Network Security Monitoring Jobs in Bengaluru

Security Operations Engineer FalconX Location: Bangalore Experience: 3+ Years Education: Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field About FalconX FalconX is a pioneering team of operators, investors, and builders transforming institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX simplifies the complex and fragmented digital asset ecosystem. Our platform empowers clients to navigate the crypto landscape seamlessly, providing access, liquidity, and tools to execute institutional strategies from start to scale. Role Overview We are looking for a Security Operations Engineer to strengthen our cybersecurity posture and protect our systems, data, and clients. In this role, you will monitor, detect, and respond to threats across on-premise and cloud environments, conduct investigations, perform threat hunting, and automate security operations. Key Responsibilities Monitor, detect, and respond to security incidents across cloud and on-premise environments. Analyze security alerts from various tools to identify potential threats and anomalies. Conduct forensic investigations and deep-dive analysis to identify trends and attack techniques. Perform proactive threat hunting across endpoints, networks, and cloud environments. Analyze security logs and behavioral patterns to detect Indicators of Compromise (IOCs). Investigate security incidents and provide actionable mitigation and remediation recommendations. Develop and refine threat hunting methodologies using frameworks like MITRE ATT&CK. Automate threat detection and response processes using scripting languages such as Python, PowerShell, or Bash. Continuously monitor emerging threats, vulnerabilities, and attack trends to improve strategies. Required Qualifications Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field. 3+ years of experience in Security Operations, Threat Hunting, or a similar cybersecurity role. Hands-on experience working with log data for detection and response (Cloud, EDR, Network, etc.). Experience developing and deploying detection rules (Yara, Sigma, SQL-based rules, etc.). Strong understanding of network security monitoring, packet analysis, and log correlation. Deep knowledge of advanced threat detection methodologies and threat intelligence. Proficiency in analyzing attacker TTPs using frameworks like MITRE ATT&CK. Skilled in scripting and automation for security operations (Python, PowerShell, Bash). Familiarity with endpoint security, identity management, cloud security, and incident response. Protect critical systems, data, and client assets from emerging cyber threats. Play a key role in detecting, investigating, and responding to security incidents. Collaborate with cross-functional teams to strengthen security posture and operational resilience. Drive proactive threat hunting and automation to improve efficiency and effectiveness. Qualification : Bachelors degree in Cybersecurity, Computer Science, Information Technology, or related field

Infrastructure Security Leader Location: Bengaluru About Us: Observe.AI Observe.AI is the leading AI-powered platform for customer experience, enabling enterprises to automate customer interactions using AI agents. Our platform ensures natural conversations, delivering predictable outcomes, and is trusted by top companies like DoorDash, Affordable Care, Signify Health, and Verida. Observe.AI blends advanced speech understanding, workflow automation, and enterprise-grade governance to deliver end-to-end AI solutions that optimize both human and AI interactions, providing insights for coaching and quality management. At Observe.AI, we re on a mission to transform customer experiences through AI. As a founding member of our Infrastructure/Cloud Security team, you will have the opportunity to shape and design cloud security from the ground up for a platform trusted by over 80 million users. Reporting directly to the VP of Information Security, you will drive a defense-in-depth approach across infrastructure, IAM, and networks. This is a unique, zero-to-one role where you ll define security strategy, mentor the team, and make a long-lasting impact in a fast-growing AI company. What You ll Be Doing: Security Strategy Development: Design and document security policies, reference architectures, design patterns, and roadmaps to protect our platform. Secure Access & Network Design: Lead efforts to design secure access controls and networks for production environments. Cross-Department Leadership: Collaborate with Corporate IT to implement security measures within the corporate environment. Defense-in-Depth: Implement network segmentation, firewall configurations, VPNs, and deep packet inspection to minimize impact from security incidents. AWS Infrastructure Security: Re-architect AWS infrastructure to enhance security, ensuring that networks, VPCs, and security configurations are optimized. Vulnerability Management: Identify tools and technologies to scan networks, OS, and infrastructure for vulnerabilities, and work with SRE teams to remediate identified risks. Security Compliance: Represent Infrastructure Security in PCI, SOC, ISO, HITRUST, and other regulatory audits, ensuring compliance. Collaborative Design: Partner with engineering teams and architects to ensure infrastructure designs meet both business and security requirements. Stakeholder Collaboration: Work with other teams to integrate up-to-date security features and infrastructure designs across the organization. What You ll Bring to the Role: 9+ years of experience in Software Engineering, Network Security, and AWS Security. Proven track record in designing and implementing secure Cloud Infrastructure, Network Security, and Corporate IT Security. Experience at a SaaS product company with hands-on knowledge of cloud security. Leadership experience in managing Infrastructure Security teams or Security-Focused SRE teams. Strong understanding of network designs, protocols, and certifications like CCNA (or similar). Ability to handle multiple, high-priority projects simultaneously while maintaining focus and quality. Comfort with working off-hours to handle security incidents in a dynamic, fast-paced environment. First-hand experience with major cloud providers, specifically AWS. Deep understanding of large-scale systems and N-tier architectures. Excellent communication skills, able to effectively influence and collaborate with stakeholders across the organization. Perks & Benefits: Medical Insurance: Comprehensive options, including free online doctor consultations. Leave Policies: Yearly privilege and sick leaves as per Karnataka S&E Act, along with generous national, festive, and parental leave. Learning & Development: Access to a fund that supports continuous learning and professional growth. Flexible Benefits: Tax exemptions for meals, PF, etc., along with other flexible benefit plans. Team Culture: Fun events to foster collaboration and culture across the organization.

Security Operations Engineer Location: Bangalore About Us FalconX is a pioneering team of operators, investors, and builders committed to transforming institutional access to the digital asset markets. By bridging traditional finance with cutting-edge technology, we address the industry's most complex challenges. We offer a comprehensive solution for all digital asset strategies from startup to scale enabling our clients to navigate the ever-evolving cryptocurrency landscape with confidence. We are seeking an experienced Security Operations Engineer to help secure FalconX s infrastructure and protect our clients digital assets. As a part of our security team, you will monitor, detect, and respond to cyber threats across both on-premise and cloud environments, ensuring the integrity and safety of our systems and data. Key Responsibilities Security Monitoring & Incident Response: Monitor and respond to security incidents across both on-premise and cloud environments, ensuring timely detection and remediation of potential threats. Threat Detection & Analysis: Analyze security alerts from various security tools to identify, investigate, and mitigate security risks. Conduct in-depth forensic investigations to identify trends, attack techniques, and vulnerabilities. Proactive Threat Hunting: Conduct proactive threat hunting across endpoints, networks, and cloud environments, looking for sophisticated and emerging threats that may not yet be detected by traditional security measures. Forensics & Incident Investigation: Investigate and analyze security incidents to identify the root cause. Provide actionable recommendations for improving security posture and preventing future incidents. Detection Engineering: Develop and refine threat detection methodologies and rules (e.g., Yara, Sigma, SQL-based rules, network protocols) to enhance security monitoring capabilities. Utilize frameworks like MITRE ATT&CK and the Cyber Kill Chain to guide threat hunting and analysis. Automation & Scripting: Leverage scripting languages (Python, PowerShell, or Bash) to automate threat detection, analysis, and response processes, improving overall efficiency and effectiveness. Threat Intelligence & Trend Analysis: Stay informed about emerging threats, vulnerabilities, and attack trends to continuously improve detection strategies and enhance the response to new security challenges. Qualifications Education & Experience Education: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience). Experience: Minimum of 3 years in a security operations, threat hunting, or similar cybersecurity role. Security Expertise Strong experience working with security tools and log data (Cloud, EDR, Network, etc.) for detection and response. Deep understanding of network security, packet analysis, and log correlation. Proficiency in advanced threat detection methodologies and threat intelligence, with a strong grasp of attacker tactics, techniques, and procedures (TTPs), especially using frameworks like MITRE ATT&CK. Technical Skills Proficiency in scripting and automation (Python, PowerShell, Bash). Experience with detection engineering and developing custom detection rules (e.g., Yara, Sigma, SQL-based, Network). Familiarity with endpoint security, identity management, vulnerability management, cloud security, and incident response. Soft Skills Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication skills, with the ability to work effectively in a collaborative, fast-paced environment. Be part of a rapidly growing company at the cutting edge of finance and technology. A dynamic, fast-paced work environment where your expertise will directly impact business success. Competitive salary and benefits package. Opportunities for professional growth in a highly innovative industry. Qualification : Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience)

Position: Security Engineer-2 Location: Bengaluru Employment Type: Full-Time Department: Engineering Job Description: We are seeking a proactive and skilled Security Engineer-2 to identify vulnerabilities, collaborate with development teams on mitigation strategies, and promote secure coding practices within the organization. You will play a critical role in ensuring the security and resilience of our products against emerging threats. Key Responsibilities: Conduct in-depth security assessments of products to discover vulnerabilities and demonstrate their exploitability and risk impact. Stay updated on emerging vulnerabilities and threats relevant to our products through independent research. Collaborate with developers to develop and implement mitigation and workaround plans according to security policies. Lead threat modeling and secure design review sessions with development teams to identify threats and define mitigation strategies. Conduct workshops to educate developers on threat modeling and secure coding principles. Prioritize and ensure mitigation of critical security defects during development sprints. Integrate and automate Static Application Security Testing (SAST) within the DevOps pipeline. Advocate and propagate secure coding principles across the development community. Serve as the primary point of contact for developers on critical secure development issues. Develop and deliver security training programs and technical workshops for developers and QA teams. Promote security awareness through tech talks and other knowledge-sharing activities. Required Qualifications and Skills: Strong knowledge of common vulnerabilities such as Cross-Site Scripting (XSS), SQL Injection, Cross-Site Request Forgery (CSRF), cryptographic weaknesses, and code injection. Proficiency in programming/scripting languages like Java, Ruby, and Python. Experience with cloud technologies and services. Ability to automate security testing processes and improve assessment productivity. Excellent communication skills to articulate security risks to both technical and non-technical audiences. Familiarity with industry-standard threat modeling, risk assessment, and vulnerability classification methodologies. Experience conducting white-box and grey-box security assessments, including architectural and API analysis. Knowledge of Secure Software Development Lifecycle (S-SDLC) and CI/CD integration. Bachelor s degree in Computer Science, Electrical Engineering, Computer Engineering, or equivalent experience in software engineering or security. Minimum 3 years of experience in application security or related security assessment roles. Deep understanding of attack vectors, exploits, and mitigation techniques, including chained attacks. Experience with languages such as Java, Go, Python, or Node.js (knowledge of multiple is a plus). Experience assessing cloud-native services, service meshes, and Kubernetes-based microservices. Strong problem-solving skills, able to think both offensively (like a hacker) and defensively (product security evaluation). Ability to learn new technologies and apply unconventional thinking to complex security challenges. Qualification : Bachelors degree in Computer Science, Electrical Engineering, Computer Engineering, or equivalent experience in software engineering or security

Job Title: General Manager Network Infrastructure & Security Location: Bangalore Department: IT and Systems Employee Type: Permanent Experience Required: 10 20 years Job Summary We are seeking a seasoned and strategic IT Infrastructure and Cybersecurity Leader to oversee and drive the company s enterprise-wide infrastructure and security initiatives. This role is responsible for developing and executing the vision, strategy, and programs to ensure the availability, performance, and security of our IT systems and data. The ideal candidate will work closely with executive leadership to align technology and security efforts with organizational objectives and risk tolerance. Key Responsibilities IT Infrastructure Management Lead the planning, implementation, and management of core IT infrastructure including networks, servers, cloud platforms, storage, and enterprise systems. Ensure high availability, performance, and scalability of IT infrastructure to support business operations. Oversee disaster recovery and business continuity strategies to mitigate operational risk. Manage vendor relationships, contracts, and Service Level Agreements (SLAs). Monitor system performance and continuously implement efficiency improvements and optimizations. Cybersecurity Leadership Establish, implement, and maintain cybersecurity policies, procedures, and standards across the organization. Conduct regular risk assessments, vulnerability scans, and implement corrective actions. Oversee security tools and solutions, including firewalls, antivirus, endpoint protection, SIEM, and intrusion detection systems. Lead incident response efforts, forensic investigations, and post-event reviews. Ensure compliance with relevant cybersecurity and data privacy regulations (e.g., ISO 27001, GDPR). Leadership & Cross-functional Collaboration Lead, mentor, and manage a team of IT infrastructure and security professionals. Collaborate with stakeholders across departments to align IT and cybersecurity strategies with business goals. Provide executive-level reporting on infrastructure performance, risk posture, incident management, and compliance metrics. Drive a culture of cybersecurity awareness and operational excellence throughout the organization. Qualifications & Experience Education: Bachelor s degree in Computer Science, Information Technology, or a related field. Master s degree preferred. Certifications (Preferred): CISSP, CISM, CISA, or equivalent professional certifications. Experience: 18+ years of progressive experience in IT infrastructure, cybersecurity, and risk management. Deep knowledge of security frameworks such as ISO/IEC 27001 and regulatory standards like GDPR. Proven experience in formulating and implementing enterprise-wide security policies and managing dynamic IT environments. Key Skills: Strategic planning & execution Project & vendor management Security architecture and governance Cross-functional collaboration & stakeholder communication Managing Security Operations Centers (SOC) Preferred Skills & Competencies Strong analytical and problem-solving skills to align business needs with technology solutions. Experience in documenting and executing security architecture and strategic plans. In-depth knowledge of IT networks, infrastructure systems, and cloud environments. Ability to communicate technical concepts to both technical and non-technical audiences, including C-level stakeholders. Qualification : Bachelors degree in Computer Science, Information Technology, or a related field

Job Title: Network Engineer Experience Required: 3 to 7 years Minimum Qualification: Bachelor of Engineering (BE) Location: Bengaluru Key Skills Network Architecture & Design Network Configuration & Troubleshooting CCNA or Equivalent Certification Routing Protocols: BGP, OSPF Firewalls & Network Security Routers & Switches Layer 2/Layer 3 Technologies IP Planning, QoS, NAT, Load Balancing Vendor Integration & System Testing Job Summary We are seeking a skilled and motivated Network Engineer with 3 7 years of hands-on experience in designing, implementing, and managing network infrastructure. The ideal candidate will possess strong technical knowledge in routing, switching, network security, and integration of multi-vendor systems. Key Responsibilities Design and implement robust network architectures tailored to business needs. Configure and maintain routers, switches, and firewalls across Layer 2 and Layer 3 technologies. Perform IP planning and network design, including the use of virtual routing domains. Implement and manage routing protocols such as BGP and OSPF. Configure and optimize QoS, NAT, and load balancing solutions. Integrate and manage networking components from various vendors. Collaborate with cross-functional teams for product development and system integration. Capture and document system/product requirements, high-level and low-level designs. Handle end-to-end implementation, integration, and configuration of networking subsystems. Work with customers, vendors, and OEMs to ensure smooth deployment and operation. Coordinate with certification agencies for product/documentation approval. Support system installation, commissioning, testing, and troubleshooting in production environments. Qualification : Bachelor of Engineering (BE)

Position: DevOps Engineering Manager Location: Bangalore Experience: 5 10 years Education: BE/BTech/MCA/MTech/MSc Role Overview: We re looking for an experienced DevOps Engineering Manager to lead our cloud infrastructure, automation, and DevOps initiatives. This is a hands-on leadership role focused on driving efficiency, security, and scalability across our IT operations and development pipelines. Key Responsibilities: Cloud & Infrastructure Management: Administer and manage Google Workspace, including user accounts, security policies, and compliance settings. Oversee and optimize AWS resources (EC2, IAM, S3, VPC), ensuring cost-effective and secure cloud operations. Configure and manage A10 vThunder for load balancing and network performance optimization. Serve as Active Directory Administrator, maintaining AD, DNS, and Group Policy Objects (GPOs). Deploy, maintain, and troubleshoot VMware environments to support virtual infrastructure. Security & Compliance: Manage domain and SSL certificates including installation, renewal, and issue resolution. Handle ADFS token certificate renewals to support uninterrupted authentication services. Enforce security best practices across cloud and on-prem environments. Automation & Scripting: Create and maintain automation scripts using Bash, PowerShell, or Python to streamline workflows. Reduce manual intervention and boost system efficiency through smart scripting and task automation. Monitoring & Troubleshooting: Proactively monitor system logs, performance metrics, and security alerts to prevent downtime. Investigate and resolve issues related to network, infrastructure, and cloud environments promptly. Required Skills & Experience: Proven experience with infrastructure automation tools such as Terraform or CloudFormation. Strong understanding of DevOps practices and implementing CI/CD pipelines for cloud deployments. Solid scripting skills in Bash, PowerShell, or Python. Expertise in managing both cloud-based and on-premise infrastructure. Strong troubleshooting capabilities and a proactive approach to system monitoring. Qualification : BE/BTech/MCA/MTech/MSc

Position: Technical Lead - DevOps Location: Bangalore Rural, Karnataka, India Department: Data Platform and DevOps Employment Type: Subexian Experience Required: 3 to 6 years Job Overview: We are seeking an experienced Kubernetes Administrator with a strong background in managing containerized environments. The ideal candidate will have 4+ years of hands-on experience in deploying, configuring, and optimizing Kubernetes clusters to drive scalability, reliability, and performance. This is an excellent opportunity to leverage your expertise in Kubernetes orchestration while contributing to the overall success of our platform. Key Responsibilities: Cluster Management: Deploy, configure, and manage Kubernetes clusters both on-premises and across cloud platforms such as AWS, Azure, and GCP. Security & Compliance: Implement best practices for cluster security, including role-based access control (RBAC), network policies, and data encryption at rest and in transit. Automation: Automate cluster provisioning and ongoing management using tools like Terraform, Ansible, or Helm charts, streamlining operations and reducing manual tasks by 40%. Monitoring & Performance: Continuously monitor cluster health and performance metrics using tools like Prometheus, Grafana, ensuring high availability and optimal performance. CI/CD Pipelines: Design and implement CI/CD pipelines for containerized applications using tools such as Jenkins, GitLab CI/CD, and CircleCI to enable smooth continuous delivery. Collaboration: Work closely with development teams to troubleshoot issues, optimize application performance, and ensure compatibility with Kubernetes environments. Security Audits: Conduct regular security audits to identify vulnerabilities and ensure compliance with industry standards. Documentation: Maintain clear and comprehensive documentation for deployment procedures, configuration settings, and troubleshooting guides to enhance knowledge sharing within the team. Infrastructure Management: Administer and maintain Linux/Unix servers and virtualization platforms such as VMware or KVM, ensuring seamless operations across the infrastructure. Backup & Recovery: Implement and manage robust backup and disaster recovery solutions to ensure data integrity and minimize system downtime. Technical Support: Provide expert-level technical support for server and network infrastructure-related issues. Required Skills & Qualifications: Proven experience in Kubernetes deployment, configuration, and administration. Strong command of containerization technologies, including Docker and containerd. Hands-on experience with cloud platforms such as AWS, Azure, and GCP. Proficiency in Infrastructure as Code (IAC) tools like Terraform and Ansible. Familiarity with CI/CD pipelines and automation tools like Jenkins and GitLab CI/CD. Excellent troubleshooting and problem-solving skills. Strong communication and collaboration abilities, with the capability to work effectively across cross-functional teams. If you re passionate about DevOps, Kubernetes, and driving the success of containerized environments, we d love to hear from you!

Platform Admin NextGen SIEM Location: Bangalore (Onsite) About ColorTokens At ColorTokens, we re all about helping businesses stay secure and keep running, no matter what cyber chaos hits. Our game-changing Xshield platform stops ransomware and malware from spreading sideways, so companies can keep their critical stuff safe and business uninterrupted. We bring insane visibility into traffic flows between workloads, IoT devices, users basically everything to create super tight security zones that isolate threats fast. We re a Forrester Wave Leader (Q3 2024) for microsegmentation and protect global giants from costly cyber disruptions. Our Culture We love self-starters who bring energy, curiosity, and big ideas. You ll get to own projects, collaborate with passionate teammates, and work on security that actually protects real people from hospitals to cities to entire nations. What You ll Do The Role You ll run and manage our NextGen SIEM platform think Splunk, Sentinel, Exabeam, Stellar Cyber, or similar making sure it s up-to-date, humming smoothly, and packed with the right alerts. Admin & Ops: Install, configure, patch, and keep the SIEM platform running 24/7. Log Boss: Bring in new log sources, troubleshoot ingestion issues, and ensure data is clean and compliant. Rule Maker: Build and tweak detection rules and alerts to catch real threats while cutting down false alarms. Integrate & Automate: Connect SIEM with other security tools and automate incident workflows. Lock It Down: Manage user access, keep the platform secure, and nail compliance requirements. Team Player: Work closely with SOC analysts, threat hunters, and engineers to level up detection and response. Support & Train: Help users get the most from the platform and be the go-to expert when incidents hit. Optimize & Report: Track performance, fix bottlenecks, and share insights to keep the platform sharp. What You Bring Your Skills & Experience 8+ years managing SIEM platforms, especially NextGen ones like Splunk, Sentinel, or Exabeam. Expert in log management, rule creation, and onboarding data from all sorts of sources. Solid scripting skills (Python, PowerShell) to automate and customize workflows. Deep knowledge of log formats (Syslog, JSON, XML), querying languages (KQL, SPL, AQL), and data pipelines. Experience integrating SIEM with EDR, SOAR, NDR, and threat intel platforms. Familiar with security frameworks like MITRE ATT&CK, NIST, or CIS. Bonus points if you know cloud security (AWS, Azure, GCP), machine learning in SIEM, or SOAR tools like Cortex XSOAR or Phantom. Your Credentials Bachelor s degree in Computer Science, InfoSec, or related field (or equivalent experience). Relevant certifications like Splunk Certified Admin, Microsoft Security Operations Analyst, QRadar cert, or CISSP are a major plus. What Success Looks Like Keep SIEM uptime near 100%. Smoothly onboard new log sources and build killer detection use cases. Reduce noise fewer false positives, sharper alerts. Fast, effective fixes when platform issues pop up. Align SIEM capabilities tightly with security and business goals. Qualification : Bachelors degree in Computer Science, InfoSec, or related field (or equivalent experience).

Platform Engineer Location: Bengaluru, Karnataka, India Full-time partially remote About ColorTokens At ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen but with our cutting-edge ColorTokens Xshield platform, companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to continue operating while breaches are contained, ensuring critical assets remain protected. Our innovative platform provides unparalleled visibility into traffic patterns between workloads, OT/IoT/IoMT devices, and users, allowing businesses to enforce granular micro-perimeters, swiftly isolate key assets, and respond to breaches with agility. Recognized as a Leader in the Forrester Wave : Microsegmentation Solutions (Q3 2024), ColorTokens safeguards global enterprises and delivers significant savings by preventing costly disruptions. Our culture We foster an environment that values customer focus, innovation, collaboration, mutual respect, and informed decision-making. We believe in alignment and empowerment so you can own and drive initiatives autonomously. Self-starters and high-motivated individuals will enjoy the rewarding experience of solving complex challenges that protect some of world s impactful organizations be it a children s hospital, or a city, or the defense department of an entire country. Position Overview: Colortokens is looking for a Junior Platform Administrator to assist in managing, maintaining, and optimizing our NextGen Security Information and Event Management (SIEM) platform. The ideal candidate will support the day-to-day operations, help onboard customer log sources, troubleshoot integration issues, and provide technical assistance to the security operations team. This role is ideal for a motivated professional with 3+ years of experience in SIEM administration, security operations, or log management. Key Responsibilities: SIEM Platform Administration Assist in deploying, configuring, and maintaining the NextGen SIEM platform (e.g., Stellar Cyber, Splunk, Sentinel, QRadar, Chronicle, Exabeam). Perform basic updates and patches to ensure platform security and functionality. Monitor SIEM health, performance, and uptime under the guidance of senior administrators. Log Source Management Onboard new log sources and validate data ingestion. Help troubleshoot log ingestion, parsing, and formatting issues. Maintain log retention policies for compliance. Rule and Use Case Management Support the development and deployment of detection rules, correlation use cases, and alerts. Tune existing use cases to minimize false positives. Work closely with security analysts to refine alerting strategies. Integration and Automation Assist in integrating SIEM with other security tools (e.g., EDR, microsegmentation, vulnerability scanners). Work on basic automation tasks using scripting (Python, PowerShell) to enhance SIEM efficiency. Platform Security and Compliance Support role-based access control (RBAC) and platform security policies. Help ensure SIEM adheres to compliance standards like SOC2, ISO 27001. Participate in periodic security audits. Network Debugging & Troubleshooting Have a basic understanding of TCP/IP, networking concepts, and protocols. Assist in debugging network connectivity issues related to SIEM log ingestion. Use basic network troubleshooting tools. Collaboration and Support Work alongside SOC analysts, threat hunters, and security engineers. Provide basic technical support for SIEM users. Assist in training and documentation for security teams. Performance Monitoring and Optimization Monitor storage and indexing performance to ensure optimal operations. Report any performance issues to senior administrators. Contribute to platform health reports and alerting metrics. Incident Support Assist SOC teams in log analysis, incident response, and forensic investigations. Ensure log data is readily available for security incidents. Education and Certifications: Bachelor s degree in Computer Science, Information Security, or a related field. Certifications (Preferred but not mandatory): Splunk Certified User/Admin Microsoft Certified: Security Operations Analyst Associate QRadar Certification Any SIEM-related certification Experience: 3+ years of experience in SIEM administration, security operations, or log management. Hands-on experience with at least one SIEM platform (e.g., Stellar Cyber, Splunk, Sentinel, Chronicle, Exabeam). Basic knowledge of log ingestion, rule creation, and data parsing. Exposure to scripting (Python, PowerShell) for automation. Basic understanding of TCP/IP networking concepts and network debugging. Technical Skills: Understanding of log formats, Syslog, JSON, XML, and data pipelines. Basic knowledge of querying languages (KQL, SPL, AQL). Familiarity with SIEM integration with security tools like EDR, SOAR, NDR. Awareness of MITRE ATT&CK, NIST, or CIS security frameworks. Basic experience with network troubleshooting tools (ping, traceroute, netcat (nc)). Soft Skills: Strong problem-solving and troubleshooting abilities. Good verbal and written communication skills. Ability to work collaboratively in a security operations environment. Preferred Skills: Basic understanding of cloud-based security solutions (AWS, Azure, Google Cloud). Exposure to SOAR tools (e.g., Cortex XSOAR, Splunk Phantom). Interest in machine learning-based anomaly detection for SIEM. Key Metrics for Success: Successful onboarding of log sources. Improvement in log ingestion and parsing accuracy. Contribution to fine-tuning detection rules. Timely resolution of SIEM-related support requests. Ability to identify and troubleshoot basic network connectivity issues.

Job Title: Associate IT Engineer Location: Bangalore North, Karnataka, India Job Type: Full-Time Experience Required: 2 3 Years Industry: Entertainment / Mobile Gaming About Us: We are one of India s most dynamic and fast-growing mobile gaming companies. Since our founding in 2014, we ve been building chart-topping games for a global audience in partnership with Modern Times Group (MTG). Our mission is to create simple, impactful casual gaming experiences at massive scale. Our portfolio includes globally popular titles such as Daily Themed Crossword, WordTrip, WordJam, WordWars, WordTrek, TileMatch, and Jigsaw. Position Summary: We re looking for a motivated Associate IT Engineer to support our growing technology infrastructure. In this role, you ll take ownership of IT operations, endpoint and access management, IT security, cloud platform administration, and day-to-day support tasks ensuring our teams have seamless and secure access to the tools they need. Key Responsibilities: System & Endpoint Management Manage MDM solutions (e.g., Intune, Jamf, JumpCloud, ManageEngine). Automate device provisioning and security configuration processes. Oversee IT asset lifecycle (endpoints, peripherals, and licenses). Identity & Access Management Manage IAM for SaaS tools (e.g., GitHub, Slack, AWS/GCP, Zoom, Apple Store Connect, Google Play). Implement and maintain SSO/SAML integrations for internal tools and dashboards. Security & Compliance Monitor and enhance endpoint and network security (e.g., antivirus, encryption, OS patching). Implement cybersecurity best practices and incident response playbooks. Liaise with internal/external auditors and lead audit compliance processes. IT Support & Operations Provide L1/L2 support for internal IT issues. Monitor infrastructure health and performance via appropriate tools. Maintain technical documentation on Confluence. Support software license deployment and version upgrades with cost optimization. Skills & Requirements: 2 3 years of hands-on IT experience in a similar role. Strong working knowledge of MDM platforms and endpoint security tools. Familiarity with access control and SSO tools. Proficient in managing SaaS environments and troubleshooting desktop hardware/software. Strong grasp of networking fundamentals and cybersecurity principles. Excellent problem-solving skills and stakeholder communication. Experience with infrastructure monitoring tools is a plus. Exposure to cloud platforms (AWS/GCP) preferred. What We Offer: A high-energy, collaborative work culture. Opportunity to work in a fast-scaling, tech-first gaming company. Access to the latest technologies and tools in IT & infrastructure. A chance to shape secure systems used by a globally recognized mobile gaming company.

Cyber Security Analyst Bangalore, India Location: Bangalore (Bengaluru) Experience: 4 to 12 Years Industry: IT Security / Cybersecurity Job Summary: We are seeking a highly skilled Cyber Security Analyst with advanced knowledge in cybersecurity principles, risk assessment, and threat prevention. The ideal candidate will have hands-on experience with security tools, network defense, vulnerability assessments, and malware analysis to safeguard our organization s digital assets. Key Responsibilities: Analyze and mitigate cyber and IT security risks using advanced techniques and best practices Conduct vulnerability assessments and penetration testing across networks, platforms, and applications Utilize scripting and programming languages such as Python, PowerShell, Perl, HTML, and JavaScript for automation and security analysis Monitor network security devices including firewalls, proxies, NIDS/NIPS, and respond to security incidents Perform dynamic and static malware analysis and memory forensics to identify and counter threats Conduct reverse engineering of malware and apply countermeasures based on adversary tactics and protocols Apply in-depth knowledge of network protocols, network security monitoring, and incident response Ensure compliance with security standards and frameworks Collaborate with cross-functional teams to implement security improvements and ensure robust defense mechanisms Required Skills & Qualifications: Minimum 4+ years of professional experience in cybersecurity or related IT security roles Advanced understanding of cyber threats, risk management, and prevention techniques Proficiency in security system analysis, network security, and vulnerability assessment tools Experience with malware analysis, penetration testing, and reverse engineering Strong programming/scripting skills in Python, PowerShell, Perl, or similar languages In-depth knowledge of security standards, protocols, and industry best practices Hands-on experience with network security monitoring and defense technologies Preferred Certifications: Technical cybersecurity certifications from recognized bodies such as SANS, ISACA (CISA, CISM), (ISC) (CISSP), CompTIA Security+, Cisco (CCNA Security), CERT, or equivalent Work in a challenging role protecting critical digital infrastructure Collaborate with a talented cybersecurity team to combat evolving threats Access to continuous learning, professional development, and certification opportunities

Architect - Cyber Security | Bengaluru, India Location: Bangalore (Bengaluru) Experience: 12 to 20 Years Industry: IT Security / Cybersecurity Architecture Job Summary: We are looking for a seasoned Cyber Security Architect with over 12 years of experience designing and managing security architectures across multiple industries. The ideal candidate will bring strong expertise in secure design principles, SSDLC implementation, and cloud security especially within Azure environments. Key Responsibilities: Lead the development and management of enterprise-wide security architectures for global, multinational organizations Participate in Security Architecture Review Boards and drive secure coding practices along with Software Security Development Life Cycle (SSDLC) implementation Develop and enforce secure design principles and security standards across platforms Create and maintain current and future state architecture diagrams, supporting the technical roadmap with a comprehensive understanding of the technology market Deliver security solution architectures aligned with the enterprise architecture framework Provide expert guidance on securing multi-tenant cloud environments, with a focus on Microsoft Azure Collaborate with cross-functional teams to align security strategies with business goals and compliance requirements Required Skills & Qualifications: Minimum 12+ years of experience in security architecture across at least two different industries, preferably including cloud service providers Proven track record with security architecture development and governance in large-scale multinational companies Experience with secure coding, SSDLC, and security architecture review processes Strong proficiency in cloud security architecture, especially Azure multi-tenant environments Bachelor s or Master s degree in Information Security, Computer Science, or related field Must hold CISSP certification (Certified Information Systems Security Professional) Experience with architecture certification such as CISSP-ISSAP is highly preferred Additional certifications or memberships in SANS, ISACA, or similar cybersecurity organizations are a plus Azure Architecture or Azure Security certifications highly desirable Lead cybersecurity architecture in a global, dynamic enterprise environment Work with cutting-edge cloud technologies and secure multi-cloud ecosystems Grow professionally with access to industry-leading certifications and training Influence enterprise security strategy at the highest level Qualification : Bachelors or Masters degree in Information Security, Computer Science, or related field

Job Title: Azure Infrastructure Architect Location: Bengaluru, Karnataka, India Department: Engineering About CloudSEK CloudSEK is one of India s leading cybersecurity product companies, focused on leveraging Artificial Intelligence and Machine Learning to identify and resolve digital threats in real-time. With a strong portfolio of products like CloudSEK XVigil, BeVigil, and SVigil, we provide advanced solutions for attack surface monitoring, cybersecurity risk management, and software supply chain protection. We are headquartered in Singapore and have expanded rapidly across India, Southeast Asia, and the Americas. At CloudSEK, we prioritize innovation, agility, and building impactful products that keep our customers ahead of emerging cybersecurity threats. About the Role: Azure Infrastructure Architect CloudSEK is looking for an Azure Infrastructure Architect to design, implement, and optimize cloud infrastructure solutions on Microsoft Azure. The ideal candidate will have deep expertise in Azure services, infrastructure automation, and security best practices, with a strong background in cloud architecture patterns. You will work closely with various stakeholders to align cloud strategies with business objectives, ensuring high availability, security, and scalability of enterprise applications. Key Responsibilities Cloud Architecture & Design: Design and implement highly scalable, resilient, and secure cloud infrastructure solutions on Microsoft Azure. Develop cloud adoption strategies, migration plans, and hybrid cloud architectures to meet business needs. Create architecture blueprints, reference architectures, and best practices tailored to Azure environments. Ensure compliance with the Azure Well-Architected Framework and other industry standards. Infrastructure & Automation: Architect and automate Infrastructure as Code (IaC) using tools like Terraform, ARM templates, Bicep, and Ansible. Implement CI/CD pipelines for infrastructure deployment using Azure DevOps, GitHub Actions, or Jenkins. Automate cloud operations, monitoring, and governance using Azure Automation, PowerShell, and Python. Security & Compliance: Design and enforce Azure security best practices including Azure Policy, RBAC, NSGs, Key Vault, Defender for Cloud, and Sentinel. Ensure adherence to regulatory frameworks like ISO 27001, SOC 2, GDPR, and HIPAA. Perform threat modeling, risk assessments, and define zero-trust architectures. Networking & Hybrid Cloud: Design and optimize Azure Virtual Networks (VNet), ExpressRoute, VPN Gateway, and Load Balancers for seamless operations. Implement hybrid cloud architectures, integrating on-premises data centers with Azure via Azure Arc. Optimize network performance, DNS, CDN, and traffic routing in cloud-native environments. Performance Optimization & Cost Management: Leverage Azure Cost Management to implement cost-effective cloud solutions and manage reserved instances. Optimize cloud resource utilization using Autoscaling, VM sizing, and Serverless computing models. Define and implement cloud governance policies to control costs and improve operational efficiency. Collaboration & Stakeholder Engagement: Collaborate with DevOps, Security, and Application teams to align infrastructure solutions with business needs. Provide technical leadership and guidance to engineering teams, ensuring alignment with industry trends and best practices. Act as a trusted advisor to leadership on cloud strategies, emerging technologies, and technical decision-making. Required Skills & Qualifications Technical Expertise: Azure Services: Experience with Azure Virtual Machines, Azure Kubernetes Service (AKS), Azure Functions, Azure Storage, Azure SQL, CosmosDB, and Azure Networking (VNet, NSG, VPN, ExpressRoute). Automation & IaC: Expertise in Terraform, ARM Templates, Bicep, Ansible, PowerShell, Python. DevOps & CI/CD: Knowledge of Azure DevOps, GitHub Actions, Jenkins, Kubernetes, Docker. Security & Compliance: Familiarity with Azure Security Center, Azure AD, Key Vault, Microsoft Defender for Cloud, Sentinel, and Zero Trust Model. Networking & Hybrid Cloud: Experience with ExpressRoute, Load Balancers, Private Link, Virtual WAN, Azure Arc. Monitoring & Logging: Proficiency with Azure Monitor, Log Analytics, Prometheus, and Grafana. Cloud Migration: Hands-on experience in cloud migrations using Azure Migrate, including planning and execution. Soft Skills: Strong problem-solving and analytical abilities. Excellent communication and stakeholder management skills. Ability to work in agile environments and across cross-functional teams. A passion for continuous learning and staying updated with the latest Azure technologies. Preferred Qualifications: Azure Certifications such as Azure Solutions Architect Expert (AZ-305), Azure Security Engineer (AZ-500), or Azure DevOps Engineer (AZ-400). Experience with multi-cloud environments (AWS, GCP). Familiarity with database technologies (SQL, NoSQL, PostgreSQL, MySQL). Location Bengaluru, Karnataka, India Education/Qualification Bachelor s degree in Engineering or Technology (B.Tech/BE). Years of Experience 10 to 15 years of professional experience in cloud infrastructure and architecture design. Be part of a fast-growing startup where you can make a direct impact. Competitive salary and a comprehensive benefits package. Access to cutting-edge technologies and continuous learning opportunities. Flexible working hours and a collaborative work culture focused on innovation and growth. If you're an experienced Azure Infrastructure Architect passionate about designing and optimizing cloud solutions with Microsoft Azure, we would love to hear from you! Join CloudSEK and be part of a forward-thinking team revolutionizing the cybersecurity landscape. Qualification : Bachelors degree in Engineering or Technology (B.Tech/BE).

Join Our Team as a Security Operations Analyst Location: Bangalore, India (On-site) Department: Information Security At Cytiva, we are advancing the future of therapeutics from discovery to delivery. As a leading global provider of technology and services that help researchers and pharmaceutical companies develop and manufacture life-saving treatments, our work is integral to shaping the future of healthcare. We are seeking a Security Operations Analyst to join our global Information Security Team in Bangalore. In this key role, you will be at the forefront of protecting our digital assets and infrastructure by monitoring, analyzing, and responding to security incidents. By proactively identifying threats and vulnerabilities, you will help minimize risk and ensure business continuity. What You ll Do Lead Security Incident Response: Conduct advanced security incident analysis and digital forensics to identify and mitigate threats. Lead investigations into malware, network traffic anomalies, and endpoint detection. Provide Expertise: Guide and mentor L1 and L2 SOC analysts, enhancing the quality of security alerts and incident handling. Optimize Security Tools: Collaborate with engineering teams to fine-tune SIEM tools (e.g., Splunk, Microsoft Sentinel, Elastic Security) and other security technologies for improved detection and response. Proactive Threat Hunting: Identify hidden threats within the organization through threat hunting activities, reducing the potential attack surface. Enhance Security Posture: Partner with other IT and security teams to strengthen the overall security posture, ensuring resilient systems and infrastructures. Post-Incident Reporting: Produce detailed incident reports and provide recommendations for security improvements, leading post-incident reviews with cross-functional teams. Who You Are Experience: Minimum of 5+ years in a corporate IT environment, including at least 2 years in an L3 or senior analyst role. Security Knowledge: Deep expertise in security frameworks such as MITRE ATT&CK, NIST, CIS Controls, and ISO 27001. Technical Skills: Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar, ArcSight) and EDR/XDR solutions. Vendor certifications are a plus. Incident Response Expertise: Strong background in incident response, threat hunting, and forensic investigations. Cloud Security Knowledge: Familiarity with cloud security platforms (AWS, Azure, Google Cloud) and modern attack techniques. Certifications like OSCP, CEH are advantageous. Additional Skills That Would Be a Plus: Scripting & Automation: Proficiency in scripting (e.g., Python, PowerShell, Bash) to automate security processes and improve SOC workflows. Specialization: Expertise in EDR, SIEM, UBA, DLP, or Data Security. OT Environments: Experience with Operation Technology (OT) environments is an advantage. Innovative Culture: Join a dynamic, global team dedicated to advancing healthcare through technology and innovation. Impactful Work: Your role will directly contribute to the security and integrity of vital technologies used in the life sciences industry. Global Collaboration: Work with cross-functional teams around the world, contributing to an organization's critical security initiatives. Growth Opportunities: Benefit from continuous learning, career development, and the chance to make a tangible impact on both the organization and the industry. Apply now and be part of a team that is dedicated to ensuring the security of life-saving technologies.

Job Title: Senior Escalation Engineer Location: Bengaluru, Karnataka, India About Us: Cloud Software Group is one of the world's largest cloud solution providers, serving over 100 million users globally. When you join Cloud Software Group, you are helping real people access cloud-based products that empower them to work from anywhere. Our team values passion for technology, courage to take risks, and empowering individuals to dream, learn, and build the future of work. Now is the perfect time to join us and be part of the next evolution in cloud technology! About This Team: We are the Advanced Support team, specializing in NetScaler and NetScaler Console products. As the highest level of support, we collaborate closely with LCM and Engineering teams to swiftly resolve customer issues and bugs, ensuring seamless operation of their environments. We work on complex, critical issues and ensure that our customers receive top-tier technical assistance. Job Description: The Senior Escalation Engineer is responsible for providing advanced technical support to customers facing critical, high-complexity issues. You will act as a liaison between customers, engineering teams, and product development, ensuring quick and effective resolution of customer problems. Your work will have a direct impact on the customer experience by resolving issues that are politically sensitive or technically intricate. Additionally, you will play a vital role in mentoring junior engineers and contributing to knowledge sharing within the team. Role Responsibilities: Advanced Technical Support: Independently resolve highly complex customer issues by using advanced troubleshooting skills. You will handle the most critical and politically sensitive customer situations and issues. Customer Communication: Defuse difficult customer situations through effective communication planning and follow-through, ensuring confident communication with customers at all levels. Collaboration with Engineering: Be an effective technical interface between the customer and the 3rd Level Engineering/Product Development teams, ensuring clear documentation and resolution. Technical Leadership: Act as an authority on Citrix Networking products and provide guidance and mentorship to less experienced colleagues. You will also contribute to writing complex technical articles and case studies for the knowledge base. Knowledge Sharing: Develop and review advanced technical training materials for both internal and external audiences on multiple products or components. On-call Rotation: Participate in a 24x7 on-call rotation to provide continuous support to customers. Problem Report Prioritization: Work with Engineering teams to prioritize product issues and provide timely feedback. Project Participation: Contribute as a collaborator or sub-team leader in various technical projects. Basic Qualifications: BS or BA in Computer Science, Information Systems, Engineering, Mathematics, Physics, Statistics, or a related technical discipline. 7+ years of technical support experience in a large enterprise environment. In-depth networking knowledge, including: TCP / HTTP / SSL / DNS / WAN WAN and LAN switching and routing, ARP, TCP, IP, HTTP, SMTP, DNS, and other related internet protocols. Experience with Citrix Networking Products such as NetScaler, F5 BigIP, Cisco CSS, and others in load balancing, SSL VPN solutions, and web application firewalls. Experience with debugging tools and techniques, including dump files, network traces, and sniffers like Wireshark and tcpdump. Knowledge of routing protocols (RIP, OSPF, BGP) and switching technologies. Experience with security technologies such as SSL/TLS, VPNs, Firewalls, IDS/IPS. Experience with network monitoring tools such as PRTG, Obkio, Auvik, SNMP. Preferred Certifications: Citrix Certification or CCNA. Working knowledge of Virtualization/Cloud technologies like AWS, Azure, ESXi, or GCP. Impactful Work: At Cloud Software Group, you will work on solving complex, high-priority issues that directly impact customers worldwide. Continuous Learning: You'll have opportunities for growth and learning with exposure to cutting-edge technologies in a dynamic, collaborative environment. Supportive Culture: Our team values innovation, knowledge-sharing, and mentorship, ensuring everyone has the tools and opportunities they need to thrive. Equal Opportunity Employer: Cloud Software Group is committed to Equal Employment Opportunity (EEO) and complies with all applicable federal, state, and local laws that prohibit discrimination in employment. We consider all qualified applicants for employment without regard to race, color, creed, sex, gender identity, sexual orientation, ethnicity, national origin, ancestry, citizenship, religion, disability, pregnancy, marital status, military service, protected veteran status, political activity, and other protected classifications. Qualification : BS or BA in Computer Science, Information Systems, Engineering, Mathematics, Physics, Statistics, or a related technical discipline.

Technical Consultant - Security Intel & Operations Consulting Services Location: Bangalore, Karnataka, India Job Type: Full-Time Experience Level: Senior Introduction: At IBM Consulting, we believe that work is more than just a job it's a calling. In the role of Technical Consultant - Security Intel & Operations, you will be part of our Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to both public and private sector clients across the globe. Our team helps clients to innovate, adopt new technologies, and improve their security posture. Your Role and Responsibilities: As a Senior SOC Analyst working within the 24/7 Cyber Fusion Center (CFC), your role will involve the proactive monitoring, triaging, analyzing, and escalating incidents in client environments. You will be tasked with utilizing various cyber operations tools and technologies to analyze data, detect security threats, and mitigate risks. Your expertise will contribute to maintaining the security integrity of client systems and ensuring efficient incident response. Key Responsibilities: Incident Monitoring & Analysis: Monitor and analyze security events using various cybersecurity tools like SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to detect potential threats and mitigate risks. Perform event correlation using multiple data sources to understand the nature of security incidents and determine their impact on client environments. Threat Detection & Mitigation: Analyze alerts to identify active threats, perform root cause analysis, and apply appropriate mitigation techniques for both structured and unstructured environments. Evaluate security incidents across AWS and Azure environments, analyzing system, network, and email security events. Proactive Cybersecurity Measures: Conduct root cause analysis of security events and recommend actions to address vulnerabilities. Contribute to the development and constant improvement of SOC runbooks and playbooks to optimize security operations. Collaboration & Reporting: Work closely with cross-functional teams to escalate critical incidents and provide daily summary reports on activities relevant to cyber operations. Lead discussions on incident trends, perform cyber operations trend analysis, and report on findings to ensure continuous security enhancement. Continuous Improvement: Recommend improvements to automations, alert fidelity, and security controls to improve security efficacy and response time. Engage in team meetings, calls, and chats, contributing technical insights to enhance security strategies and tactics. Required Education and Experience: Education: Bachelor s Degree in Computer Science, Information Technology, Cybersecurity, or related fields. A Master s Degree is preferred but not required. Experience: Extensive experience working as a SOC Analyst or similar cybersecurity roles, especially in a 24/7 security operations center environment. Proficient in event analysis, log analysis, and network event management. Hands-on experience with cloud environments such as AWS and Azure, with a focus on cybersecurity threats and mitigations. Solid understanding of TCP/IP network security, modern attack techniques, exploitation methods, and operating system security. Preferred Technical and Professional Experience: Security Tools & Platforms: Experience with CyberArk, Azure SSO, and other enterprise security technologies. Knowledge of enterprise web technologies and cutting-edge security infrastructures. Familiarity with security automation tools and best practices for improving alert fidelity and security controls. Advanced Event & Threat Analysis: Proven ability to perform high-quality triage and in-depth analysis of security alerts. Experience in documenting incidents and escalating critical issues with appropriate cyber operations reports. Communication & Collaboration: Strong verbal and written communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders. Ability to actively contribute to team discussions, runbook creation, and security playbook updates. Global Impact: Join a globally recognized team working at the forefront of cybersecurity, helping to shape the future of digital security. Career Development: IBM offers a strong focus on professional growth, offering learning opportunities, certifications, and exposure to the latest security technologies. Collaborative Culture: Be part of a collaborative and dynamic team, working together to tackle the most pressing security challenges faced by businesses around the world. If you are ready to contribute to the security and resilience of leading global organizations, we invite you to apply and be a part of our forward-thinking security team at IBM Consulting. Qualification : Bachelors Degree in Computer Science, Information Technology, Cybersecurity, or related fields.

Position: Analyst - SecOps (SOC Level 2) Job Overview: We are looking for a skilled SOC Level 2 Analyst to join our global Cyber Operations team. This critical role ensures the security of our organization by monitoring, detecting, and responding to security incidents. The Analyst will work on a rotating 24x7 shift schedule, including night shifts. The ideal candidate will have strong experience in SOC operations, incident response, and proficiency with cybersecurity tools and technologies. Key Responsibilities: Threat Detection and Incident Response: Monitor, analyze, and respond to global security alerts using SIEM/SOAR tools. Perform triage and analysis with sandboxing technologies and threat intelligence platforms. Investigate security events, implement containment and recovery strategies, and expedite workflows with AI/ML capabilities. Query and correlate security data using KQL (Kusto Query Language) to identify and address threats. Develop and manage automated detection rules and playbooks in Microsoft Sentinel. Enhance endpoint protection and data security using Microsoft Defender and MS Purview Data Loss Prevention (DLP) tools. Threat Hunting and Data Forensics: Perform proactive threat hunting and data forensics to identify and investigate potential threats. Use advanced threat intelligence platforms to refine detection strategies. Develop and execute SOC playbooks to improve response times and operational efficiency. Team Collaboration and Leadership: Provide assistance with complex incidents and investigations. Collaborate with USA security escalation teams and other departments to improve the organization s overall security posture. Contribute to the development and refinement of SOC procedures and best practices. Career Development: Opportunities for progression to roles like SOC Lead or SOC Architect. Access to continuous learning, certifications, and professional development resources. Regular performance reviews to discuss career growth and advancement. Qualifications: Bachelor s degree in Computer Science, Cybersecurity, or related field (preferred). 3-5 years of experience as a SOC Analyst, with lead responsibilities being a plus. Strong proficiency in KQL (Kusto Query Language) for querying and analyzing security data. Hands-on experience with Microsoft Sentinel (including rule creation, playbook implementation, and workbooks). Proficiency in Microsoft Defender and MS Purview DLP for endpoint protection and data security. Certifications such as CISSP, CEH, or CompTIA Security+ are a plus. Core Technologies and Expertise: Microsoft Sentinel: Expertise with SIEM, rule creation, playbooks, and workbooks. KQL (Kusto Query Language): Proficiency in querying and data correlation. Microsoft Defender: Strong knowledge of endpoint protection and threat detection. MS Purview DLP: Experience in data loss prevention strategies. Incident Response Tools: Knowledge of containment and recovery strategies. Vulnerability Management: Familiarity with assessments, penetration testing, and monitoring. Threat Intelligence Platforms: Ability to leverage and analyze threat intelligence. Network Security: Working knowledge of firewalls, IDS/IPS, and network security protocols. Data Forensics: Skilled in forensic analysis and investigation. SOC Playbooks: Ability to create and manage effective SOC playbooks. Additional Skills: Strong understanding of incident response processes and procedures. Excellent analytical, problem-solving, and communication skills. Ability to work collaboratively within a well-managed team. Rotational 24x7 shift coverage. Location: Bangalore, India (SKAV Seethalakshmi, GESC) Employment Type: Full-time Job Category: Information Technology Qualification : Bachelors degree in Computer Science, Cybersecurity, or related field (preferred).

Job Title: Security Engineer - II Location: Bangalore (On-site; full-time) About Locus: At Locus, we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastogi and Geet Garg, Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform. Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers. Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: Key Responsibilities: Conduct comprehensive threat modeling for applications, cloud infrastructure, and overall systems architecture. Perform secure code reviews and security assessments for web, Android, and iOS applications, with a strong focus on cloud infrastructure security. Proactively identify and mitigate vulnerabilities across platforms, collaborating with development and DevOps teams to implement secure solutions. Automate and streamline security processes, aligning with the principle that Complexity is the enemy of Security. Oversee Vulnerability Management and Patch Management processes, ensuring timely remediation. Design and implement robust security measures and contribute to Red Team activities, including assessments of cloud, network, wireless, physical, and social engineering scenarios. Take ownership of assigned tasks and drive the continuous improvement of security practices across the organization. Assist in setting up and maintaining monitoring systems to identify and respond to potential incidents in real time. Develop custom tools, scripts, and scanners to address unique security challenges and automate repetitive tasks. Provide architectural guidance for securing cloud-based applications and DevOps pipelines. Continuously stay updated on emerging security technologies and techniques, sharing knowledge with the team. Qualifications: 3-5 yrs experienced Sr security engineer. Expertise in cloud security (AWS, Azure, or GCP) with a strong understanding of securing applications and infrastructure in cloud environments. Proficiency in DevOps and DevSecOps practices, including secure CI/CD pipeline integration and automation. Strong knowledge of OWASP and SANS testing methodologies for identifying and mitigating security vulnerabilities. Good understanding of software security weaknesses, architecture vulnerabilities, and mitigation strategies. Hands-on experience in threat modeling, vulnerability assessments, and penetration testing. Proficiency in any scripting language - Python. Experience in developing or customizing tools, scanners, or extenders for specific security needs. Ability to work independently and collaboratively within a team to solve complex security challenges. Experience in implementing security monitoring systems for early incident detection. Strong problem-solving skills and the ability to think creatively to simulate attack scenarios. Certification in security-related fields (e.g., AWS Certified Security, CISSP, CEH, OSCP). Experience with container security and orchestration platforms like Kubernetes and Docker. Knowledge of Infrastructure as Code (IaC) tools like Terraform or CloudFormation. Familiarity with modern DevOps tools (e.g., Jenkins, GitLab, Ansible). Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

Job Role: SIEM Specialist The SIEM Specialist will be responsible for implementing, managing, and optimizing Security Information and Event Management (SIEM) solutions to enhance the organization's security posture. The role involves onboarding new security data sources, collaborating with cross-functional teams, and continuously improving SIEM performance to support proactive threat detection and incident response. Experience and Qualifications: Educational Background: Bachelor s degree in Computer Science, Information Technology, or a related field (preferred). Total Experience: 7 8 years of experience in IT security with a minimum of 3 years in SIEM implementation and security data source onboarding. Experience working in large organizations or global service providers with complex infrastructures. Proficiency in deploying, configuring, and managing SIEM solutions such as Splunk, ArcSight, Chronicle (Google Security Operations), and ELK Stack. Familiarity with Cribl and regex is required. Strong knowledge of log management solutions, log parsing, and normalization techniques. Experience integrating SIEM with various data sources, including firewalls, IDS/IPS, antivirus, and endpoint solutions. Proficiency in scripting languages (e.g., Python, PowerShell) for automating SIEM tasks and data analysis. Understanding of cloud platforms (GCP, AWS, Azure) and cloud databases is desirable. Good grasp of cybersecurity principles, including threat detection, incident response, and vulnerability assessment. Strong knowledge of networking protocols, firewall rules, and network security practices for onboarding and monitoring network traffic. Excellent verbal and written communication skills for collaborating with cross-functional teams and documenting onboarding procedures. Strategic and analytical mindset with outstanding problem-solving skills to navigate complex cybersecurity landscapes. Key Responsibilities: Lead the onboarding process of new data sources into the SIEM platform, ensuring proper data normalization and correlation. Continuously improve SIEM performance, efficiency, and scalability. Maintain detailed documentation of SIEM configurations, onboarding procedures, and incident response playbooks. Collaborate with cross-functional teams to identify security requirements and integrate new security technologies into the SIEM environment. Stay informed about emerging threats, vulnerabilities, and security best practices and incorporate this knowledge into SIEM operations. Ensure that SIEM configurations and operations comply with relevant industry regulations and standards. Qualification : Bachelors degree in Computer Science, Information Technology, or a related field (preferred).