24/7 shifts gotta keep the cyber world safe around the clock! About ColorTokens We re on a mission to help businesses stay secure and running smoothly, even when cyber threats hit hard. Our ColorTokens Xshield platform stops ransomware and malware from spreading sideways, so companies can keep their critical assets locked down and business uninterrupted. We bring unmatched visibility into traffic flows whether it s servers, IoT devices, or users helping teams isolate threats fast and respond smartly. Forrester named us a Leader in Microsegmentation (Q3 2024), and we protect global enterprises from costly cyber disasters. Our Culture If you re a self-starter who loves solving complex problems and making an impact, you ll fit right in. Work alongside passionate teammates who protect hospitals, cities, and even national defense. We value innovation, respect, and letting you own your work. What You ll Be Doing Lead as a senior SOC analyst, mentoring juniors and shaping SOC playbooks and processes. Dive deep into escalated incidents analyze, manage end-to-end, and nail root cause analysis. Monitor alerts and events across SIEM tools (Splunk, QRadar, Stellar Cyber, LogRhythm), firewalls, IDS/IPS, VPNs, and more. Hunt proactively for threats and vulnerabilities using threat intel feeds and frameworks like MITRE ATT&CK and Cyber Kill Chain. Perform forensic and malware analysis from logs to memory and disk images to track down attackers and gather evidence. Collaborate closely with SecOps, IT, Platform, and Engineering teams to creatively solve security challenges. Automate SOC workflows with PowerShell, regex, and APIs to level up efficiency. Lead detection tuning and gap analysis to sharpen SOC s ability to spot threats early and accurately. What You Bring 4+ years experience in cyber incident response, SOC operations, and investigations. Solid knowledge of SIEM platforms, network and endpoint security, malware analysis, and threat intel. Certifications like CISSP, GCIH, GSOC, OSCP, or GCIA (or working toward them). Strong communication skills you can explain complex security issues clearly to any audience. Integrity, professionalism, and eagle-eye attention to detail. Ability to work well under pressure and collaborate with diverse teams. Qualifications Bachelor s degree in IT, Computer Science, Engineering, or related field (or equivalent experience). Protect critical digital assets, learn cutting-edge cyber defense tech, and grow your career at a company recognized as a market leader. Plus, work with passionate people who genuinely care about making the world safer. Qualification : Bachelors degree in IT, Computer Science, Engineering, or related field (or equivalent experience).

Join Our Team as a Security Operations Analyst Location: Bangalore, India (On-site) Department: Information Security At Cytiva, we are advancing the future of therapeutics from discovery to delivery. As a leading global provider of technology and services that help researchers and pharmaceutical companies develop and manufacture life-saving treatments, our work is integral to shaping the future of healthcare. We are seeking a Security Operations Analyst to join our global Information Security Team in Bangalore. In this key role, you will be at the forefront of protecting our digital assets and infrastructure by monitoring, analyzing, and responding to security incidents. By proactively identifying threats and vulnerabilities, you will help minimize risk and ensure business continuity. What You ll Do Lead Security Incident Response: Conduct advanced security incident analysis and digital forensics to identify and mitigate threats. Lead investigations into malware, network traffic anomalies, and endpoint detection. Provide Expertise: Guide and mentor L1 and L2 SOC analysts, enhancing the quality of security alerts and incident handling. Optimize Security Tools: Collaborate with engineering teams to fine-tune SIEM tools (e.g., Splunk, Microsoft Sentinel, Elastic Security) and other security technologies for improved detection and response. Proactive Threat Hunting: Identify hidden threats within the organization through threat hunting activities, reducing the potential attack surface. Enhance Security Posture: Partner with other IT and security teams to strengthen the overall security posture, ensuring resilient systems and infrastructures. Post-Incident Reporting: Produce detailed incident reports and provide recommendations for security improvements, leading post-incident reviews with cross-functional teams. Who You Are Experience: Minimum of 5+ years in a corporate IT environment, including at least 2 years in an L3 or senior analyst role. Security Knowledge: Deep expertise in security frameworks such as MITRE ATT&CK, NIST, CIS Controls, and ISO 27001. Technical Skills: Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar, ArcSight) and EDR/XDR solutions. Vendor certifications are a plus. Incident Response Expertise: Strong background in incident response, threat hunting, and forensic investigations. Cloud Security Knowledge: Familiarity with cloud security platforms (AWS, Azure, Google Cloud) and modern attack techniques. Certifications like OSCP, CEH are advantageous. Additional Skills That Would Be a Plus: Scripting & Automation: Proficiency in scripting (e.g., Python, PowerShell, Bash) to automate security processes and improve SOC workflows. Specialization: Expertise in EDR, SIEM, UBA, DLP, or Data Security. OT Environments: Experience with Operation Technology (OT) environments is an advantage. Innovative Culture: Join a dynamic, global team dedicated to advancing healthcare through technology and innovation. Impactful Work: Your role will directly contribute to the security and integrity of vital technologies used in the life sciences industry. Global Collaboration: Work with cross-functional teams around the world, contributing to an organization's critical security initiatives. Growth Opportunities: Benefit from continuous learning, career development, and the chance to make a tangible impact on both the organization and the industry. Apply now and be part of a team that is dedicated to ensuring the security of life-saving technologies.

Job Title: Senior Incident Response Manager Location: Bengaluru, Karnataka, India About This Team: The Critical Situation Management team plays a pivotal role in maintaining customer trust and satisfaction in CSG Citrix BU products. We ensure swift resolution of production-impacting issues, collaborating closely with Technical Support and Product teams to maintain high uptime Service Level Targets (SLTs). Our team is dedicated to delivering rapid, effective solutions, making us essential to the continued success and reputation of the Citrix platform. Job Description / Responsibilities: Primary Duties / Responsibilities: Incident Management: Lead and manage timely, professional communication with internal and external stakeholders during critical incidents. Utilize your deep technical knowledge and strong communication skills to drive effective resolutions. Customer Sentiment Management: Assess and manage customer sentiments, and ensure appropriate resources are mobilized to mitigate production-impacting situations. Lead discussions with Citrix Customers and internal stakeholders with confidence and clarity. Collaboration: Facilitate cross-departmental collaboration to resolve customer issues, and coordinate the end-to-end customer experience, owning internal and, when necessary, external communications. Escalation Management: Act as the primary contact for Citrix Customers and Account teams during critical situations, collaborating with technical specialists (SMEs) to manage escalations and resolve incidents quickly. 24x7 Coverage: Provide 24x7 support, including weekends and holidays, on a rostered shift basis. Continuous Improvement: Actively participate in feedback processes, leading continuous improvement initiatives and ensuring the team adapts quickly to feedback. Lead and participate in projects aimed at improving incident response and service efficiency. Technical Knowledge: Utilize your technical know-how to manage the escalation process, lead calls, and effectively assess the situation to provide timely solutions. Qualifications (Knowledge, Skills, Abilities): Experience: 6 - 10 years of relevant experience in Incident Response, preferably in a Technical Support environment. Demonstrated ability to manage customer escalations in high-pressure scenarios. Communication Skills: Exceptional verbal and written communication skills. Ability to engage with customers and internal leadership clearly and professionally. Proficiency in creating concise incident reports and Root Cause Analysis (RCA) documents. Customer Advocacy: Strong customer advocacy skills, with the ability to understand, articulate, and manage customer expectations effectively. Technical Expertise: Broad knowledge in technologies such as Cloud, Virtualization, Networking, Operating Systems, and Remoting, with a focus on Virtualization, Networking, and Storage. Experience with Microsoft OS and End-User Computing is a plus. Collaboration Skills: Ability to manage and facilitate cross-team collaboration to solve complex customer issues. Comfortable leading critical calls and guiding teams through escalations. Process Knowledge: Knowledge of ITIL, Project Management, and Six Sigma methodologies is a plus. Familiarity with the Software Development Lifecycle (SDLC) and defect tracking processes is beneficial. Education: B.E. / B.Tech. or a Bachelor s degree in a related field with at least 5+ years of relevant experience. Additional Skills: Scripting, automation, and programming skills are an advantage. Experience in leading formal customer meetings, including those with C-level or Senior Management. About Us: Cloud Software Group is one of the largest cloud solution providers globally, serving over 100 million users. Joining us means making a tangible difference for people around the world who rely on our cloud-based products to perform their work efficiently, from anywhere. We foster a culture of innovation, learning, and growth. As we prepare for an exciting new phase of growth, we need your skills and expertise to continue evolving and building the future of work. Qualification : B.E. / B.Tech. or a Bachelors degree in a related field with at least 5+ years of relevant experience.

Technical Consultant - Security Intel & Operations Consulting Services Location: Bangalore, Karnataka, India Job Type: Full-Time Experience Level: Senior Introduction: At IBM Consulting, we believe that work is more than just a job it's a calling. In the role of Technical Consultant - Security Intel & Operations, you will be part of our Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to both public and private sector clients across the globe. Our team helps clients to innovate, adopt new technologies, and improve their security posture. Your Role and Responsibilities: As a Senior SOC Analyst working within the 24/7 Cyber Fusion Center (CFC), your role will involve the proactive monitoring, triaging, analyzing, and escalating incidents in client environments. You will be tasked with utilizing various cyber operations tools and technologies to analyze data, detect security threats, and mitigate risks. Your expertise will contribute to maintaining the security integrity of client systems and ensuring efficient incident response. Key Responsibilities: Incident Monitoring & Analysis: Monitor and analyze security events using various cybersecurity tools like SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to detect potential threats and mitigate risks. Perform event correlation using multiple data sources to understand the nature of security incidents and determine their impact on client environments. Threat Detection & Mitigation: Analyze alerts to identify active threats, perform root cause analysis, and apply appropriate mitigation techniques for both structured and unstructured environments. Evaluate security incidents across AWS and Azure environments, analyzing system, network, and email security events. Proactive Cybersecurity Measures: Conduct root cause analysis of security events and recommend actions to address vulnerabilities. Contribute to the development and constant improvement of SOC runbooks and playbooks to optimize security operations. Collaboration & Reporting: Work closely with cross-functional teams to escalate critical incidents and provide daily summary reports on activities relevant to cyber operations. Lead discussions on incident trends, perform cyber operations trend analysis, and report on findings to ensure continuous security enhancement. Continuous Improvement: Recommend improvements to automations, alert fidelity, and security controls to improve security efficacy and response time. Engage in team meetings, calls, and chats, contributing technical insights to enhance security strategies and tactics. Required Education and Experience: Education: Bachelor s Degree in Computer Science, Information Technology, Cybersecurity, or related fields. A Master s Degree is preferred but not required. Experience: Extensive experience working as a SOC Analyst or similar cybersecurity roles, especially in a 24/7 security operations center environment. Proficient in event analysis, log analysis, and network event management. Hands-on experience with cloud environments such as AWS and Azure, with a focus on cybersecurity threats and mitigations. Solid understanding of TCP/IP network security, modern attack techniques, exploitation methods, and operating system security. Preferred Technical and Professional Experience: Security Tools & Platforms: Experience with CyberArk, Azure SSO, and other enterprise security technologies. Knowledge of enterprise web technologies and cutting-edge security infrastructures. Familiarity with security automation tools and best practices for improving alert fidelity and security controls. Advanced Event & Threat Analysis: Proven ability to perform high-quality triage and in-depth analysis of security alerts. Experience in documenting incidents and escalating critical issues with appropriate cyber operations reports. Communication & Collaboration: Strong verbal and written communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders. Ability to actively contribute to team discussions, runbook creation, and security playbook updates. Global Impact: Join a globally recognized team working at the forefront of cybersecurity, helping to shape the future of digital security. Career Development: IBM offers a strong focus on professional growth, offering learning opportunities, certifications, and exposure to the latest security technologies. Collaborative Culture: Be part of a collaborative and dynamic team, working together to tackle the most pressing security challenges faced by businesses around the world. If you are ready to contribute to the security and resilience of leading global organizations, we invite you to apply and be a part of our forward-thinking security team at IBM Consulting. Qualification : Bachelors Degree in Computer Science, Information Technology, Cybersecurity, or related fields.

Position: Analyst - SecOps (SOC Level 2) Job Overview: We are looking for a skilled SOC Level 2 Analyst to join our global Cyber Operations team. This critical role ensures the security of our organization by monitoring, detecting, and responding to security incidents. The Analyst will work on a rotating 24x7 shift schedule, including night shifts. The ideal candidate will have strong experience in SOC operations, incident response, and proficiency with cybersecurity tools and technologies. Key Responsibilities: Threat Detection and Incident Response: Monitor, analyze, and respond to global security alerts using SIEM/SOAR tools. Perform triage and analysis with sandboxing technologies and threat intelligence platforms. Investigate security events, implement containment and recovery strategies, and expedite workflows with AI/ML capabilities. Query and correlate security data using KQL (Kusto Query Language) to identify and address threats. Develop and manage automated detection rules and playbooks in Microsoft Sentinel. Enhance endpoint protection and data security using Microsoft Defender and MS Purview Data Loss Prevention (DLP) tools. Threat Hunting and Data Forensics: Perform proactive threat hunting and data forensics to identify and investigate potential threats. Use advanced threat intelligence platforms to refine detection strategies. Develop and execute SOC playbooks to improve response times and operational efficiency. Team Collaboration and Leadership: Provide assistance with complex incidents and investigations. Collaborate with USA security escalation teams and other departments to improve the organization s overall security posture. Contribute to the development and refinement of SOC procedures and best practices. Career Development: Opportunities for progression to roles like SOC Lead or SOC Architect. Access to continuous learning, certifications, and professional development resources. Regular performance reviews to discuss career growth and advancement. Qualifications: Bachelor s degree in Computer Science, Cybersecurity, or related field (preferred). 3-5 years of experience as a SOC Analyst, with lead responsibilities being a plus. Strong proficiency in KQL (Kusto Query Language) for querying and analyzing security data. Hands-on experience with Microsoft Sentinel (including rule creation, playbook implementation, and workbooks). Proficiency in Microsoft Defender and MS Purview DLP for endpoint protection and data security. Certifications such as CISSP, CEH, or CompTIA Security+ are a plus. Core Technologies and Expertise: Microsoft Sentinel: Expertise with SIEM, rule creation, playbooks, and workbooks. KQL (Kusto Query Language): Proficiency in querying and data correlation. Microsoft Defender: Strong knowledge of endpoint protection and threat detection. MS Purview DLP: Experience in data loss prevention strategies. Incident Response Tools: Knowledge of containment and recovery strategies. Vulnerability Management: Familiarity with assessments, penetration testing, and monitoring. Threat Intelligence Platforms: Ability to leverage and analyze threat intelligence. Network Security: Working knowledge of firewalls, IDS/IPS, and network security protocols. Data Forensics: Skilled in forensic analysis and investigation. SOC Playbooks: Ability to create and manage effective SOC playbooks. Additional Skills: Strong understanding of incident response processes and procedures. Excellent analytical, problem-solving, and communication skills. Ability to work collaboratively within a well-managed team. Rotational 24x7 shift coverage. Location: Bangalore, India (SKAV Seethalakshmi, GESC) Employment Type: Full-time Job Category: Information Technology Qualification : Bachelors degree in Computer Science, Cybersecurity, or related field (preferred).

Job Title: Security Engineer - II Location: Bangalore (On-site; full-time) About Locus: At Locus, we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastogi and Geet Garg, Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform. Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers. Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: Key Responsibilities: Conduct comprehensive threat modeling for applications, cloud infrastructure, and overall systems architecture. Perform secure code reviews and security assessments for web, Android, and iOS applications, with a strong focus on cloud infrastructure security. Proactively identify and mitigate vulnerabilities across platforms, collaborating with development and DevOps teams to implement secure solutions. Automate and streamline security processes, aligning with the principle that Complexity is the enemy of Security. Oversee Vulnerability Management and Patch Management processes, ensuring timely remediation. Design and implement robust security measures and contribute to Red Team activities, including assessments of cloud, network, wireless, physical, and social engineering scenarios. Take ownership of assigned tasks and drive the continuous improvement of security practices across the organization. Assist in setting up and maintaining monitoring systems to identify and respond to potential incidents in real time. Develop custom tools, scripts, and scanners to address unique security challenges and automate repetitive tasks. Provide architectural guidance for securing cloud-based applications and DevOps pipelines. Continuously stay updated on emerging security technologies and techniques, sharing knowledge with the team. Qualifications: 3-5 yrs experienced Sr security engineer. Expertise in cloud security (AWS, Azure, or GCP) with a strong understanding of securing applications and infrastructure in cloud environments. Proficiency in DevOps and DevSecOps practices, including secure CI/CD pipeline integration and automation. Strong knowledge of OWASP and SANS testing methodologies for identifying and mitigating security vulnerabilities. Good understanding of software security weaknesses, architecture vulnerabilities, and mitigation strategies. Hands-on experience in threat modeling, vulnerability assessments, and penetration testing. Proficiency in any scripting language - Python. Experience in developing or customizing tools, scanners, or extenders for specific security needs. Ability to work independently and collaboratively within a team to solve complex security challenges. Experience in implementing security monitoring systems for early incident detection. Strong problem-solving skills and the ability to think creatively to simulate attack scenarios. Certification in security-related fields (e.g., AWS Certified Security, CISSP, CEH, OSCP). Experience with container security and orchestration platforms like Kubernetes and Docker. Knowledge of Infrastructure as Code (IaC) tools like Terraform or CloudFormation. Familiarity with modern DevOps tools (e.g., Jenkins, GitLab, Ansible). Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

At Databricks, we are obsessed with Data + AI to solve the world's toughest problems, from security threat detection to cancer drug development. We do this by building and running the world's best data and AI infrastructure platform, so our customers can focus on the high-value challenges that are central to their missions. Founded in 2013 by the original creators of Apache Spark , Databricks has grown from a tiny corner office in Berkeley, CA to a global organization with over 6500 employees. Thousands of organizations, from small to Fortune 100, trust Databricks with their mission-critical workloads, making us one of the fastest-growing SaaS companies in the world. The Money team's mission at Databricks is to maximize the value that our customers derive from their investments in data projects. We accomplish this through innovative commercialization strategies, timely & accurate billing, cost optimization tools, intelligent resource usage controls, and cutting-edge engineering. We provide a seamless and consistent set of platforms to enable all Databricks products to reach customers quickly, and sustainably. As the first Engineering Manager for Money at Databricks India, you will be key to building a base for one of Databricks most central engineering orgs. You will own critical components that form the backbone of our business, starting with Databricks resource admission control and usage governance infrastructure. Your role is crucial in helping bring diverse business needs together, including abuse prevention, product commercialization motions, and reliable product availability at scale. You will work closely with infrastructure as well as product teams in bringing critical governance functionality to Databricks customers. The impact you will have: Hire great engineers to build an outstanding team and support their career development by providing clear and timely feedback Ensure high technical standards by instituting processes (architecture reviews, testing) and culture (engineering excellence) Work with engineering and product leadership to build a long-term roadmap Coordinate execution and collaborate across teams to successfully deliver cross-cutting strategic projects What we look for: 10+ years of extensive experience with large-scale distributed systems alongside processes around testing, monitoring, SLAs etc 5+ years of engineering management experience, building, managing and mentoring high-performing software engineering teams Demonstrated success in collaborating with multiple cross-functional stakeholders to align system features and architecture, to deliver impactful platform projects Experience in developing and implementing proactive mechanisms for failure detection and incident prevention Excellent leadership, communication, and project management skills BS (or higher) in Computer Science, or a related field About Databricks Databricks is the data and AI company. More than 10,000 organizations worldwide including Comcast, Cond Nast, Grammarly, and over 50% of the Fortune 500 rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark , Delta Lake and MLflow. To learn more, follow Databricks on Twitter,LinkedIn and Facebook . Benefits At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visithttps://www.mybenefitsnow.com/databricks. Our Commitment to Diversity and Inclusion At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics. Compliance If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone. Qualification : BS (or higher) in Computer Science, or a related field.

Job Role: SIEM Specialist The SIEM Specialist will be responsible for implementing, managing, and optimizing Security Information and Event Management (SIEM) solutions to enhance the organization's security posture. The role involves onboarding new security data sources, collaborating with cross-functional teams, and continuously improving SIEM performance to support proactive threat detection and incident response. Experience and Qualifications: Educational Background: Bachelor s degree in Computer Science, Information Technology, or a related field (preferred). Total Experience: 7 8 years of experience in IT security with a minimum of 3 years in SIEM implementation and security data source onboarding. Experience working in large organizations or global service providers with complex infrastructures. Proficiency in deploying, configuring, and managing SIEM solutions such as Splunk, ArcSight, Chronicle (Google Security Operations), and ELK Stack. Familiarity with Cribl and regex is required. Strong knowledge of log management solutions, log parsing, and normalization techniques. Experience integrating SIEM with various data sources, including firewalls, IDS/IPS, antivirus, and endpoint solutions. Proficiency in scripting languages (e.g., Python, PowerShell) for automating SIEM tasks and data analysis. Understanding of cloud platforms (GCP, AWS, Azure) and cloud databases is desirable. Good grasp of cybersecurity principles, including threat detection, incident response, and vulnerability assessment. Strong knowledge of networking protocols, firewall rules, and network security practices for onboarding and monitoring network traffic. Excellent verbal and written communication skills for collaborating with cross-functional teams and documenting onboarding procedures. Strategic and analytical mindset with outstanding problem-solving skills to navigate complex cybersecurity landscapes. Key Responsibilities: Lead the onboarding process of new data sources into the SIEM platform, ensuring proper data normalization and correlation. Continuously improve SIEM performance, efficiency, and scalability. Maintain detailed documentation of SIEM configurations, onboarding procedures, and incident response playbooks. Collaborate with cross-functional teams to identify security requirements and integrate new security technologies into the SIEM environment. Stay informed about emerging threats, vulnerabilities, and security best practices and incorporate this knowledge into SIEM operations. Ensure that SIEM configurations and operations comply with relevant industry regulations and standards. Qualification : Bachelors degree in Computer Science, Information Technology, or a related field (preferred).

Our Mission 6sense is revolutionizing how B2B organizations generate revenue by predicting customers most likely to buy and recommending the best ways to engage with anonymous buying teams. Through Revenue AI, we unlock the ability to create, manage, and convert high-quality pipelines into revenue, reshaping how businesses thrive. Our People At 6sense, people are at the core of our mission. Guided by our values Accountability, Growth Mindset, Integrity, Fun, and One Team we foster an environment where innovation and impact are celebrated. Every team member plays a key role in shaping our industry-leading technology, making 6sense a place for risk-takers and difference-makers who measure success by the value they deliver to customers. Purpose of the Role As part of the Security Operations and Threat Management team, you will help protect 6sense by proactively preventing, detecting, investigating, and responding to security threats and incidents that may impact the business. Key Responsibilities Incident Response & Monitoring: Monitor security alerts, conduct vulnerability assessments, and analyze logs to identify and respond to security incidents. Collaborate with cross-functional teams (Infrastructure, Engineering, IT, GRC, Cloud, and Application Security) to validate alerts and resolve incidents. Threat Landscape Analysis: Perform proactive reviews to assess and address potential security risks. Continuously tune detection rules in security solutions to adapt to evolving threats. Automation & Tool Administration: Manage security tools and develop basic automation for improved efficiency. Identify and implement opportunities for process automation to enhance security operations. Documentation & Playbooks: Create and maintain a security playbook for various threat scenarios. Keep documentation, runbooks, workflows, and dashboards up to date. Performance & Objectives: Align with quarterly Key Results that support team Objectives (OKRs). Participate in the Security Operations on-call rotation to ensure prompt responses. Performance Metrics Proficient understanding of the 6sense product and platform. Participation in regular 1:1s with managers and monthly skip-level meetings. Efficient identification and closure of incidents within established SLAs. Maintenance of accurate, up-to-date documentation and proactive engagement with SecOps technologies. Educational & Experience Requirements Experience: 4+ years in a Security Operations role or similar position. Hands-on experience with security tools and cloud environments (e.g., Vulnerability Scanners, SIEM, SOAR, AWS). Knowledge: Familiarity with industry frameworks, regulations, and standards, including MITRE ATT&CK, STRIDE, ISO 27001, GDPR, SOC 2, PCI, and NIST. Understanding of AI applications in cybersecurity (preferred). Qualifications: Bachelor's degree in a related field. Relevant certifications, such as CSA, GCDA, GSOC, or CySA, are advantageous. Benefits At 6sense, we offer: Comprehensive health coverage. Paid parental leave. Generous paid time off and holidays. Quarterly self-care days off to prioritize well-being. Stock options to share in the company s success. Support and equipment to work from home or one of our offices. Join us to make an impact in the evolving cybersecurity landscape, empowering organizations to grow revenue through innovation and resilience. Qualification : Bachelor's degree in a related field

Position Responsibilities: 1. Risk and Threat Assessments: Conduct comprehensive risk and threat assessments for L3 Autonomous Driving (AD) systems. Perform analyses like TARA (Threat Analysis and Risk Assessment) and MORA (Misuse-Oriented Risk Analysis). 2. Security Design and Development: Redesign modules focusing on cybersecurity. Develop and implement security features, including SecOC (Secure Onboard Communication) and CSM (Cybersecurity Management). Drive compliance with cybersecurity regulations and standards. 3. System and Requirements Architecture: Analyze and define security requirements for AD L3 systems. Collaborate with E/E system architects for security improvements. Develop and refine business, system, and architecture requirements. 4. Support and Coordination: Assist with the development of ECU software for L3 autonomous driving. Provide integration support and troubleshooting for ECUs. Coordinate internal and external assessments, including penetration tests and security evaluations. 5. Cybersecurity Analysis and Implementation: Develop security concepts and conduct analyses like FTA (Fault Tree Analysis) and FMEA (Failure Modes and Effects Analysis). Ensure adherence to regulations such as ISO 21434, UNECE R155, and UNECE R156. Required Skills and Competencies: Essential Skills: Strong expertise in automotive cybersecurity and relevant regulations (ISO 21434, UNECE R155/R156). Knowledge of L3 Autonomous Driving (AD) and Advanced Driver Assistance Systems (ADAS). Hands-on experience with Automotive ECUs, secure bootloaders, and gateway modules. Proficiency in C/C++ programming and working knowledge of AUTOSAR and its configuration tools. Familiarity with cybersecurity analysis tools like Medini or equivalent. Expertise in in-vehicle networks (e.g., CAN Protocol, UDS Protocol) and V2X technologies. Understanding of cybersecurity best practices, secure development requirements, and IT security standards. Experience with threat management models, firewalls, and embedded software components. Knowledge of security mechanisms, protocols, cryptography, and authentication systems. Preferred Skills: Strong background in ADAS and autonomous driving technologies. Experience in intrusion detection, incident response, and computer forensics. Familiarity with requirements management tools (e.g., DOORS, codeBeamer, JAMA). Hands-on experience in product development lifecycle and automotive cybersecurity. Educational Qualifications and Experience: Essential: Bachelor s or Master s degree in Information Security, Computer Science, Electrical Engineering, or related fields. Minimum of 4+ years of relevant experience in the automotive industry (AD/ADAS or autonomous driving). Preferred: Expertise in cybersecurity standards, analysis, and threat management tools. Key Competencies and Tools: Cybersecurity Standards: ISO 21434, UNECE R155/R156. Risk Assessment Techniques: TARA, MORA. Analysis Tools: Medini, FTA, FMEA. Software Tools: AUTOSAR, SAP, C/C++ programming, Requirements Management Tools (DOORS, JAMA). Protocols and Technologies: CAN, UDS, V2X. Qualification : Bachelors or Masters degree in Information Security, Computer Science, Electrical Engineering, or related fields.

The Principal Threat Research Engineer will identify, analyze, and mitigate evolving cyber threats by creating and maintaining effective threat detection signatures. This role requires deep expertise in understanding modern cyber threats, malware behavior, and signature writing for advanced threat detection technologies. You will work closely with cross-functional teams, such as threat intelligence, incident response, and security product development, to enhance the organization s defense capabilities and provide strategic insight into the threat landscape. Key Responsibilities: Signature Writing & Development: i) Design and develop accurate, high-quality signatures and detection rules for threat detection systems (IDS/IPS, AV, EDR). ii) Improve and update detection logic to adapt to the latest threats, exploits, and attack vectors. iii) Optimize detection signatures to minimize false positives and maximize detection efficiency across various security platforms. Threat Research & Analysis: i) Lead in-depth research into emerging cyber threats, malware, APT groups, and TTPs (Tactics, Techniques, and Procedures). ii) Analyze attack patterns, behavior, and malicious code to identify new detection opportunities. iii) Track and understand evolving threat landscapes, including new vulnerabilities, exploits, and attack campaigns. Collaborative Threat Intelligence: i) Collaborate with global threat intelligence teams to share threat research findings and develop a comprehensive understanding of adversarial behavior. ii) Maintain relationships with external threat-sharing communities and organizations to stay up-to-date on the latest threat information. iii) Support the security team in responding to active threats, providing detection strategies and remediation guidance. Detection Engineering & Optimization: i) Work closely with the detection engineering team to integrate custom and third-party signatures into existing detection platforms (SIEM, IDS/IPS, EDR). ii) Identify gaps in current detection methodologies and implement improved detection capabilities for advanced threats, such as zero-day exploits, fileless malware, and APT campaigns. iii) Conduct performance testing and tuning of signatures to ensure system stability and effectiveness under various network environments. Thought Leadership & Knowledge Sharing: i) Act as a subject matter expert on threat detection, signature development, and malware analysis for internal and external stakeholders. ii) Lead and mentor junior threat researchers and engineers by providing guidance, training, and technical expertise. iii) Create research reports, blogs, whitepapers, and presentations to communicate key research findings and trends to technical and non-technical audiences. Required Qualifications: Bachelor s or Master s degree in Computer Science, Cybersecurity, Information Security, or a related field. 8+ years of experience in cybersecurity, with a focus on threat research, signature development, or malware analysis. Proven experience in writing and optimizing signatures for IDS/IPS, antivirus, and endpoint detection and response (EDR) solutions. Deep knowledge of cyber threats, including malware, ransomware, phishing, and advanced persistent threats (APTs). Strong understanding of network protocols, system internals (Windows, Linux), and attack techniques such as fileless malware, obfuscation, and evasion. Proficiency with malware analysis tools (e.g., IDA Pro, Ghidra), network analysis tools (e.g., Wireshark, Zeek), and sandbox environments. Experience with signature formats such as YARA, Snort, Suricata, and regular expression-based detection logic. Familiarity with MITRE ATT&CK framework and how it maps to threat detection and signature development. Strong problem-solving and analytical skills, with an ability to think critically about threat detection and mitigation strategies. Excellent verbal and written communication skills, with the ability to convey complex threat intelligence and detection strategies to a diverse audience. Ability to work collaboratively across teams and mentor junior team members. Preferred Qualifications: Relevant cybersecurity certifications such as CISSP, GIAC, OSCP, or GREM. Expertise in scripting and automation (Python, PowerShell, Bash) to automate threat research and signature writing processes. Experience with cloud-based threat detection and response (e.g., AWS GuardDuty, Azure Sentinel). Familiarity with advanced hunting techniques, including threat hunting using logs, endpoint data, and network data. Employee Value Proposition (EVP): At Aryaka, we offer a dynamic and innovative work environment where you will have the opportunity to make a significant impact in the network security industry. Our commitment to cutting-edge technology and customer satisfaction provides a platform for continuous learning and professional growth. Qualification : Bachelors or Masters degree in Computer Science, Cybersecurity, Information Security, or a related field.