1,142 Security Operations jobs in India

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage and passion to drive life-changing impact to ZS.

Our most valuable asset is our people .

At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about.

Security Operations Analyst

We are seeking an experienced professional to join our Pune, India office as a Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats.

What you’ll do:

What you’ll bring:

Good to have skills and abilities:

Academic Qualifications:

Perks & Benefits:

ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member.

We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.

Travel:

Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures.

Job Title:  Security Operations Analyst

Location:  Bangalore, Karnataka, India

What you will do:

As a Security Operations Analyst, you will play a critical role in monitoring and responding to security incidents, identifying vulnerabilities, and ensuring compliance with security policies. You will collaborate with various stakeholders to enhance the security posture of our organization and support incident response activities.

How you will do it:

What we look for:

We’re looking for problem solvers, innovators, and dreamers who are searching for anything but business as usual. Like us, you’re a high performer who’s an expert at your craft, constantly challenging the status quo. You value inclusivity and want to join a culture that empowers you to show up as your authentic self. You know that success hinges on commitment, that our differences make us stronger, and that the finish line is always sweeter when the whole team crosses together.

Alteryx is searching for a Security Operations Analyst in India. We’re looking for problem solvers, innovators, and dreamers who are searching for anything but business as usual. Like us, you’re a high performer who’s an expert at your craft, constantly challenging the status quo. You value inclusivity and want to join a culture that empowers you to show up as your authentic self. You know that success hinges on commitment, that our differences make us stronger, and that the finish line is always sweeter when the whole team crosses together.

Position Overview:

As a Security Operations team member, you will be on the front line of protecting Alteryx products, infrastructure, and applications. You will partner with internal stakeholders and all parts of the business to execute on security monitoring and response missions, drive through incident response lifecycles, influence positive changes throughout the organization on security postures, and manage and maintain state of art security technologies to protect the company assets and brand.

Primary Responsibilities :

Requirements:

Find yourself checking a lot of these boxes but doubting whether you should apply? At Alteryx, we support a growth mindset for our associates through all stages of their careers. If you meet some of the requirements and you share our values, we encourage you to apply. As part of our ongoing commitment to a diverse, equitable, and inclusive workplace, we’re invested in building teams with a wide variety of backgrounds, identities, and experiences.

Senior Manager – Security Operations

1. JOB DESCRIPTION

Job Title: Senior Manager – Security Operations

Department: Engineering and Operations

Location: Mumbai

Reporting: Director, Global Security Operations

Job Type: Full Time

Shift: US Hours

1. PRE-REQUISITES

• Passionate for security
• Hands-on experience with Security products and technology
• Strong people management skills
• Possess customer centric approach with empathy
• Managed Network Security support experience on global large-scale networks
• Strong communication, presentation and customer handling skills
• Ability to offer technical and experience-based advice to executives, colleagues and subordinates
• Proven ability on security automation
• Technical expertise in multi-vendor environment
• Firewall: Palo Alto, Fortinet, Checkpoint
• VPN: SSL VPN Global Protect, Cisco Anyconnect
• SASE: Zscaler ZIA, ZPA, ZDX, Palo Alto Prisma
• NAC: Aruba Clear Pass, Cisco ISE
• Load Balancers: F5 BigIP LTM/GTM, Juniper, Netscaler
• SIEM
• Experience on Cloud Infrastructure: Cloud stack, OpenStack, AWS, Azure and Scripting: PERL, Python or any other scripting language will be an added advantage.

1. RESPONSIBILITIES

• Manage Security Operations Center 24x7
• Security Device management for global enterprise large-scale customers
• Manage team of security engineers
• Handle Incident, Problem and Change Management as per ITIL framework
• Handle technical escalations
• Manage ticket queue, participate in Severity 1 and Severity 2 tickets, handle customer escalations
• Create Service Improvement Program
• Create and Present Root Cause Report for Security Incidents
• Act as point of contact for large clients
• Proactively identify risks and vulnerabilities for security devices and drive vulnerability remediation program
• Lead Patch Management process on all Security devices
• Act as lead for Security Incidents and owner for investigation as well as follow-up actions
• Build and Present weekly/monthly/quarterly performance reports and measurement metrics
• Design and execute security operations processes; identify and measure critical Security Operations metrics; and continually improve the efficiency of the Security Operations function
• Ensure asset compliance activities such as keeping track of licensing, support contracts, etc.
• Supervise Security Deployment activities, resource allocation and escalations
• Mentor and conduct training programs
• Create and present annual evaluations, performance development plans and KRAs
• Foster teamwork and show commitment to team objectives; promote collaboration and remove obstacles

1. TRAINING AND CERTIFICATION

• PCNSA, PCNSE, CISSP, NSE4, CCIE Security, CEH

1. EXPERIENCE

• Minimum 12 years of progressive, relevant experience and proven capability to work in a complex network environment

1. EDUCATION

• Bachelor in Engineering - Computers/Electronics/Communication or related field
• Graduate/Post Graduate in Science/Math/IT or related streams with relevant technology experience

JD:

• Minimum of 7 years of experience in Cyber security.
• Proficient in Incident Management and Response, handling escalations
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
• Responsible for working in a 24x7 Security Operation center (SOC) environment and SIEM technologies & Security Event alert Analysis .
• Provide analysis and trending of security log data from a large number of heterogeneous security devices
• Provide threat and vulnerability analysis as well as security advisory services
• Investigate, document, and report on information security issues and emerging trends
• Guide and share information with other analysts and other teams.
• Other tasks and responsibilities as assigned.
• Knowledge of various operating system flavours including but not limited to Windows,
• Linux, Unix
• Good Understanding of Malware analysis and Phishing Analysis
• Good Understanding of Email security
• Knowledge of TCP/IP Protocols, network analysis, and network/security applications;
• Knowledge of common Internet protocols and applications
• Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences
• Knowledge about various tools like – SIEM, XDR, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Service Now Ticketing Toolset Web Security, AV, UBEA, Advanced SOC
• Willingness to work overtime and adjust to reasonable demands from management in case of critical incidents being escalated to L3 for immediate handling.
• Must have cybersecurity incident discovery and event management, network forensics, IPS/IDS, firewalls, content filtering technology, DLP, configuration management and monitoring, endpoint protection, database security, and log collection and analysis understanding
• Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)
• Experience and keen understanding of cybersecurity tools, including SIEM , IDS/IPS, antivirus and endpoint detection & response solutions.
• Experience with leading security incident response
• Involvement in threat intelligence and cybersecurity communities
• Able to multitask and give equal and/or required attention to a variety of functions while under pressure
• Ability to work independently and take ownership of projects and initiatives.
• Excellent written and verbal communication skills required. Must be able to communicate technical details clearly.
• Experience in developing and maintaining Play/Runbooks and/or Standard Operating Procedures in a SOC environment
• Strong troubleshooting, reasoning, and analytical problem-solving skills
• Ability to communicate technical details effectively in writing and verbally to junior IT personnel and management.
• Team player with the ability to work autonomously.
• Security Event Correlation as received from L2 SOC or Incident Response staff or relevant sources to determine increased risk to the business.
• Recognize potential, successful, and unsuccessful intrusion attempts/compromises thorough review and analysis of relevant event detail and summary information.
• Development and execution of SOC procedures
• Triage security events and incidents, detect anomalies, and report/direct remediation actions.
• Ensure confidentiality and protection of sensitive data.
• Analysis of phishing emails reported by internal end users.
• Working with remediation (IT Infra & Ops) teams on events and incident mitigation
• Follow up on remediation activities.