102 Incident Response jobs in Chennai

A security analyst protects an organization's digital assets by monitoring networks for threats, responding to incidents, and implementing security measures like firewalls and encryption. Key responsibilities include performing risk assessments, identifying vulnerabilities, conducting threat research, developing security best practices and training programs, and ensuring compliance with data protection regulations. They maintain and operate security software and contribute to disaster recovery plans to safeguard sensitive data from cyberattacks and breaches.

Job Types: Full-time, Permanent, Fresher

Pay: ₹18, ₹47,590.96 per month

Benefits:

• Health insurance
• Paid sick time
• Paid time off
• Provident Fund

Work Location: In person

Roles and Responsibility

• Conduct thorough risk assessments and vulnerability testing to identify potential security threats.
• Develop and implement comprehensive security strategies to mitigate identified risks.
• Collaborate with cross-functional teams to ensure seamless integration of security measures.
• Monitor and analyze security event logs to detect anomalies and respond promptly to incidents.
• Stay up-to-date with emerging trends and technologies in cybersecurity.
• Provide expert guidance on security best practices to internal stakeholders.

Job Requirements

• Strong understanding of security principles, including threat analysis and risk management.
• Proficiency in security tools such as firewalls, intrusion detection systems, and antivirus software.
• Excellent analytical and problem-solving skills, with attention to detail and the ability to work under pressure.
• Effective communication and collaboration skills, with the ability to work with diverse teams.
• Ability to adapt to changing priorities and deadlines in a fast-paced environment.
• Strong knowledge of industry standards and regulations related to security, such as HIPAA or PCI-DSS.

Role & responsibilities

• Pursue specialization in specific areas of security operations, such as threat hunting, malware analysis, or digital forensics, through targeted training and hands-on experience.
• Utilize Splunk SIEM and CrowdStrike EDR tools to monitor, detect, and respond to security incidents.
• Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals.
• Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations.
• Support Monitoring Team to take remote session with user for troubleshooting the user machines to remove malware.
• Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats.
• Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities.
• shift-leading capabilities, managing SOC operations during assigned shifts, including supervision of GET/Associate Security Analysts and coordination of incident response activities.
• Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution.
• Flexible to Provide support to 24/7 L1 Monitoring shift members

Preferred candidate profile

• Proven experience using Splunk SIEM, including the ability to analyze prepared use cases, contribute to the creation of custom dashboards, and fine-tune false positive alerts.
• Good knowledge of SIEM architecture.
• Excellent skills in email security incident handling, including investigating phishing emails and providing verdicts, as well as basic knowledge of Office 365 Email Exchange.
• Experience with CrowdStrike EDR for security monitoring and threat detection, along with static and dynamic malware analysis and interactive sandbox report analysis capabilities.
• ITIL tool experience, particularly with Service-Now.
• Exposure to firewall and WAF log analysis.
• Strong knowledge of security SOP creation and maintenance.
• Basic knowledge of file integrity monitoring.
• Understanding of security compliance frameworks such as PCI and NIST.
• Basic understanding of vulnerability management and experience with tools such as Rapid7 and Nessus.
• Experience with cloud security monitoring, including AD risky detections and Defender for Cloud.
• Excellent communication and presentation skills.
• Commitment to continuous learning and professional development.
• Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM

About the company

Lexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success.

Lexitas offers an array of services including local and national court reporting, medical record retrieval, process service, registered agent services and legal talent outsourcing. Our reach is truly national as well as international.

Lexitas is a MNC Company that has set up a subsidiary in Chennai, India – Lexitas India Pvt. Ltd. This Indian company will be the Lexitas Global Capability Center, helping build a world class IT development team, and over time serve as a Shared Services hub for several of the corporate functions.

For More Information -

This is a Full-Time Job located in Chennai, India.

Summary:

This position supports information security, privacy, risk and compliance programs and activities under the direction of the VP of Information Security or designated Information Security Manager. The position assists in developing and maintaining a comprehensive security program for Lexitas. Providing functional and technical support is important to maintain security posture and protection of electronically and physically stored information assets across our systems. Tasks include supporting design, implementation, configuration, documentation, and maintenance to mitigate risk to the business and its computing resources and assets, as well as collaborating with applicable providers, managing and monitoring tools, and facilitating applicable processes and procedures.

Key Roles and Responsibilities :

• Supports IT security, privacy, risk and compliance systems, processes, supporting activities, with the ability to lead activities and programs.
• Monitors computer networks and associated tools and provider services for security, privacy, risk and compliance issues
• Supports the project management, tracking, and documentation of Information, Privacy, Risk, and Compliance programs, processes, and activities
• Investigate security breaches and cybersecurity incidents.
• Documents security breaches and assesses impact.
• Performs and/or supports security tests, risk assessments, and audits to uncover network, application, and process vulnerabilities and provides guidance and training to ensure violations do not persist.
• Tracks and facilitates the mitigation of vulnerabilities to maintain a high security standard.
• Supports best practices for IT security, privacy and compliance.
• Performs and supports 3rd party vulnerability management and penetration testing.
• Research security enhancements and makes recommendations to management.
• Stays current on information technology trends and security standards.
• Prepares reports that detail security, privacy, and compliance risk assessment findings.
• Supports Security Operations Center functions including monitoring and supporting Incident Response activities.
• Supports all related IT Security, Privacy, Risk and Compliance policies and provides guidance to the business.
• Other Information Security, Privacy, Risk, and Compliance duties as required.

Skills and Abilities:

• Experience with computer network and application vulnerability management and penetration testing, and techniques.
• Solid understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts
• Ability to identify and mitigate network and application vulnerabilities.
• Good understanding of patch management
• Proficient with various OS
• Excellent written and verbal communication skills
• Knowledge of firewalls, antivirus, and intrusion detection system concepts
• Ability to support and document areas of Information Security, Privacy, Risk, and compliance processes and programs.
• Ability to support incident response process.
• Experience directing 3rd Party providers in the areas of Information Security, Privacy, Risk and Compliance
• Support information security controls including physical and data security protecting the confidentiality, integrity and availability of information systems data.
• Preferred KSA’s:
• Strong working knowledge and experience with primary Information Security, Privacy, Risk, and compliance standards and frameworks such as NIST, SOC 2, HIPAA, PCI DSS, GDPR, etc.
• Experience administering information security software and controls.
• Experience supporting process for managing network and application security.
• Network and system administration experience a plus.
• Good understanding of Standard Information Security Baseline Frameworks, Business Continuity, and Disaster Recovery protocols and best practices.
• Exposure to ITIL (Incident/Change Management) – ITIL v3F preferred.
• Learns and monitors the business processes for the areas of primary support responsibility.
• Support annual Security Baseline Audits and execution of recommendations.
• As part of the technology team, performs “Help Desk” day-to-day tasks in support of Information Security, Privacy, Risk, and Compliance.

Education and Experience:

• Bachelor’s degree in computer science or related field strongly preferred.
• IAT Level-2 technical certification strongly preferred (Comp TIA Security+ or CISSP) or ability to obtain within first 90 days of hire.
• 5+ years’ experience performing role of Information Security Analyst or SOC
• Demonstrated experience in responding to, managing, and resolving security incidents.
• Experience with LAN/WAN networking concepts, IP addressing and routing concepts, Windows/Linux/Unix operating systems, Information Security concepts, and best practices.
• Experience with Windows/Linux/Unix operating systems, Information Security concepts, and best practices.
• Experience working with Security Information and Even Management (SIEM) system is a plus.

Job Summary
:
The SAP Security Analyst will play a crucial role in ensuring the integrity, confidentiality, and availability of our SAP systems. You will manage SAP security roles, authorizations, and compliance across ECC, FIORI, and S/4HANA, ensuring adherence to policies and regulations. Responsibilities include user access provisioning, GRC maintenance, security audits, and incident response. Your expertise will help us maintain a secure and efficient SAP environment that supports our business processes and objectives.

The SAP Security Analyst provides knowledge transfer on best practices and may be responsible for training IT and business members.

Primary Duties And Responsibilities

• Maintain SAP security roles and authorizations with a focus on SAP ECC / FIORI and S4 HANA to meet business needs and compliance requirements.
• Provision access, change access, and terminate access in accordance with defined processes and approvals.
• Conduct regular system audits to detect deviations from established policies, standards, and regulatory requirements.
• Collaborate with various teams to understand business requirements and ensure that SAP security strategies align with business objectives and IT security policies.
• Maintain Control Panel GRC (Governance, Risk, and Compliance) modules, including Access Control, Process Control, Risk Management and Fire Fighter Provisioning.
• Develop and maintain documentation related to SAP security policies, procedures, and role designs.
• Provide guidance and execution on SAP security best practices, risk management, and compliance strategies.
• Address incident response for SAP security-related issues, including root cause analysis and preventive measures.
• Other duties as assigned.

Education And Experience Profile

• Bachelor's degree in computer science, information security or a related field.
• 3 or more years of experience in SAP Security , Architecture, with a strong focus on SAP ECC.
• Fundamental understanding of SAP security concepts, role design, GRC, and compliance management.
• Experience with SAP HANA, S/4HANA and FIORI security models is highly desirable.
• Familiarity with industry standards and regulations related to information security and data protection (e.g., ISO 27001, GDPR, SOX).
• Certifications in SAP Security and/or GRC would be a plus.

Required Skills
Analytical and problem-solving skills.

Excellent communication and interpersonal abilities.

Ability to work collaboratively in a team environment and with stakeholders from different functional areas.

Ability to manage multiple priorities in a fast-paced environment.

Detail-oriented with a commitment to excellence and high standards.

We are the ASSA ABLOY Group
Our people have made us the global leader in access solutions. In return, we open doors for them wherever they go. With nearly 63,000 colleagues in more than 70 different countries, we help billions of people experience a more open world. Our innovations make all sorts of spaces – physical and virtual – safer, more secure, and easier to access.

As an employer, we value results – not titles, or backgrounds. We empower our people to build their career around their aspirations and our ambitions – supporting them with regular feedback, training, and development opportunities. Our colleagues think broadly about where they can make the most impact, and we encourage them to grow their role locally, regionally, or even internationally.

As we welcome new people on board, it's important to us to have diverse, inclusive teams, and we value different perspectives and experiences.

Radware, a global leader of application delivery and cybersecurity solutions for virtual, cloud, and software-defined data centers is looking for SOC ERT Expert for Radware's SaaS WAF, BOT and DDoS Cloud-based solutions.
Responsibilities:
Build expertise in Radware Cloud security products
Attending Customer cases over multiple channels phone, teams, tickets for the cloud security products.

Own the customer issues, follow up with RnD.

Provide risk assessment for incidents & impact, and lead customer escalations as the first technical management point of contact

Provide official security reports, RCA, post attack analysis to customers and internal leadership team

Requirements:
5+ years leading a SOC or Technical Support team in a cybersecurity SaaS organization, experience with application & network security

Excellent understanding of network protocols (e.g., IPv4, TCP/IP, VPN, IPSec, HTTP, DNS).

Experience in network and/or application security focusing on IPS/IDS, WAF, firewalls

Excellent communication and presentation skills in English. You can clearly communicate goals, processes, and policies. You are confident working with leadership teams and executive decision-makers

Knowledge and experience with Data Science, Big Data, No SQL and SQL queries – An advantage

Willing to be on alert during off-work hours as necessary

Excellent time management, multi-tasking, and prioritization skills

Customer service skills. You have the ability to evaluate, troubleshoot, and follow-up on customer issues as well as replicate and document for further escalation

Bachelor's degree in Information Management, Computer Science, or other related field is preferred for this position(CCNA certification preferred)

Primary Location
IN-IN-Chennai

Work Locations
Radware Shield Square India, Chennai

Job
Information / Cyber Security

• An Information Security Analyst monitors and protects an organization's computer networks and systems from cyber threats and data breaches. Key responsibilities include implementing security software like firewalls and encryption, conducting vulnerability assessments and penetration tests, responding to and mitigating security incidents, developing security policies and best practices, creating disaster recovery plans, and educating employees on security awareness. They stay current with emerging threats and often collaborate with IT staff and management to enhance overall security posture.
• Key Responsibilities Monitoring and Detection: Continuously monitor networks for suspicious activity, potential breaches, and viruses.
• Vulnerability Assessment: Identify weaknesses in systems and networks through testing and analysis to prevent unauthorized access. .
• Incident Response: Investigate, respond to, and mitigate security incidents and cyberattacks to minimize damage.
• Implementation of Security Measures: Install and maintain security safeguards, including firewalls, encryption software, and antivirus programs.
• Policy Development: Create and enforce security policies, standards, and best practices for the organization. .Reporting: Prepare detailed reports on attempted attacks, security breaches, and security metrics for management and stakeholders.
• Disaster Recovery: Develop and help implement disaster recovery plans to ensure continued IT operations during emergencies.
• Employee Education: Train employees on cybersecurity awareness, proper security procedures, and best practices to prevent attacks.
• Research and Awareness: Stay updated on the latest cybersecurity trends, technologies, and emerging threats by consulting external sources and industry publications.
• Essential Skills
• Technical Proficiency: Deep knowledge of computer networks, operating systems, security tools, and programming languages like Python and JavaScript.
• Analytical Skills: Ability to quickly process large datasets to identify security vulnerabilities and patterns.
• Communication Skills: Strong ability to explain complex technical information clearly to both technical and non-technical audiences.
• Problem-Solving: Aptitude for diagnosing issues and developing effective mitigation techniques for security threats.
• Attention to Detail: Meticulous in monitoring systems and reviewing security measures for potential gaps.
• Tamil candidates only

Job Type: Full-time

Pay: ₹340, ₹1,167,607.61 per year

Benefits:

• Food provided

Work Location: In person

Mizuho Global Services Pvt Ltd (MGS) is a subsidiary company of Mizuho Bank, Ltd, which is one of the largest banks or so called 'Mega Banks' of Japan. MGS was established in the year 2020 as part of Mizuho's long-term strategy of creating a captive global processing center for remotely handling banking and IT related operations of Mizuho Bank's domestic and overseas offices and Mizuho's group companies across the globe.

At Mizuho we are committed to a culture that is driven by ethical values and supports diversity in all its forms for its talent pool. Direction of MGS's development is paved by its three key pillars, which are Mutual Respect, Discipline and Transparency, which are set as the baseline of every process and operation carried out at MGS.

What's in it for you?

o Immense exposure and learning

o Excellent career growth

o Company of highly passionate leaders and mentors

o Ability to build things from scratch

Know more about MGS: -

We are seeking a skilled and vigilant L1 for handling EDR operations to our dynamic security team. The Ideal candidate will play a key role in monitoring, analysing, and responding to security incident. The primary function of this position is to monitor the Carbon Black EDR alerts and maintain the SLA

Qualifications:

· Graduation/Post graduation in, Computers, Information Systems, Computer Science, or Information technology systems

· 5 to 7 years of work experience as security analyst with hands-on experience of EDRs

· Good to have at least one cyber security certification (CEH, CompTIA+ etc.)

· Knowledge of banking business and information technology practices and trends in banking sector

· Ability to communicate effectively, both orally and in writing.

· Should be comfortable for 24/7 shifts

Roles & Responsibilities

• Proactively research and monitor Carbon black EDR to identify potential threats that may impact the organisation, also able to and troubleshooting EDR agent related issues.

• Knowledge and hands-on experience with Carbon black EDR tool, alert detection and response.

• Analyse endpoint data to identify Indicators of compromise (IOCs) and suspicious activities.

• Understanding of threats, lateral movement, phishing, ransomware, spyware and emerging threats.

• Conduct initial triage and assessment of security incident, including determining the scope and impact.

• Ability to understand the threat intelligence tool for analysing the alerts in detail.

• Understanding of encrypted scripts and have ability to decode it to understand the alert execution.

• Abel to identify the incident and escalate it with seniors within timely manner.

• Understand the alert triage, processes, execution flow and services.

• Escalate confirmed security incidents to level2 analyst or IR team for further investigations.

• Ensure that all EDR operation and tickets are handled and resolved within SLAs.

• Should have expertise on TCP/IP network traffic, Internet protocols and event log analysis.

• Perform detailed analysis of threats and security events, using analytical skills, knowledge, and experience, with a clear narrative to support conclusions.

• Stayed up with latest cybersecurity threats, vulnerabilities, and trends, particularly those relevant to endpoint.

• Maintain awareness of industry best practices and standard for endpoint security and threat detections.

• Knowledge of Runbooks, Playbooks and following Standard Operating Procedures

• Ability to communicate effectively, both orally and in writing.

Personal skills:

• Good Team player.

• Possess Positive and learning attitude.

• Good Verbal and Written communication skills.

• Sense of Ownership, Priorities and Autonomous.

Address
16th Floor, Tower-B Brigade, World Trade centre, 142, Rajiv Gandhi Salai, OMR, Perungudi, Chennai, Tamil Nadu