147 Incident Response jobs in Hyderabad
Security Incident Response Lead
Posted today
Job Viewed
Job Description
Greetings from TCS!
Role: SOC Architect
Experience: 10-13 years
Location: Pan India
Must-Have**
1. Google Secops/SIEM
2. EDR
3. Email Security/Phishing
4. Incidents investigation and Triaging
5. Threat Hunting
Job Description:
- Analyze complex security incidents escalated from L1 and L2.
- Identify root cause and attack vectors.
- Proactively search for hidden threats or intrusions that bypass automated dectections.
- Conduct static and dynamic malware analysis.
- Improve SIEM rules, alerts and usecases based on incident learning.
- Analyze and incorporate threat intelligence feeds.
- Develop scripts or playbooks for automating repetitive tasks.
Thanks & Regards
Sindhuja Polisetty
HR TAG – Cyber Security
Tata Consultancy Services
Cybersecurity Incident Response Engineer
Posted today
Job Viewed
Job Description
Job Title :- Cyber Security Engineer
Experience: 6 to 9Years
Location: Hyderabad, Chennai
Virtual Drive : 10am to 4pm
Job Description:
Desired Competencies (Technical/Behavioral Competency)
Must-Have**
(Ideally should not be more than 3-5)
Continuously monitor:
- Monitor security alerts and events from various sources, including Microsoft Sentinel, Defender for Endpoint and Defender for Cloud.
- Perform log management: Perform log ingestion, define use cases, and create alerts for critical assets.
- Develop Detection Rules: Create, implement, and fine-tune analytical rules, alerts, and queries in Microsoft Sentinel and Defender to detect security incidents and reduce false positives.
- Behavioral Analytics: Leverage user and entity behavior analytics (UEBA) to identify abnormal activities and enhance detection capabilities.
- Customize Playbooks: Develop and customize automation playbooks in Sentinel and defender to streamline incident response processes and improve efficiency.
- Threat Hunting: Using IOCs and threat intelligence, perform threat hunting across environment.
Incident Response
- Analyze and investigate security incidents to identify potential threats.
- Respond promptly to security incidents, provide initial analysis, conduct business impact assessment, isolate, eradicate and recover from threats.
- Document and report incidents, ensuring accurate and comprehensive records.
- Follow established incident response procedures, playbooks and contribute to their enhancement.
Testing and Validation
- Participate in Blue RedPurple team exercises.
- Participate in Cyber crisis simulations.
- Participate in Table-top exercises.
Business Context and Risk Management
- Understand the Business value chain.
- Understand key Business processes.
- Understanding the Business architecture and mapping to crown jewels (critical assets)
- Risk management with the ability to conduct risk assessments when required.
Endpoint Detection and Response (EDR)
- Manage and maintain endpoint security and compliance.
- Perform daily health checks endpoint security and EDR solutions and remediate accordingly.
- Conduct regular scans and assessments to identify and mitigate potential vulnerabilities.
- Collaborate with IT teams to ensure endpoint security configurations align with organizational standards.
Good-to-Have Skills/ Competencies
- Communication: Excellent written and verbal communication skills in English, with the ability to effectively communicate technical information to both technical and non-technical audiences.
- Collaboration: Willing and able to share knowledge and learn from colleagues
- Time Management: Ability to work in independent environments under aggressive timelines and pressure.
- Reporting skills: Outstanding written skills for preparing email feedback and incident reports
- Ability to manage stress and pressure.
- Passion for continuous learning and development
- A “go getter” who is willing to go the extra mile to identify problems and recommend innovative solutions.
SN
Responsibility of / Expectations from the Role
1
Must have 4+ years’ experience in a SOC or Cybersecurity related role.
2
Candidates with the following technology experiences will be preferred: Microsoft Defender XDR, EDR, JAMF, Symantec DCS, DNS, network security, Online Brand Protection platforms, Mimecast, Symantec DLP, Next DLP, FortiAnalyzer, Sophos, CrowdStrike and Azure Sentinel.
3
Experience with common information technologies (Windows, VMware, and Cisco as well as some UNIX, Linux).
4
Experience with security tools (WAF, Proxy, DNS, IDS, firewalls, anti-virus, data loss prevention, Azure Entra ID, IAM, PAM, MFA, NAC, DLP).
5
Knowledge of Cloud Security Operations (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data Protection.
6
Effective verbal and written communication skill
Senior Incident Response Coordinator
Posted today
Job Viewed
Job Description
Major Incident Manager (Escalation Management Team)
Location: Hyderabad
Experience: 8-15 years
Immediate Joiner preferred.
Kindly share resume to with Sub of "MIM" along with notice period.
Responsibilities
We are seeking a proactive and skilled Major Incident Manager to join our Escalation Management team. In this critical role, you will lead high-priority incident bridges to ensure rapid service restoration by coordinating with resolver groups and keeping stakeholders informed with timely updates. You will work closely with internal teams across SRE, Business Partners, R&D, Services, Sales, and Support, as well as with customers, to drive resolution of critical technical issues and provide executive-level visibility into incident status and customer impact. This role requires availability during CST hours and includes shift work and/or on-call responsibilities to ensure 24/7 incident coverage and timely communication to leadership.
- Serve as the first escalation point for the Event Management team and lead major incident bridges to ensure rapid service restoration.
- Act as the single point of contact for complex, high-priority escalations across global teams.
- Own and drive the end-to-end resolution of major incidents, including coordination with resolver groups and timely stakeholder communication.
- Collaborate with cross-functional teams (R&D, Product Management, Support, Sales, and Services) to troubleshoot issues and allocate appropriate resources.
- Monitor incident progress and ensure alignment with resolution timelines and customer expectations.
- Conduct Post-Incident Reviews, prepare customer facing summaries and internal incident reports to capture lessons learned and drive improvements.
- Own and manage problems, ensuring timely updates, resolution, and closure.
- Partner with Engineering, P&T, and Process Owners to improve service stability and reduce incident recurrence.
- Analyze escalation trends and risks, contributing to the Problem Management lifecycle and continuous service improvement.
- Maintain clear communication with internal and external stakeholders via email and Microsoft Teams.
- Develop and maintain escalation management plans, including resource coordination and technical action plans.
- Initiate hierarchical escalations when necessary and ensure leadership engagement.
- Ensure accurate documentation of escalation activities and compliance with escalation policies.
- Validate customer satisfaction before closure and ensure post-resolution monitoring is completed.
- Provide event management support during low-incident periods.
- Participate in a shared 24x7 on-call rotation to ensure incident coverage and timely response.
- Adhere to the critical service level agreements defined for the project
- Champion a culture of continuous improvement by challenging outdated processes, identifying inefficiencies, and driving structured, actionable plans for enhancement.
- Ensure strict adherence to critical service level agreements (SLAs) and operational standards.
- Demonstrate thought leadership by incorporating industry best practices from leading product and startup environments to enhance incident and major incident management processes.
- Promote the adoption of AI and automation to streamline outage management and improve response efficiency.
- Encourage open communication, proactively raise concerns, and collaborate cross-functionally to resolve systemic issues.
Qualifications
Minimum qualifications
Bachelor's Degree required. Preferably in Computer Science, Information Systems, or related field.
Preferred qualifications
- Excellent verbal and written communication skills in English.
- Relevant years of experience in global Major Incident Management or a similar role, with a strong background in handling incidents across complex technical environments.
- Working knowledge of infrastructure components such as hypervisors, storage, databases, networking (TCP/IP, iSCSI, VMware VDS), and compute environments on both Windows and Linux platforms.
- Familiarity with cloud platforms including AWS, Azure, and GCP, with a solid understanding of core cloud and infrastructure concepts.
- Experience managing major incidents involving cloud services, infrastructure, and enterprise applications.
- Proficient in ServiceNow (Incident, Problem, Change, and Service Request modules), PagerDuty, Microsoft Teams, Power Automate, New Relic, Harness, and MS Copilot.
- Understanding of web and application servers (IIS, Apache, Tomcat) and database technologies such as Microsoft SQL Server.
- Exposure to monitoring tools like AppDynamics, SolarWinds, New Relic, SCOM, Nagios, or Zenoss.
- Basic scripting skills in PowerShell or similar tools.
- Hands-on experience with ITSM platforms, preferably ServiceNow.
Senior Associate Information Security Incident Response Analyst
Posted 2 days ago
Job Viewed
Job Description
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Senior Associate Information Security Incident Response Analyst is a developing subject matter expert, responsible for assisting with the detection and monitoring of threats and suspicious activity affecting the organization's technology domain.
This role supports the work of technical staff from various business areas as well as third-party technical experts.
The Senior Associate Information Security Incident Response Analyst role uses their developing technical competencies of systems and automated mechanisms to detect unauthorized activity on company information assets.
**Key responsibilities:**
+ Assists with the prevention and resolution of security breaches and ensure incident and problem management processes are initiated.
+ Supports access management activities according to the policy.
+ Assists with the implementation of and discuss security service audit schedules, review access authorisation and perform the required access controls and testing to identify security weaknesses.
+ Supports global team of Cyber Security Analysts and specialists.
+ Notifies internal and/or external teams according to agreed alert priority levels, escalation trees, 2nd level triaging of security alerts, events, and notifications.
+ Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders.
+ Ability to follow and update established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified.
+ Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults.
+ Develops an understanding of current and emerging threats, vulnerabilities, and trends.
+ Supports the review of current configurations of company's production information systems and networks against compliance standards.
+ Provides support in the investigation of information security incident causes and follow processes to resolve these causes.
+ Assists configuration management by applying tools, techniques and processes to track, log and correct information related to CIs.
**To thrive in this role, you need to have:**
+ Knowledge of technological advances within the information security arena.
+ Understanding of inter-relationships in an overall system or process.
+ Knowledge of information security management and policies.
+ Ability to think critically, analyze information, and solve less complex problems.
**Academic qualifications and certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computer Science or related preferred.
+ SANS GIAC Security Essentials (GSEC) or equivalent preferred.
+ SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
+ SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.
**Required experience:**
+ Moderate experience in a Technology Information Security Industry.
+ Moderate experience using End Point Protection Software.
+ Moderate experience using Enterprise Detection and Response software.
+ Moderate experience or knowledge of SIEM and IPS technologies.
+ Moderate experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors.
**Workplace type** **:**
Remote Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
**Third parties fraudulently posing as NTT DATA recruiters**
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters-whether in writing or by phone-in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an **@nttdata.com** email address. If you suspect any fraudulent activity, please contact us ( ) .
(Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response
Posted 1 day ago
Job Viewed
Job Description
Role: Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response
Working Hours: Monday to Friday, 9 AM – 5 PM PST (U.S. Business Hours)
Reporting To: Security Operations (SecOps) Leader – USA
About the Role: We are seeking an elite Senior Cybersecurity SOC Engineer—a hands-on security expert with deep technical knowledge and proven experience in threat hunting, incident response, and SOC program maturity. This role will report directly to the SecOps Manager in India and requires someone who thrives in a collaborative environment and leads by example. If you are a true expert with Microsoft Sentinel, CrowdStrike, MDE, SOAR platforms, MITRE ATT&CK framework, APT detection, and scripting, this role offers a great opportunity to build and defend a modern SOC environment.
Please note: This is not a SOC Analyst role. Candidates must have 7-10+ years of hands-on SOC Engineer experience with deep threat hunting and incident response expertise. Must be available to work U.S. business hours (PST timezone).
Key Responsibilities:
- Threat Hunting:
- Lead proactive threat hunting initiatives aligned with MITRE ATT&CK framework to identify, investigate, and mitigate advanced threats and adversary behaviors.
- Use telemetry from Microsoft Sentinel, CrowdStrike Falcon, MDE, and other tools to detect anomalies and emerging attack patterns.
- Develop and optimize threat hunting queries and playbooks using KQL, Python, and PowerShell.
- Continuously improve detection coverage to reduce dwell time and prevent breaches.
- Incident Response:
- Design, implement, and maintain an effective Incident Response (IR) program and playbooks covering APTs, ransomware, insider threats, and complex multi-stage attacks.
- Lead investigations on high-fidelity security alerts, conduct root cause analysis, containment, eradication, and recovery.
- Utilize CrowdStrike Falcon EDR (including RTR), Microsoft Defender for Endpoint, and Tenable for comprehensive endpoint and vulnerability correlation during incidents.
- Perform network forensics and packet analysis using Fortinet and Palo Alto firewall logs.
- Manage cloud security incidents within Azure (Azure Sentinel, Security Center) and Microsoft 365 environments.
- Coordinate with internal teams and external partners for timely, coordinated response to security incidents.
- SOC Engineering & Program Maturity:
- Build and mature the SOC’s SIEM and SOAR architecture, detection engineering, and response automation.
- Develop advanced detection logic, hunting queries, and automation workflows.
- Mentor junior SOC members and act as a technical escalation point.
- Collaborate with managed SOC partners and other security teams to enhance detection and response capabilities.
Required Experience & Skills:
- 7+ years of hands-on experience in SOC engineering, with a strong focus on threat hunting and incident response.
Expertise in:
- Microsoft Sentinel (SIEM & SOAR) and advanced KQL queries for hunting and IR
- CrowdStrike Falcon EDR (RTR, IOAs, threat containment)
- Microsoft Defender for Endpoint (MDE) telemetry and IR
- Tenable vulnerability correlation during investigations
- Fortinet and Palo Alto firewalls for forensic analysis
- Microsoft Entra ID (Azure AD), SSO, Conditional Access, MFA security controls
- Deep operational knowledge of MITRE ATT&CK for threat hunting, detection tuning, and adversary simulation.
- Proven ability to analyze and respond to APTs, malware persistence, lateral movement, privilege escalation, command & control, and data exfiltration incidents.
- Strong scripting skills (KQL, Python, PowerShell) for threat hunting automation and incident response workflows.
- Experience with SOAR platforms integration and automation (Microsoft Sentinel SOAR, Palo Alto XSOAR).
- Excellent communication, collaboration, and mentoring abilities.
- Must be able to work U.S. business hours (PST timezone).
Preferred Certifications:
- GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, or equivalent.
- MITRE ATT&CK Defender (MAD), OSCP, or Red Team certifications are a strong plus.
(Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response
Posted 1 day ago
Job Viewed
Job Description
Role: Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response
Working Hours: Monday to Friday, 9 AM – 5 PM PST (U.S. Business Hours)
Reporting To: Security Operations (SecOps) Leader – USA
About the Role: We are seeking an elite Senior Cybersecurity SOC Engineer—a hands-on security expert with deep technical knowledge and proven experience in threat hunting, incident response, and SOC program maturity. This role will report directly to the SecOps Manager in India and requires someone who thrives in a collaborative environment and leads by example. If you are a true expert with Microsoft Sentinel, CrowdStrike, MDE, SOAR platforms, MITRE ATT&CK framework, APT detection, and scripting, this role offers a great opportunity to build and defend a modern SOC environment.
Please note: This is not a SOC Analyst role. Candidates must have 7-10+ years of hands-on SOC Engineer experience with deep threat hunting and incident response expertise. Must be available to work U.S. business hours (PST timezone).
Key Responsibilities:
- Threat Hunting:
- Lead proactive threat hunting initiatives aligned with MITRE ATT&CK framework to identify, investigate, and mitigate advanced threats and adversary behaviors.
- Use telemetry from Microsoft Sentinel, CrowdStrike Falcon, MDE, and other tools to detect anomalies and emerging attack patterns.
- Develop and optimize threat hunting queries and playbooks using KQL, Python, and PowerShell.
- Continuously improve detection coverage to reduce dwell time and prevent breaches.
- Incident Response:
- Design, implement, and maintain an effective Incident Response (IR) program and playbooks covering APTs, ransomware, insider threats, and complex multi-stage attacks.
- Lead investigations on high-fidelity security alerts, conduct root cause analysis, containment, eradication, and recovery.
- Utilize CrowdStrike Falcon EDR (including RTR), Microsoft Defender for Endpoint, and Tenable for comprehensive endpoint and vulnerability correlation during incidents.
- Perform network forensics and packet analysis using Fortinet and Palo Alto firewall logs.
- Manage cloud security incidents within Azure (Azure Sentinel, Security Center) and Microsoft 365 environments.
- Coordinate with internal teams and external partners for timely, coordinated response to security incidents.
- SOC Engineering & Program Maturity:
- Build and mature the SOC’s SIEM and SOAR architecture, detection engineering, and response automation.
- Develop advanced detection logic, hunting queries, and automation workflows.
- Mentor junior SOC members and act as a technical escalation point.
- Collaborate with managed SOC partners and other security teams to enhance detection and response capabilities.
Required Experience & Skills:
- 7+ years of hands-on experience in SOC engineering, with a strong focus on threat hunting and incident response.
Expertise in:
- Microsoft Sentinel (SIEM & SOAR) and advanced KQL queries for hunting and IR
- CrowdStrike Falcon EDR (RTR, IOAs, threat containment)
- Microsoft Defender for Endpoint (MDE) telemetry and IR
- Tenable vulnerability correlation during investigations
- Fortinet and Palo Alto firewalls for forensic analysis
- Microsoft Entra ID (Azure AD), SSO, Conditional Access, MFA security controls
- Deep operational knowledge of MITRE ATT&CK for threat hunting, detection tuning, and adversary simulation.
- Proven ability to analyze and respond to APTs, malware persistence, lateral movement, privilege escalation, command & control, and data exfiltration incidents.
- Strong scripting skills (KQL, Python, PowerShell) for threat hunting automation and incident response workflows.
- Experience with SOAR platforms integration and automation (Microsoft Sentinel SOAR, Palo Alto XSOAR).
- Excellent communication, collaboration, and mentoring abilities.
- Must be able to work U.S. business hours (PST timezone).
Preferred Certifications:
- GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, or equivalent.
- MITRE ATT&CK Defender (MAD), OSCP, or Red Team certifications are a strong plus.
Workday Security Analyst
Posted today
Job Viewed
Job Description
**_Location:_** **_Bogotá, Colombia_**
**_About the job_**
_We are looking for a_ **_Business Analyst - Workday Security_** _to join our People & Culture Digital Team. In this role, you will support the design, configuration, and management of Workday's security model, ensuring that our systems meet business needs while staying secure and user-friendly. You'll collaborate with HR, IT, and other stakeholders to troubleshoot, optimize processes, and contribute to building a strong and growing global team._
**_Ready to push the limits of what's possible?_** _Join Sanofi in one of our corporate functions and you can play a vital part in the performance of our entire business while helping to make an impact on millions around the world. As a_ **_Business Analyst - Workday Security_** _within our_ **_People & Culture Digital Team_** _, you'll help shape and manage Workday's security framework, ensuring our systems remain secure, efficient, and aligned with business needs while contributing to the growth of a new, global team._
**Main responsibilities:**
+ Collaborate with HR, IT, and business teams to gather and document security requirements in Workday.
+ Analyze current security configurations, identify gaps, and recommend improvements.
+ Support the design and configuration of role-based security within Workday.
+ Troubleshoot and resolve user access and security issues in collaboration with the team.
+ Create clear documentation such as process flows, requirements, and security design.
+ Coordinate and support user acceptance testing (UAT) to validate security configurations.
+ Provide guidance and training to stakeholders on security roles, access, and policies.
**_About you:_**
**Experience** :
+ Practical experience working with **Workday Security** , including configuration and troubleshooting of access and roles.
**Soft and technical skills** :
+ Strong analytical and problem-solving abilities, especially in complex security scenarios.
+ Clear communication skills, able to explain technical concepts to non-technical stakeholders.
+ Comfortable collaborating in a cross-functional, global environment and connecting different business needs.
**Education** :
+ _Bachelor's degree in Business, HR, IT, or a related field._
**Languages** :
+ English proficiency required.
**_Why choose us?_**
+ Discover endless opportunities to grow your talent and drive your career, whether it's through a promotion or lateral move, at home or internationally.
+ You'll be part of leading the first experiences a job seeker has with Sanofi and ensuring it is best-in-class and driving conversions.
+ You'll be part of a truly diverse cross-cultural team and can have real business impact.
+ Flexible working policies, including up to 50% remote work.
+ Private medical care, life and health insurance, and gender-neutral paid parental leave
+ Colombia is one of Sanofi's key locations for new talents, having a big footprint with the Bogota HUB and its best-in-class operation.
+ Mexico and Argentina Play an instrumental part in creating best practice and innovation within our 3 vaccines production plants.
**Pursue** _Progress_ . **Discover** _Extraordinary_ .
Progress doesn't happen without people - people from different backgrounds, in different locations, doing different roles, all united by one thing: a desire to make miracles happen. You can be one of those people. Chasing change, embracing new ideas and exploring all the opportunities we have to offer. Let's pursue progress. And let's discover extraordinary together.
At Sanofi, we provide equal opportunities to all regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, or gender identity.
Watch our ALL IN video ( and check out our Diversity Equity and Inclusion actions at sanofi.com ( !
#LI-LAT
#LI-Hybrid
**Pursue** **_progress_** **, discover** **_extraordinary_**
Better is out there. Better medications, better outcomes, better science. But progress doesn't happen without people - people from different backgrounds, in different locations, doing different roles, all united by one thing: a desire to make miracles happen. So, let's be those people.
At Sanofi, we provide equal opportunities to all regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, ability or gender identity.
Watch our ALL IN video ( and check out our Diversity Equity and Inclusion actions at sanofi.com ( !
Global Terms & Conditions and Data Privacy Statement ( is dedicated to supporting people through their health challenges. We are a global biopharmaceutical company focused on human health. We prevent illness with vaccines, provide innovative treatments to fight pain and ease suffering. We stand by the few who suffer from rare diseases and the millions with long-term chronic conditions.
With more than 100,000 people in 100 countries, Sanofi is transforming scientific innovation into healthcare solutions around the globe. Discover more about us visiting or via our movie We are Sanofi ( an organization, we change the practice of medicine; reinvent the way we work; and enable people to be their best versions in career and life. We are constantly moving and growing, making sure our people grow with us. Our working environment helps us build a dynamic and inclusive workplace operating on trust and respect and allows employees to live the life they want to live.
All in for Diversity, Equity and Inclusion at Sanofi - YouTube (
Be The First To Know
About the latest Incident response Jobs in Hyderabad !
Principal Security Analyst
Posted 2 days ago
Job Viewed
Job Description
At Oracle Cloud Infrastructure (OCI) we build the future of the cloud for Enterprises. We act with the speed and attitude of a start-up along with the scale and customer focus of the leading enterprise software company in the world.
**About the team:**
The Enterprise Engineering SRE team is tasked with ensuring the security and compliance of internal systems by conducting regular audits, identifying potential gaps in existing standards and proactively improving the organization's overall security posture. The team plays a critical role in safeguarding the integrity, confidentiality and availability of all systems while driving risk management initiatives across departments including disaster recovery planning and execution. We are also responsible for liaising with various internal teams during audits, ensuring data sharing is concise, accurate and aligned for successful audit outcomes.
**Ideally, the candidate will possess several of the following skills:**
Supports the strengthening of Oracle's security posture, focusing on one or more of the following: regulatory compliance; risk management; incident management and response; security policy development and enforcement; Threat and Vulnerability Management; Incident Management and response and similar focus areas.
+ **Regulatory Compliance:** Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, CMMC, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance
+ **Risk Management:** Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. Conduct and document very complex information security risk assessments and assist in the creation and implementation of security solutions and programs
+ **Cloud Security:** In-dept knowledge of cloud security principles and best practices, including securing cloud infrastructure, services, and applications in platforms, OCI experience is a plus
+ **Threat and Vulnerability Management:** Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required
+ **Incident Management and response:** Brings advanced level skills to respond to security events and responding in line with Oracle incident response playbooks to mitigate vulnerabilities
+ Mentors and trains other team members
+ Compiles information and reports for management
**Qualifications:**
+ Bachelor's degree in computer science, Information Security, or a related field. Master's degree preferred
+ 8+ years of experience in information systems, business operations, or related fields,
+ 3+ years of experience in security operations, with a focus on incident detection, response, and vulnerability remediation
+ Relevant certifications such as CISSP, CISM, CISA, or GIAC certifications are preferred
+ Solid understanding of networking protocols, operating systems (Linux, Windows), MiddleTier, Database, cloud computing and end point computing management
+ Excellent communication skills with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders
+ Proven leadership abilities with experience leading security projects and initiatives independently
+ Experience with security tools such as SIEM platforms, intrusion detection/prevention systems, and endpoint security solutions
+ Ability to work independently and collaboratively in a fast-paced environment
+ Strong analytical and problem-solving skills with a keen attention to detail
Career Level - IC4
**Responsibilities**
+ Oversee and manage internal audit processes to ensure adherence to security and compliance standards
+ Act as the primary liaison between internal teams, facilitating effective communication and collaboration to ensure audits are completed efficiently and accurately
+ Assess the effectiveness of security controls and ensure auditing requirements are clearly documented, defined and communicated to necessary teams
+ Ensure the timely and accurate sharing of data across departments to support successful audit outcomes
+ Continuously assess and enhance the organization's security posture by addressing any identified weaknesses
+ Lead and manage departmental risk management programs, ensuring alignment with broader organizational risk mitigation strategies
+ Facilitate and drive disaster recovery (DR) planning and preparedness across departments to minimize operational disruptions in case of incidents
+ Collaborate with cross-functional teams to establish and maintain robust security policies and procedures, ensuring alignment with industry best practices
+ Make recommendations and provide guidance/consultation regarding process improvements necessary for remediating internal control gaps. Engage with required teams to close the gap
+ Develop and maintain cybersecurity documentation such as the System Security Plan (SSP), Privacy Impact Assessment (PIA), Configuration Management Plan (CMP), Plan of Action and Milestones (POA&M), and Standard Operating Procedures (SOP) as necessary
+ Develop, implement, and maintain industry best practices and regulatory security policies, procedures, and system standards (servers, databases, endpoints, and application design)
+ Engagement in cloud security technologies and protocols, including cloud security architecture, identity and access management, and data protection
+ Write stakeholder reports to explain the assessment, audit results, and recommendations. Create and provide metrics for cybersecurity leadership. Brief executive leadership on compliance matters
**About Us**
As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity.
We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all.
Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing or by calling in the United States.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
Principal Security Analyst
Posted 2 days ago
Job Viewed
Job Description
At Oracle Cloud Infrastructure (OCI) we build the future of the cloud for Enterprises. We act with the speed and attitude of a start-up along with the scale and customer focus of the leading enterprise software company in the world.
**About the team:**
The Enterprise Engineering SRE team is tasked with ensuring the security and compliance of internal systems by conducting regular audits, identifying potential gaps in existing standards and proactively improving the organization's overall security posture. The team plays a critical role in safeguarding the integrity, confidentiality and availability of all systems while driving risk management initiatives across departments including disaster recovery planning and execution. We are also responsible for liaising with various internal teams during audits, ensuring data sharing is concise, accurate and aligned for successful audit outcomes.
**Ideally, the candidate will possess several of the following skills:**
Supports the strengthening of Oracle's security posture, focusing on one or more of the following: regulatory compliance; risk management; incident management and response; security policy development and enforcement; Threat and Vulnerability Management; Incident Management and response and similar focus areas.
+ **Regulatory Compliance:** Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, CMMC, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance
+ **Risk Management:** Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. Conduct and document very complex information security risk assessments and assist in the creation and implementation of security solutions and programs
+ **Cloud Security:** In-dept knowledge of cloud security principles and best practices, including securing cloud infrastructure, services, and applications in platforms, OCI experience is a plus
+ **Threat and Vulnerability Management:** Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required
+ **Incident Management and response:** Brings advanced level skills to respond to security events and responding in line with Oracle incident response playbooks to mitigate vulnerabilities
+ Mentors and trains other team members
+ Compiles information and reports for management
**Qualifications:**
+ Bachelor's degree in computer science, Information Security, or a related field. Master's degree preferred
+ 8+ years of experience in information systems, business operations, or related fields,
+ 3+ years of experience in security operations, with a focus on incident detection, response, and vulnerability remediation
+ Relevant certifications such as CISSP, CISM, CISA, or GIAC certifications are preferred
+ Solid understanding of networking protocols, operating systems (Linux, Windows), MiddleTier, Database, cloud computing and end point computing management
+ Excellent communication skills with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders
+ Proven leadership abilities with experience leading security projects and initiatives independently
+ Experience with security tools such as SIEM platforms, intrusion detection/prevention systems, and endpoint security solutions
+ Ability to work independently and collaboratively in a fast-paced environment
+ Strong analytical and problem-solving skills with a keen attention to detail
Career Level - IC4
**Responsibilities**
+ Oversee and manage internal audit processes to ensure adherence to security and compliance standards
+ Act as the primary liaison between internal teams, facilitating effective communication and collaboration to ensure audits are completed efficiently and accurately
+ Assess the effectiveness of security controls and ensure auditing requirements are clearly documented, defined and communicated to necessary teams
+ Ensure the timely and accurate sharing of data across departments to support successful audit outcomes
+ Continuously assess and enhance the organization's security posture by addressing any identified weaknesses
+ Lead and manage departmental risk management programs, ensuring alignment with broader organizational risk mitigation strategies
+ Facilitate and drive disaster recovery (DR) planning and preparedness across departments to minimize operational disruptions in case of incidents
+ Collaborate with cross-functional teams to establish and maintain robust security policies and procedures, ensuring alignment with industry best practices
+ Make recommendations and provide guidance/consultation regarding process improvements necessary for remediating internal control gaps. Engage with required teams to close the gap
+ Develop and maintain cybersecurity documentation such as the System Security Plan (SSP), Privacy Impact Assessment (PIA), Configuration Management Plan (CMP), Plan of Action and Milestones (POA&M), and Standard Operating Procedures (SOP) as necessary
+ Develop, implement, and maintain industry best practices and regulatory security policies, procedures, and system standards (servers, databases, endpoints, and application design)
+ Engagement in cloud security technologies and protocols, including cloud security architecture, identity and access management, and data protection
+ Write stakeholder reports to explain the assessment, audit results, and recommendations. Create and provide metrics for cybersecurity leadership. Brief executive leadership on compliance matters
**About Us**
As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity.
We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all.
Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing or by calling in the United States.
Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.