Threat Detection AND Prevention Jobs in Bengaluru

Security Research Engineer Security Research Experience: 5 8 Years | Location: Bangalore | Employment Type: Full-Time About SecPod SecPod is a SaaS-based cybersecurity products company focused on prevention-first security. Our Saner Cloud platform is a unified CNAPP solution that combines AI-driven threat intelligence, automated vulnerability detection, and Cloud Security Posture Management (CSPM) to secure multi-cloud environments. Role Summary We are seeking a highly skilled Security Research Engineer to join our Security Research team. This role focuses on researching emerging cloud security threats, developing security intelligence feeds, building proof-of-concepts (PoCs) for misconfigurations, and creating automated remediation and compliance content. Key Responsibilities Threat Research: Conduct security research to develop intelligence feeds and checks with a strong emphasis on cloud security. Vulnerability & Risk Analysis: Identify and create PoCs for emerging cloud misconfigurations and security risks. Automation: Develop automation for research and validation tasks using Python or other scripting languages. Compliance & Remediation: Build remediation feeds for cloud misconfigurations and compliance benchmarks. Lifecycle Management: Manage the end-to-end lifecycle of research outputs, from initial development through production release. Required Qualifications & Skills Professional Experience: 5 8 years in security research or engineering, with at least 3 years in a senior technical role. Cloud Infrastructure: Hands-on experience with AWS, Azure, or GCP. Technical Fundamentals: Strong understanding of operating systems, networking, and computer science security. Programming: Proficiency in languages such as Python, C, C++, or Java. Environment Expertise: Experience across Linux/Unix, Windows, and virtualization environments. Compliance: Solid knowledge of cloud security and security benchmark compliance. Education Bachelor s degree (or equivalent) in Computer Science or a related field. Qualification : Bachelors degree (or equivalent) in Computer Science or a related field

Cyber Security Analyst Bangalore, India Location: Bangalore (Bengaluru) Experience: 4 to 12 Years Industry: IT Security / Cybersecurity Job Summary: We are seeking a highly skilled Cyber Security Analyst with advanced knowledge in cybersecurity principles, risk assessment, and threat prevention. The ideal candidate will have hands-on experience with security tools, network defense, vulnerability assessments, and malware analysis to safeguard our organization s digital assets. Key Responsibilities: Analyze and mitigate cyber and IT security risks using advanced techniques and best practices Conduct vulnerability assessments and penetration testing across networks, platforms, and applications Utilize scripting and programming languages such as Python, PowerShell, Perl, HTML, and JavaScript for automation and security analysis Monitor network security devices including firewalls, proxies, NIDS/NIPS, and respond to security incidents Perform dynamic and static malware analysis and memory forensics to identify and counter threats Conduct reverse engineering of malware and apply countermeasures based on adversary tactics and protocols Apply in-depth knowledge of network protocols, network security monitoring, and incident response Ensure compliance with security standards and frameworks Collaborate with cross-functional teams to implement security improvements and ensure robust defense mechanisms Required Skills & Qualifications: Minimum 4+ years of professional experience in cybersecurity or related IT security roles Advanced understanding of cyber threats, risk management, and prevention techniques Proficiency in security system analysis, network security, and vulnerability assessment tools Experience with malware analysis, penetration testing, and reverse engineering Strong programming/scripting skills in Python, PowerShell, Perl, or similar languages In-depth knowledge of security standards, protocols, and industry best practices Hands-on experience with network security monitoring and defense technologies Preferred Certifications: Technical cybersecurity certifications from recognized bodies such as SANS, ISACA (CISA, CISM), (ISC) (CISSP), CompTIA Security+, Cisco (CCNA Security), CERT, or equivalent Work in a challenging role protecting critical digital infrastructure Collaborate with a talented cybersecurity team to combat evolving threats Access to continuous learning, professional development, and certification opportunities

Architect - Cyber Security | Bengaluru, India Location: Bangalore (Bengaluru) Experience: 12 to 20 Years Industry: IT Security / Cybersecurity Architecture Job Summary: We are looking for a seasoned Cyber Security Architect with over 12 years of experience designing and managing security architectures across multiple industries. The ideal candidate will bring strong expertise in secure design principles, SSDLC implementation, and cloud security especially within Azure environments. Key Responsibilities: Lead the development and management of enterprise-wide security architectures for global, multinational organizations Participate in Security Architecture Review Boards and drive secure coding practices along with Software Security Development Life Cycle (SSDLC) implementation Develop and enforce secure design principles and security standards across platforms Create and maintain current and future state architecture diagrams, supporting the technical roadmap with a comprehensive understanding of the technology market Deliver security solution architectures aligned with the enterprise architecture framework Provide expert guidance on securing multi-tenant cloud environments, with a focus on Microsoft Azure Collaborate with cross-functional teams to align security strategies with business goals and compliance requirements Required Skills & Qualifications: Minimum 12+ years of experience in security architecture across at least two different industries, preferably including cloud service providers Proven track record with security architecture development and governance in large-scale multinational companies Experience with secure coding, SSDLC, and security architecture review processes Strong proficiency in cloud security architecture, especially Azure multi-tenant environments Bachelor s or Master s degree in Information Security, Computer Science, or related field Must hold CISSP certification (Certified Information Systems Security Professional) Experience with architecture certification such as CISSP-ISSAP is highly preferred Additional certifications or memberships in SANS, ISACA, or similar cybersecurity organizations are a plus Azure Architecture or Azure Security certifications highly desirable Lead cybersecurity architecture in a global, dynamic enterprise environment Work with cutting-edge cloud technologies and secure multi-cloud ecosystems Grow professionally with access to industry-leading certifications and training Influence enterprise security strategy at the highest level Qualification : Bachelors or Masters degree in Information Security, Computer Science, or related field

Technical Consultant - Security Intel & Operations Consulting Services Location: Bangalore, Karnataka, India Job Type: Full-Time Experience Level: Senior Introduction: At IBM Consulting, we believe that work is more than just a job it's a calling. In the role of Technical Consultant - Security Intel & Operations, you will be part of our Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to both public and private sector clients across the globe. Our team helps clients to innovate, adopt new technologies, and improve their security posture. Your Role and Responsibilities: As a Senior SOC Analyst working within the 24/7 Cyber Fusion Center (CFC), your role will involve the proactive monitoring, triaging, analyzing, and escalating incidents in client environments. You will be tasked with utilizing various cyber operations tools and technologies to analyze data, detect security threats, and mitigate risks. Your expertise will contribute to maintaining the security integrity of client systems and ensuring efficient incident response. Key Responsibilities: Incident Monitoring & Analysis: Monitor and analyze security events using various cybersecurity tools like SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to detect potential threats and mitigate risks. Perform event correlation using multiple data sources to understand the nature of security incidents and determine their impact on client environments. Threat Detection & Mitigation: Analyze alerts to identify active threats, perform root cause analysis, and apply appropriate mitigation techniques for both structured and unstructured environments. Evaluate security incidents across AWS and Azure environments, analyzing system, network, and email security events. Proactive Cybersecurity Measures: Conduct root cause analysis of security events and recommend actions to address vulnerabilities. Contribute to the development and constant improvement of SOC runbooks and playbooks to optimize security operations. Collaboration & Reporting: Work closely with cross-functional teams to escalate critical incidents and provide daily summary reports on activities relevant to cyber operations. Lead discussions on incident trends, perform cyber operations trend analysis, and report on findings to ensure continuous security enhancement. Continuous Improvement: Recommend improvements to automations, alert fidelity, and security controls to improve security efficacy and response time. Engage in team meetings, calls, and chats, contributing technical insights to enhance security strategies and tactics. Required Education and Experience: Education: Bachelor s Degree in Computer Science, Information Technology, Cybersecurity, or related fields. A Master s Degree is preferred but not required. Experience: Extensive experience working as a SOC Analyst or similar cybersecurity roles, especially in a 24/7 security operations center environment. Proficient in event analysis, log analysis, and network event management. Hands-on experience with cloud environments such as AWS and Azure, with a focus on cybersecurity threats and mitigations. Solid understanding of TCP/IP network security, modern attack techniques, exploitation methods, and operating system security. Preferred Technical and Professional Experience: Security Tools & Platforms: Experience with CyberArk, Azure SSO, and other enterprise security technologies. Knowledge of enterprise web technologies and cutting-edge security infrastructures. Familiarity with security automation tools and best practices for improving alert fidelity and security controls. Advanced Event & Threat Analysis: Proven ability to perform high-quality triage and in-depth analysis of security alerts. Experience in documenting incidents and escalating critical issues with appropriate cyber operations reports. Communication & Collaboration: Strong verbal and written communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders. Ability to actively contribute to team discussions, runbook creation, and security playbook updates. Global Impact: Join a globally recognized team working at the forefront of cybersecurity, helping to shape the future of digital security. Career Development: IBM offers a strong focus on professional growth, offering learning opportunities, certifications, and exposure to the latest security technologies. Collaborative Culture: Be part of a collaborative and dynamic team, working together to tackle the most pressing security challenges faced by businesses around the world. If you are ready to contribute to the security and resilience of leading global organizations, we invite you to apply and be a part of our forward-thinking security team at IBM Consulting. Qualification : Bachelors Degree in Computer Science, Information Technology, Cybersecurity, or related fields.

Position: Analyst - SecOps (SOC Level 2) Job Overview: We are looking for a skilled SOC Level 2 Analyst to join our global Cyber Operations team. This critical role ensures the security of our organization by monitoring, detecting, and responding to security incidents. The Analyst will work on a rotating 24x7 shift schedule, including night shifts. The ideal candidate will have strong experience in SOC operations, incident response, and proficiency with cybersecurity tools and technologies. Key Responsibilities: Threat Detection and Incident Response: Monitor, analyze, and respond to global security alerts using SIEM/SOAR tools. Perform triage and analysis with sandboxing technologies and threat intelligence platforms. Investigate security events, implement containment and recovery strategies, and expedite workflows with AI/ML capabilities. Query and correlate security data using KQL (Kusto Query Language) to identify and address threats. Develop and manage automated detection rules and playbooks in Microsoft Sentinel. Enhance endpoint protection and data security using Microsoft Defender and MS Purview Data Loss Prevention (DLP) tools. Threat Hunting and Data Forensics: Perform proactive threat hunting and data forensics to identify and investigate potential threats. Use advanced threat intelligence platforms to refine detection strategies. Develop and execute SOC playbooks to improve response times and operational efficiency. Team Collaboration and Leadership: Provide assistance with complex incidents and investigations. Collaborate with USA security escalation teams and other departments to improve the organization s overall security posture. Contribute to the development and refinement of SOC procedures and best practices. Career Development: Opportunities for progression to roles like SOC Lead or SOC Architect. Access to continuous learning, certifications, and professional development resources. Regular performance reviews to discuss career growth and advancement. Qualifications: Bachelor s degree in Computer Science, Cybersecurity, or related field (preferred). 3-5 years of experience as a SOC Analyst, with lead responsibilities being a plus. Strong proficiency in KQL (Kusto Query Language) for querying and analyzing security data. Hands-on experience with Microsoft Sentinel (including rule creation, playbook implementation, and workbooks). Proficiency in Microsoft Defender and MS Purview DLP for endpoint protection and data security. Certifications such as CISSP, CEH, or CompTIA Security+ are a plus. Core Technologies and Expertise: Microsoft Sentinel: Expertise with SIEM, rule creation, playbooks, and workbooks. KQL (Kusto Query Language): Proficiency in querying and data correlation. Microsoft Defender: Strong knowledge of endpoint protection and threat detection. MS Purview DLP: Experience in data loss prevention strategies. Incident Response Tools: Knowledge of containment and recovery strategies. Vulnerability Management: Familiarity with assessments, penetration testing, and monitoring. Threat Intelligence Platforms: Ability to leverage and analyze threat intelligence. Network Security: Working knowledge of firewalls, IDS/IPS, and network security protocols. Data Forensics: Skilled in forensic analysis and investigation. SOC Playbooks: Ability to create and manage effective SOC playbooks. Additional Skills: Strong understanding of incident response processes and procedures. Excellent analytical, problem-solving, and communication skills. Ability to work collaboratively within a well-managed team. Rotational 24x7 shift coverage. Location: Bangalore, India (SKAV Seethalakshmi, GESC) Employment Type: Full-time Job Category: Information Technology Qualification : Bachelors degree in Computer Science, Cybersecurity, or related field (preferred).

Job Title: Security Engineer - II Location: Bangalore (On-site; full-time) About Locus: At Locus, we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastogi and Geet Garg, Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform. Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers. Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: Key Responsibilities: Conduct comprehensive threat modeling for applications, cloud infrastructure, and overall systems architecture. Perform secure code reviews and security assessments for web, Android, and iOS applications, with a strong focus on cloud infrastructure security. Proactively identify and mitigate vulnerabilities across platforms, collaborating with development and DevOps teams to implement secure solutions. Automate and streamline security processes, aligning with the principle that Complexity is the enemy of Security. Oversee Vulnerability Management and Patch Management processes, ensuring timely remediation. Design and implement robust security measures and contribute to Red Team activities, including assessments of cloud, network, wireless, physical, and social engineering scenarios. Take ownership of assigned tasks and drive the continuous improvement of security practices across the organization. Assist in setting up and maintaining monitoring systems to identify and respond to potential incidents in real time. Develop custom tools, scripts, and scanners to address unique security challenges and automate repetitive tasks. Provide architectural guidance for securing cloud-based applications and DevOps pipelines. Continuously stay updated on emerging security technologies and techniques, sharing knowledge with the team. Qualifications: 3-5 yrs experienced Sr security engineer. Expertise in cloud security (AWS, Azure, or GCP) with a strong understanding of securing applications and infrastructure in cloud environments. Proficiency in DevOps and DevSecOps practices, including secure CI/CD pipeline integration and automation. Strong knowledge of OWASP and SANS testing methodologies for identifying and mitigating security vulnerabilities. Good understanding of software security weaknesses, architecture vulnerabilities, and mitigation strategies. Hands-on experience in threat modeling, vulnerability assessments, and penetration testing. Proficiency in any scripting language - Python. Experience in developing or customizing tools, scanners, or extenders for specific security needs. Ability to work independently and collaboratively within a team to solve complex security challenges. Experience in implementing security monitoring systems for early incident detection. Strong problem-solving skills and the ability to think creatively to simulate attack scenarios. Certification in security-related fields (e.g., AWS Certified Security, CISSP, CEH, OSCP). Experience with container security and orchestration platforms like Kubernetes and Docker. Knowledge of Infrastructure as Code (IaC) tools like Terraform or CloudFormation. Familiarity with modern DevOps tools (e.g., Jenkins, GitLab, Ansible). Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

Cybersecurity Portfolio Manager Location: Bengaluru, India About Schneider Electric Schneider Electric is a global leader in energy management and automation, driving digital transformation for efficiency and sustainability. With a presence in over 100 countries and revenues of ~ 25 billion (FY2016), our 144,000+ employees help customers optimize their energy and processes in safe, reliable, efficient, and sustainable ways. From simple switches to advanced automation systems, our technologies reshape industries, transform cities, and enrich lives. At Schneider Electric, we believe that Life Is On. Cybersecurity at Schneider Electric Cybersecurity is a core pillar of Schneider Electric s digital strategy, ensuring secure IT/OT convergence and enabling our partners and customers to thrive in today s digital economy. Our cybersecurity efforts focus on: Strong digital governance and risk management Robust risk prevention, detection, and response strategies Protection of high-value assets Comprehensive security metrics and compliance About the Role We are seeking an experienced Cybersecurity Portfolio Manager to lead our product security initiatives within the Energy Management (EM) Central CTO Office. This role is crucial in driving transversal security strategies, aligning regulatory, technical, and business teams, and ensuring our products meet the highest security and data protection standards. You will report to the VP of Cybersecurity Innovation and Architecture and collaborate closely with product security architects, security advisors, and key stakeholders across the organization. Key Responsibilities Product Security Management: Oversee security aspects of product development and implementation, ensuring compliance with industry standards and regulations. Governance, Risk, and Compliance (GRC): Ensure adherence to security frameworks, policies, and compliance requirements. Project Management: Lead security initiatives, managing resources, timelines, and budgets effectively. Stakeholder Collaboration: Act as a bridge between technical teams, regulatory bodies, and business units to align security objectives. Documentation & Reporting: Maintain security process documentation, dashboards, and reports to track security performance and compliance. Qualifications Required: Bachelor s degree in Computer Science, Information Security, or a related field. 4 6 years of experience in cybersecurity, with a focus on product security. Strong knowledge of security principles (IT and OT), GRC, and data protection. Experience in project management and leading cross-functional teams. Excellent communication skills, with the ability to simplify complex security concepts for non-technical stakeholders. Structured, detail-oriented, and highly organized. Ability to advocate for security best practices across the organization. Familiarity with security frameworks and standards (e.g., ISO/IEC 27001, NIST). Certifications such as CISSP, CISM, or CISA (preferred). Leadership & Soft Skills Strong presentation and cross-functional collaboration skills. Ability to organize and facilitate meetings and workshops. Adaptability to shifting priorities, deadlines, and challenges. Experience working in global, matrixed organizations. Problem-solving mindset with a proactive approach to risk identification and mitigation. Self-motivated with the ability to work independently and handle multiple tasks under pressure. Join us in shaping a secure digital future at Schneider Electric! Qualification : Bachelors degree in computer science, Information Security, or a related field.

At Databricks, we are obsessed with Data + AI to solve the world's toughest problems, from security threat detection to cancer drug development. We do this by building and running the world's best data and AI infrastructure platform, so our customers can focus on the high-value challenges that are central to their missions. Founded in 2013 by the original creators of Apache Spark , Databricks has grown from a tiny corner office in Berkeley, CA to a global organization with over 6500 employees. Thousands of organizations, from small to Fortune 100, trust Databricks with their mission-critical workloads, making us one of the fastest-growing SaaS companies in the world. The Money team's mission at Databricks is to maximize the value that our customers derive from their investments in data projects. We accomplish this through innovative commercialization strategies, timely & accurate billing, cost optimization tools, intelligent resource usage controls, and cutting-edge engineering. We provide a seamless and consistent set of platforms to enable all Databricks products to reach customers quickly, and sustainably. As the first Engineering Manager for Money at Databricks India, you will be key to building a base for one of Databricks most central engineering orgs. You will own critical components that form the backbone of our business, starting with Databricks resource admission control and usage governance infrastructure. Your role is crucial in helping bring diverse business needs together, including abuse prevention, product commercialization motions, and reliable product availability at scale. You will work closely with infrastructure as well as product teams in bringing critical governance functionality to Databricks customers. The impact you will have: Hire great engineers to build an outstanding team and support their career development by providing clear and timely feedback Ensure high technical standards by instituting processes (architecture reviews, testing) and culture (engineering excellence) Work with engineering and product leadership to build a long-term roadmap Coordinate execution and collaborate across teams to successfully deliver cross-cutting strategic projects What we look for: 10+ years of extensive experience with large-scale distributed systems alongside processes around testing, monitoring, SLAs etc 5+ years of engineering management experience, building, managing and mentoring high-performing software engineering teams Demonstrated success in collaborating with multiple cross-functional stakeholders to align system features and architecture, to deliver impactful platform projects Experience in developing and implementing proactive mechanisms for failure detection and incident prevention Excellent leadership, communication, and project management skills BS (or higher) in Computer Science, or a related field About Databricks Databricks is the data and AI company. More than 10,000 organizations worldwide including Comcast, Cond Nast, Grammarly, and over 50% of the Fortune 500 rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark , Delta Lake and MLflow. To learn more, follow Databricks on Twitter,LinkedIn and Facebook . Benefits At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visithttps://www.mybenefitsnow.com/databricks. Our Commitment to Diversity and Inclusion At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics. Compliance If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone. Qualification : BS (or higher) in Computer Science, or a related field.

Our Mission 6sense is revolutionizing how B2B organizations generate revenue by predicting customers most likely to buy and recommending the best ways to engage with anonymous buying teams. Through Revenue AI, we unlock the ability to create, manage, and convert high-quality pipelines into revenue, reshaping how businesses thrive. Our People At 6sense, people are at the core of our mission. Guided by our values Accountability, Growth Mindset, Integrity, Fun, and One Team we foster an environment where innovation and impact are celebrated. Every team member plays a key role in shaping our industry-leading technology, making 6sense a place for risk-takers and difference-makers who measure success by the value they deliver to customers. Purpose of the Role As part of the Security Operations and Threat Management team, you will help protect 6sense by proactively preventing, detecting, investigating, and responding to security threats and incidents that may impact the business. Key Responsibilities Incident Response & Monitoring: Monitor security alerts, conduct vulnerability assessments, and analyze logs to identify and respond to security incidents. Collaborate with cross-functional teams (Infrastructure, Engineering, IT, GRC, Cloud, and Application Security) to validate alerts and resolve incidents. Threat Landscape Analysis: Perform proactive reviews to assess and address potential security risks. Continuously tune detection rules in security solutions to adapt to evolving threats. Automation & Tool Administration: Manage security tools and develop basic automation for improved efficiency. Identify and implement opportunities for process automation to enhance security operations. Documentation & Playbooks: Create and maintain a security playbook for various threat scenarios. Keep documentation, runbooks, workflows, and dashboards up to date. Performance & Objectives: Align with quarterly Key Results that support team Objectives (OKRs). Participate in the Security Operations on-call rotation to ensure prompt responses. Performance Metrics Proficient understanding of the 6sense product and platform. Participation in regular 1:1s with managers and monthly skip-level meetings. Efficient identification and closure of incidents within established SLAs. Maintenance of accurate, up-to-date documentation and proactive engagement with SecOps technologies. Educational & Experience Requirements Experience: 4+ years in a Security Operations role or similar position. Hands-on experience with security tools and cloud environments (e.g., Vulnerability Scanners, SIEM, SOAR, AWS). Knowledge: Familiarity with industry frameworks, regulations, and standards, including MITRE ATT&CK, STRIDE, ISO 27001, GDPR, SOC 2, PCI, and NIST. Understanding of AI applications in cybersecurity (preferred). Qualifications: Bachelor's degree in a related field. Relevant certifications, such as CSA, GCDA, GSOC, or CySA, are advantageous. Benefits At 6sense, we offer: Comprehensive health coverage. Paid parental leave. Generous paid time off and holidays. Quarterly self-care days off to prioritize well-being. Stock options to share in the company s success. Support and equipment to work from home or one of our offices. Join us to make an impact in the evolving cybersecurity landscape, empowering organizations to grow revenue through innovation and resilience. Qualification : Bachelor's degree in a related field

In this role, you ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you ll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role and Responsibilities Integrate threat intelligence into security monitoring systems to enhance proactive threat detection capabilities. Develop documentation required to support the program s technical issues. Monitor and track certificate expirations and proactively manage renewals. Provide technical support for PKI-related incidents and issues and collaborate with vendors if necessary. Provide technical support during the deployment, configuration, integration, and administration of security technologies Developing migration strategies to move key application workloads into the Cloud environment. Required Technical and Professional Expertise Architecting, designing and building Cloud Security solutions as per business requirements in accordance with enterprise application and technology roadmaps, principles, standards and guidelines Strong understanding of features and capabilities of the Microsoft Cloud Security services (Security Center, Firewalls, Key Vault, Networking, NSG, Load-Balancers, Azure Monitor, Azure Sentinel, MS Defender for Cloud) Strong understanding of features and capabilities of the Microsoft Cloud Security services ( AWS Security HUb, AWS KMS, AWS GuardDuty, AWS Macie, AWS HSM, AWS IAM AWS NSG , Firewalls etc ) Ensure experience of layered security, zoning, integration aspects, API, endpoint security, data security, compliance, and regulations. Will provide technical support during the deployment, configuration, integration. Preferred Technical and Professional Expertise Participate in assessing current security posture of the cloud environment, Monitoring & Incident Response: Implement and manage Azure Sentinel for real-time monitoring, threat detection, and incident response. Create technical roadmaps and strategies for implementation of Security Framework and establish cross security domain designs and plans, Integrate threat intelligence into security monitoring systems to enhance proactive threat detection capabilities. Monitor and track certificate expirations and proactively manage renewals.

What You ll Achieve: As a Consultant, Cyber Incident Response, you will be responsible for handling complex cybersecurity incidents, providing advanced analysis, and offering support to L1 and L2 analysts. Your role will require extensive experience in the full lifecycle of Cybersecurity Incident Response, including preparation, analysis, notification, response, recovery, and post-mortem activities. Key Responsibilities: Global Escalation Point: Serve as the primary escalation point for complex cybersecurity incidents that are not resolved by L1/L2 analysts, offering regional subject matter expertise on incident response. Incident Analysis and Investigation: Conduct in-depth analysis of security incidents, determining the root cause and potential impact to the organization. Investigate and analyze large, unstructured datasets, malicious artifacts, and EDR (Endpoint Detection and Response) tools to identify trends, anomalies, and potential threats. Incident Response Lifecycle: Oversee all phases of incident response, including preparation, analysis, response, recovery, and post-mortem reviews to identify lessons learned and enhance future response efforts. Liaison with Stakeholders: Act as a liaison between various stakeholders and internal CSIRT (Computer Security Incident Response Team) teams, helping implement best security practices and driving process improvements for incident response. Mentorship and Training: Provide guidance and training to L1 and L2 analysts, sharing your knowledge to enhance their skills in cybersecurity incident response. Essential Requirements: Cybersecurity Expertise: 10+ years of experience in cybersecurity incident response and hands-on experience within a Security Operations Center (SOC). Incident Investigation Skills: Exceptional ability to conduct investigations, analyze findings, and determine the root cause of incidents. Strong Technical Knowledge: In-depth understanding of security technologies such as SIEM (Security Information and Event Management), full packet capture, firewalls/NGFW, IDS/IPS, EDR, DLP (Data Loss Prevention), UEBA (User Entity Behavior Analytics), and familiarity with networking protocols. Experience with Cloud Computing, Microsoft Windows, and Linux/Unix platforms. Experience with Cyber-attacks: Strong knowledge of various cyber-attack types and techniques, including incident response, threat hunting, and understanding attack lifecycles. Analytical and Communication Skills: Excellent analytical thinking, time management, and coordination skills. Strong command of English, both written and verbal, for clear communication with stakeholders and teams. Desirable Requirements: Certifications: Industry-recognized certifications such as CISSP, SANS GCIH, GCIA, GNFA, GREM, etc. Additional Skills: Experience in Digital Forensics and reverse malware tools. Proficiency in scripting languages for incident analysis and automation.

Our Exciting Opportunity: We are looking for a Security Engineer to manage, track, and support security-related activities within our organization, ensuring the continuous availability and performance of services as per Service Level Agreements (SLA). This role will involve incident management, security tool integration, process improvement, and governance reporting. As a Security Engineer, you will play a key role in ensuring that security incidents are identified, responded to, and resolved effectively and quickly. You'll work with various teams to mitigate risks and improve overall security posture. What you will do: Incident Management: Respond to after-hours security incidents (on-call support). Coordinate event collection, log management, and compliance automation. Address day-to-day security change requests related to security operations. Conduct research and intelligence gathering on emerging threats and exploits. Create new security rules based on identified threats. Perform postmortem analysis of logs, traffic flows, and activities to identify malicious activity. Analyze security incidents involving networking devices, operating systems, endpoint analysis, and network attacks. Work with Technical Authority teams to resolve security incidents. Provide Root Cause Analysis for security incidents, outages, or impairments. Administer authentication and access controls, including user provisioning and deprovisioning. Tools Integration: Integrate security tools (SIEM, VA, IAM) with various network nodes. Deploy policies, signatures, parsers, and rules for security infrastructure. Communicate with vendors (e.g., SIEM, IPS/IDS, IAM) for application-related issues. Process Improvement: Mentor Level 1 analysts to improve detection capabilities within the Security Operations Center (SOC). Prepare Use Cases and MOPs (Method of Procedures) based on identified scenarios. Create and maintain technical operational work instructions. Drive continuous improvement by identifying opportunities to enhance current processes. Governance and Reporting: Provide business intelligence reporting based on SOC and customer needs. Identify and report risks related to security. Perform periodic security reporting and present findings to management or customers. To be successful in this role, you must have: Strong knowledge of information security concepts and best practices. Experience with SIEM tools (e.g., McAfee ESM, QRadar, ArcSight, Splunk). Experience with scanning tools (e.g., Nessus, Qualys, IBM AppScan). Experience with PAM tools (e.g., BeyondTrust, CyberArk). Knowledge of Linux and MS Windows systems with a technical understanding of TCP/IP networks. Understanding of enterprise computing environments, distributed applications, and security controls. Key Qualifications: Education: Graduate in Computer Science or a similar field. Experience: 5 to 11 years of experience, with at least 2 years in IT and 2 years in security. Certifications (Preferred): ITIL certification CCSP (Certified Cloud Security Professional) OSCP (Offensive Security Certified Professional) Security+ CCNA Security or similar certifications. Why This Role? This is a fantastic opportunity for a Security Engineer to develop your career by working with cutting-edge security technologies and supporting a highly dynamic and crucial role in an organization. You will have the chance to mentor junior team members, improve security processes, and work with state-of-the-art tools to ensure the highest levels of security for the organization. Apply now to join our team and contribute to maintaining and improving the security infrastructure! Qualification : Graduate in Computer Science or similar

Security Operations Engineer FalconX Location: Bangalore Experience: 3+ Years Education: Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field About FalconX FalconX is a pioneering team of operators, investors, and builders transforming institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX simplifies the complex and fragmented digital asset ecosystem. Our platform empowers clients to navigate the crypto landscape seamlessly, providing access, liquidity, and tools to execute institutional strategies from start to scale. Role Overview We are looking for a Security Operations Engineer to strengthen our cybersecurity posture and protect our systems, data, and clients. In this role, you will monitor, detect, and respond to threats across on-premise and cloud environments, conduct investigations, perform threat hunting, and automate security operations. Key Responsibilities Monitor, detect, and respond to security incidents across cloud and on-premise environments. Analyze security alerts from various tools to identify potential threats and anomalies. Conduct forensic investigations and deep-dive analysis to identify trends and attack techniques. Perform proactive threat hunting across endpoints, networks, and cloud environments. Analyze security logs and behavioral patterns to detect Indicators of Compromise (IOCs). Investigate security incidents and provide actionable mitigation and remediation recommendations. Develop and refine threat hunting methodologies using frameworks like MITRE ATT&CK. Automate threat detection and response processes using scripting languages such as Python, PowerShell, or Bash. Continuously monitor emerging threats, vulnerabilities, and attack trends to improve strategies. Required Qualifications Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field. 3+ years of experience in Security Operations, Threat Hunting, or a similar cybersecurity role. Hands-on experience working with log data for detection and response (Cloud, EDR, Network, etc.). Experience developing and deploying detection rules (Yara, Sigma, SQL-based rules, etc.). Strong understanding of network security monitoring, packet analysis, and log correlation. Deep knowledge of advanced threat detection methodologies and threat intelligence. Proficiency in analyzing attacker TTPs using frameworks like MITRE ATT&CK. Skilled in scripting and automation for security operations (Python, PowerShell, Bash). Familiarity with endpoint security, identity management, cloud security, and incident response. Protect critical systems, data, and client assets from emerging cyber threats. Play a key role in detecting, investigating, and responding to security incidents. Collaborate with cross-functional teams to strengthen security posture and operational resilience. Drive proactive threat hunting and automation to improve efficiency and effectiveness. Qualification : Bachelors degree in Cybersecurity, Computer Science, Information Technology, or related field

Senior Test Automation Engineer Experience: 3 5 Years | Location: Bangalore | Employment Type: Full-Time About SecPod SecPod (Security Podium) is a global cybersecurity company that focuses on preventive cybersecurity solutions. Their SanerNow Platform unifies vulnerability management, patching, compliance, and threat detection into a single agent and dashboard. Role Summary We are seeking a highly skilled Senior Test Automation Engineer to lead and drive automation initiatives across SecPod s platforms. This role involves owning the end-to-end automation strategy, building scalable frameworks, and ensuring the delivery of high-quality, secure software. Key Responsibilities Solution Design: Own the design, development, and maintenance of automated testing solutions and scalable test cases. Framework Enhancement: Build and maintain frameworks for Web, Desktop, and REST APIs. Strategy & Best Practices: Define automation strategies, test design techniques, and optimize test execution efficiency. Regression Expansion: Continuously evaluate and expand regression suites for new features. Technical Collaboration: Work closely with Architects and Development Leads to ensure top-tier deliverables. Required Qualifications & Technical Skills Experience: 3 5 years of hands-on experience in test automation. Framework Development: Strong experience designing frameworks for applications built using Java, JavaScript, C, and C++. Programming: Proficiency in Java or Python. SDLC/STLC: Deep understanding of the Software Testing Life Cycle and software engineering principles. DevOps & CI/CD: Practical experience with Jenkins or Bamboo and CI/CD pipeline implementation. Technical Breadth: Knowledge of HTTP, REST, and database concepts across Linux and Windows environments. Domain Knowledge: Experience in the cybersecurity domain is a strong advantage. Non-Technical Skills Agile Mindset: Ability to adapt quickly in a fast-paced environment. Analytical Thinking: Excellent troubleshooting, debugging, and research-oriented problem-solving skills. Communication: Strong collaboration and verbal/written communication skills. Education: Bachelor s or Master s degree (BE / MCA / M.Tech). Qualification : Bachelors or Masters degree (BE / MCA / M.Tech)

Infrastructure Security Leader Location: Bengaluru About Us: Observe.AI Observe.AI is the leading AI-powered platform for customer experience, enabling enterprises to automate customer interactions using AI agents. Our platform ensures natural conversations, delivering predictable outcomes, and is trusted by top companies like DoorDash, Affordable Care, Signify Health, and Verida. Observe.AI blends advanced speech understanding, workflow automation, and enterprise-grade governance to deliver end-to-end AI solutions that optimize both human and AI interactions, providing insights for coaching and quality management. At Observe.AI, we re on a mission to transform customer experiences through AI. As a founding member of our Infrastructure/Cloud Security team, you will have the opportunity to shape and design cloud security from the ground up for a platform trusted by over 80 million users. Reporting directly to the VP of Information Security, you will drive a defense-in-depth approach across infrastructure, IAM, and networks. This is a unique, zero-to-one role where you ll define security strategy, mentor the team, and make a long-lasting impact in a fast-growing AI company. What You ll Be Doing: Security Strategy Development: Design and document security policies, reference architectures, design patterns, and roadmaps to protect our platform. Secure Access & Network Design: Lead efforts to design secure access controls and networks for production environments. Cross-Department Leadership: Collaborate with Corporate IT to implement security measures within the corporate environment. Defense-in-Depth: Implement network segmentation, firewall configurations, VPNs, and deep packet inspection to minimize impact from security incidents. AWS Infrastructure Security: Re-architect AWS infrastructure to enhance security, ensuring that networks, VPCs, and security configurations are optimized. Vulnerability Management: Identify tools and technologies to scan networks, OS, and infrastructure for vulnerabilities, and work with SRE teams to remediate identified risks. Security Compliance: Represent Infrastructure Security in PCI, SOC, ISO, HITRUST, and other regulatory audits, ensuring compliance. Collaborative Design: Partner with engineering teams and architects to ensure infrastructure designs meet both business and security requirements. Stakeholder Collaboration: Work with other teams to integrate up-to-date security features and infrastructure designs across the organization. What You ll Bring to the Role: 9+ years of experience in Software Engineering, Network Security, and AWS Security. Proven track record in designing and implementing secure Cloud Infrastructure, Network Security, and Corporate IT Security. Experience at a SaaS product company with hands-on knowledge of cloud security. Leadership experience in managing Infrastructure Security teams or Security-Focused SRE teams. Strong understanding of network designs, protocols, and certifications like CCNA (or similar). Ability to handle multiple, high-priority projects simultaneously while maintaining focus and quality. Comfort with working off-hours to handle security incidents in a dynamic, fast-paced environment. First-hand experience with major cloud providers, specifically AWS. Deep understanding of large-scale systems and N-tier architectures. Excellent communication skills, able to effectively influence and collaborate with stakeholders across the organization. Perks & Benefits: Medical Insurance: Comprehensive options, including free online doctor consultations. Leave Policies: Yearly privilege and sick leaves as per Karnataka S&E Act, along with generous national, festive, and parental leave. Learning & Development: Access to a fund that supports continuous learning and professional growth. Flexible Benefits: Tax exemptions for meals, PF, etc., along with other flexible benefit plans. Team Culture: Fun events to foster collaboration and culture across the organization.

Security Operations Engineer Location: Bangalore About Us FalconX is a pioneering team of operators, investors, and builders committed to transforming institutional access to the digital asset markets. By bridging traditional finance with cutting-edge technology, we address the industry's most complex challenges. We offer a comprehensive solution for all digital asset strategies from startup to scale enabling our clients to navigate the ever-evolving cryptocurrency landscape with confidence. We are seeking an experienced Security Operations Engineer to help secure FalconX s infrastructure and protect our clients digital assets. As a part of our security team, you will monitor, detect, and respond to cyber threats across both on-premise and cloud environments, ensuring the integrity and safety of our systems and data. Key Responsibilities Security Monitoring & Incident Response: Monitor and respond to security incidents across both on-premise and cloud environments, ensuring timely detection and remediation of potential threats. Threat Detection & Analysis: Analyze security alerts from various security tools to identify, investigate, and mitigate security risks. Conduct in-depth forensic investigations to identify trends, attack techniques, and vulnerabilities. Proactive Threat Hunting: Conduct proactive threat hunting across endpoints, networks, and cloud environments, looking for sophisticated and emerging threats that may not yet be detected by traditional security measures. Forensics & Incident Investigation: Investigate and analyze security incidents to identify the root cause. Provide actionable recommendations for improving security posture and preventing future incidents. Detection Engineering: Develop and refine threat detection methodologies and rules (e.g., Yara, Sigma, SQL-based rules, network protocols) to enhance security monitoring capabilities. Utilize frameworks like MITRE ATT&CK and the Cyber Kill Chain to guide threat hunting and analysis. Automation & Scripting: Leverage scripting languages (Python, PowerShell, or Bash) to automate threat detection, analysis, and response processes, improving overall efficiency and effectiveness. Threat Intelligence & Trend Analysis: Stay informed about emerging threats, vulnerabilities, and attack trends to continuously improve detection strategies and enhance the response to new security challenges. Qualifications Education & Experience Education: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience). Experience: Minimum of 3 years in a security operations, threat hunting, or similar cybersecurity role. Security Expertise Strong experience working with security tools and log data (Cloud, EDR, Network, etc.) for detection and response. Deep understanding of network security, packet analysis, and log correlation. Proficiency in advanced threat detection methodologies and threat intelligence, with a strong grasp of attacker tactics, techniques, and procedures (TTPs), especially using frameworks like MITRE ATT&CK. Technical Skills Proficiency in scripting and automation (Python, PowerShell, Bash). Experience with detection engineering and developing custom detection rules (e.g., Yara, Sigma, SQL-based, Network). Familiarity with endpoint security, identity management, vulnerability management, cloud security, and incident response. Soft Skills Excellent analytical and problem-solving skills with a keen attention to detail. Strong communication skills, with the ability to work effectively in a collaborative, fast-paced environment. Be part of a rapidly growing company at the cutting edge of finance and technology. A dynamic, fast-paced work environment where your expertise will directly impact business success. Competitive salary and benefits package. Opportunities for professional growth in a highly innovative industry. Qualification : Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience)

Position: Senior Manager / Associate Director Risk & Compliance Location: Bengaluru Employment Type: Full-Time Department: Risk & Compliance Role Overview: Cashfree Payments is looking for a seasoned professional to join as Senior Manager / Associate Director Risk & Compliance. This leadership role focuses on developing and implementing strong policies and frameworks to manage financial crime risks such as Anti-Money Laundering (AML) and fraud prevention, while ensuring compliance with regulatory mandates. The role also includes handling inquiries from law enforcement agencies and banks, managing merchant dues recovery, and overseeing regulatory change implementation. Key Responsibilities: Policy Development & Oversight: Develop, enhance, and oversee comprehensive policies and procedures for financial crime risk management, including AML, fraud detection, and prevention strategies. Ensure product-level interventions align with risk mitigation goals. Relationship Management: Manage relationships with banking partners from a risk and compliance perspective. Ensure adherence to VISA, RBI, and NPCI guidelines. Risk Management: Strengthen preventive and detective controls to effectively mitigate financial crime risks within Cashfree Payments ecosystem. Regulatory Compliance: Monitor and ensure full compliance with applicable laws, regulations, and guidelines by implementing necessary process and policy updates. Monitoring & Reporting: Establish and maintain monitoring frameworks for suspicious activities and ensure timely reporting to regulatory authorities and internal stakeholders. Team Leadership: Lead and mentor the financial crime risk team, fostering a strong culture of compliance and risk awareness across the organization. Qualifications & Experience: Bachelor s or advanced degree in Law, Finance, Business Administration, or a related field. 8-10 years of relevant experience in policy development, fraud strategy, and financial crime risk management within fintech or financial services sectors. In-depth understanding of Indian regulatory frameworks related to financial crime and compliance. Exceptional stakeholder management skills, with proven ability to engage effectively with regulators, internal tech/product teams, and banking partners. Strong analytical skills with a data-driven approach to decision-making. Demonstrated leadership experience in managing cross-functional teams and driving organizational change initiatives. Qualification : Bachelors or advanced degree in Law, Finance, Business Administration, or a related field

Staff Engineer DSPM Location: Bangalore, India About the Team Rubrik s Security Apps team focuses on securing customer data across cloud, SaaS, and on-premises environments. As data volumes grow exponentially, so do the associated cybersecurity risks. The team builds scalable and innovative solutions to protect, search, and analyze data seamlessly. Operating like a startup within a startup, they emphasize strong engineering principles, innovation, and teamwork to drive product excellence. About the Role As a Staff Engineer, you will play a critical role in Rubrik s R&D, collaborating closely with product teams to build and evolve scalable, fault-tolerant backend systems. You will lead the development of data ingestion pipelines and advanced analysis engines, shaping the technical direction of multiple projects. Additionally, you will mentor engineers, fostering leadership skills and promoting a culture of technical excellence. What You ll Do Design, develop, test, deploy, and maintain high-performance software systems. Build large-scale distributed systems and storage infrastructure. Develop backend services that ingest and process sensitive data from multiple cloud providers. Create data pipelines for classification, correlation, anomaly detection, automated issue resolution, and customer reporting. Own project priorities, deadlines, and deliverables with end-to-end accountability. Identify and resolve software bottlenecks, driving continual innovation. Provide technical leadership and mentorship to engineers, guiding their growth into leadership roles. Influence architecture and design decisions across teams and projects strategically. Propose and lead process improvements and technical initiatives to boost productivity. Collaborate rapidly with engineers, product designers, and stakeholders to solve real-world problems. Operate effectively in an agile, fast-paced environment, adapting quickly to evolving business needs. Experience & Qualifications Bachelor s or Master s degree in Computer Science or a related field. 13+ years of industry experience solving complex technical problems. Proficiency in one or more programming languages such as Go, Java, C/C++, Scala, or Python. Experience designing and architecting large-scale distributed systems. Proven ability to guide and mentor engineers in scalable software design and implementation. Strong communication and collaboration skills. Experience with public cloud platforms (GCP, AWS, Azure) is a plus. About Rubrik Rubrik is on a mission to secure the world s data with its Zero Trust Data Security platform. Using machine learning, Rubrik Security Cloud protects data across enterprises, cloud, and SaaS environments, enabling resilience against cyberattacks, insider threats, and operational disruptions while ensuring data integrity and availability. Qualification : Bachelors or Masters degree in Computer Science or a related field.

Job Title: Product Specialist Intern Cybersecurity Location: Bengaluru, Karnataka, India Internship Duration: 3 Months | Full-Time About CloudSEK CloudSEK is a cutting-edge AI-powered cybersecurity company that s revolutionizing the way digital threats are detected and mitigated in real-time. Founded in 2015 and headquartered in Singapore, we are committed to developing the fastest, most reliable AI and ML technology to identify, analyze, and resolve cyber threats. Our product suite includes: XVigil: Digital Risk Protection and Threat Intelligence Platform BeVigil: Attack Surface Monitoring and Threat Detection Tool SVigil: Contextual AI for Software Supply Chain Risk Management With rapid global expansion, including operations in India, Southeast Asia, and the Americas, CloudSEK has received accolades such as: NASSCOM-DSCI Excellence Award for Security Product Company of the Year NetApp Excellerator s Best Growth Strategy Award Series A funding of $7M to fuel growth and innovation Join us as we continue to redefine digital risk management! About the Role: Product Specialist Intern We are looking for enthusiastic Product Specialist Interns who are eager to learn and contribute to the cybersecurity space. If you have a passion for technology, client communication, and problem-solving, this is an excellent opportunity for you! As a Product Specialist Intern at CloudSEK, you will play a crucial role in supporting clients and helping them make the most of our cybersecurity products. Key Responsibilities Client Support & Communication: Act as the first point of contact for clients with product-related queries and issues. Provide assistance via email, phone, and online presentations. Troubleshooting & Issue Resolution: Identify, document, and troubleshoot customer issues, providing timely solutions or escalating to the relevant teams. Ownership & Accountability: Take ownership of client issues, ensuring they are resolved efficiently and follow through with the internal teams for prompt resolution. Process & Compliance Tracking: Ensure all processes are followed, and compliance standards are maintained. Product Knowledge & Updates: Stay updated on the latest cybersecurity trends, technologies, and product developments to better assist clients. Skills & Qualifications B.Tech Final Year Engineering students with a focus on Computer Science, Information Technology, or similar fields. Excellent verbal and written communication skills in English. Strong problem-solving capabilities and a keen interest in learning new technologies. Self-driven, with the ability to work independently in a fast-paced startup environment. Basic knowledge of CRM software and MS Office is a plus. Interest in Cybersecurity is a plus, but not mandatory. At CloudSEK, we believe in providing an environment where you can learn, grow, and develop your skills. As an intern, you will: Flexible working hours to promote work-life balance Access to free food, unlimited snacks, and beverages in the office Engage in team bonding activities, games, and music sessions we love to unwind together! A chance to work in an innovative, fast-paced startup culture that encourages creativity and learning If you're passionate about technology, client success, and want to contribute to the world of digital risk protection, CloudSEK is the place for you. Apply now for the Product Specialist Internship and gain hands-on experience with cutting-edge cybersecurity technologies! Qualification : B.Tech Final Year Engineering students with a focus on Computer Science, Information Technology, or similar fields.

Join Our Team as a Security Operations Analyst Location: Bangalore, India (On-site) Department: Information Security At Cytiva, we are advancing the future of therapeutics from discovery to delivery. As a leading global provider of technology and services that help researchers and pharmaceutical companies develop and manufacture life-saving treatments, our work is integral to shaping the future of healthcare. We are seeking a Security Operations Analyst to join our global Information Security Team in Bangalore. In this key role, you will be at the forefront of protecting our digital assets and infrastructure by monitoring, analyzing, and responding to security incidents. By proactively identifying threats and vulnerabilities, you will help minimize risk and ensure business continuity. What You ll Do Lead Security Incident Response: Conduct advanced security incident analysis and digital forensics to identify and mitigate threats. Lead investigations into malware, network traffic anomalies, and endpoint detection. Provide Expertise: Guide and mentor L1 and L2 SOC analysts, enhancing the quality of security alerts and incident handling. Optimize Security Tools: Collaborate with engineering teams to fine-tune SIEM tools (e.g., Splunk, Microsoft Sentinel, Elastic Security) and other security technologies for improved detection and response. Proactive Threat Hunting: Identify hidden threats within the organization through threat hunting activities, reducing the potential attack surface. Enhance Security Posture: Partner with other IT and security teams to strengthen the overall security posture, ensuring resilient systems and infrastructures. Post-Incident Reporting: Produce detailed incident reports and provide recommendations for security improvements, leading post-incident reviews with cross-functional teams. Who You Are Experience: Minimum of 5+ years in a corporate IT environment, including at least 2 years in an L3 or senior analyst role. Security Knowledge: Deep expertise in security frameworks such as MITRE ATT&CK, NIST, CIS Controls, and ISO 27001. Technical Skills: Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar, ArcSight) and EDR/XDR solutions. Vendor certifications are a plus. Incident Response Expertise: Strong background in incident response, threat hunting, and forensic investigations. Cloud Security Knowledge: Familiarity with cloud security platforms (AWS, Azure, Google Cloud) and modern attack techniques. Certifications like OSCP, CEH are advantageous. Additional Skills That Would Be a Plus: Scripting & Automation: Proficiency in scripting (e.g., Python, PowerShell, Bash) to automate security processes and improve SOC workflows. Specialization: Expertise in EDR, SIEM, UBA, DLP, or Data Security. OT Environments: Experience with Operation Technology (OT) environments is an advantage. Innovative Culture: Join a dynamic, global team dedicated to advancing healthcare through technology and innovation. Impactful Work: Your role will directly contribute to the security and integrity of vital technologies used in the life sciences industry. Global Collaboration: Work with cross-functional teams around the world, contributing to an organization's critical security initiatives. Growth Opportunities: Benefit from continuous learning, career development, and the chance to make a tangible impact on both the organization and the industry. Apply now and be part of a team that is dedicated to ensuring the security of life-saving technologies.