1,973 Sentinelone Edr 4 To 6 Years Bengaluru Mumbai jobs in India

• Monitor security alerts and logs from various sources, including SIEM, IDS/IPS, EDR, and firewalls.
• Analyze security events and investigate potential threats and breaches to determine scope and impact.
• Develop and refine threat detection rules, signatures, and correlation logic.
• Conduct forensic analysis of security incidents to identify root causes and evidence.
• Respond to security incidents, coordinating containment, eradication, and recovery efforts.
• Stay current with the latest threat landscapes, attack vectors, and vulnerability intelligence.
• Develop and implement security best practices and procedures.
• Collaborate with IT operations and other departments to address security vulnerabilities.
• Create detailed incident reports and provide recommendations for security improvements.
• Participate in security awareness training and incident response drills.
• Contribute to the development and maintenance of the organization's Security Operations Center (SOC) capabilities.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 5-7 years of experience in information security, with a focus on threat detection and incident response.
• Proficiency with Security Information and Event Management (SIEM) tools (e.g., Splunk, QRadar).
• Strong understanding of network security, endpoint security, and cloud security concepts.
• Experience with Intrusion Detection/Prevention Systems (IDS/IPS) and Endpoint Detection and Response (EDR) solutions.
• Knowledge of threat intelligence platforms and analysis techniques.
• Relevant certifications such as CISSP, CEH, GIAC, or CompTIA Security+ are highly desirable.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Strong communication skills, both written and verbal, for reporting and collaboration.
• Ability to work under pressure during security incidents.

• Monitor security alerts and investigate potential security incidents.
• Analyze security logs and system events for malicious activity.
• Perform forensic analysis of security breaches and system compromises.
• Develop, implement, and maintain security policies and procedures.
• Conduct vulnerability assessments and penetration testing.
• Manage and configure SIEM, IDS/IPS, and EDR solutions.
• Develop and execute incident response plans.
• Stay informed about emerging threats, vulnerabilities, and security trends.
• Provide recommendations for improving security controls and posture.
• Educate staff on security best practices and awareness.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 4-6 years of experience in information security or a related role.
• Strong understanding of cybersecurity frameworks, principles, and best practices.
• Experience with SIEM tools (e.g., Splunk, LogRhythm), IDS/IPS, and EDR solutions.
• Proficiency in network security, host security, and cloud security concepts.
• Experience with vulnerability scanning and penetration testing tools.
• Excellent analytical, problem-solving, and critical thinking skills.
• Relevant certifications such as CISSP, CEH, CompTIA Security+ are highly desirable.
• Strong written and verbal communication skills.

• Monitor security alerts and events from various security tools, including SIEM, IDS/IPS, and EDR systems.
• Analyze security incidents to determine scope, impact, and root cause.
• Develop and execute incident response plans and procedures.
• Conduct forensic analysis of security breaches and malware infections.
• Identify and report on emerging threats and vulnerabilities relevant to the organization.
• Implement and tune security controls to enhance threat detection capabilities.
• Collaborate with IT and other departments to implement security best practices.
• Develop and maintain security documentation, policies, and procedures.
• Participate in security awareness training and initiatives.
• Stay current with the latest security threats, trends, and technologies.
• Perform vulnerability assessments and penetration testing.
• Manage security investigations and provide detailed reports.

• Bachelor's degree in Computer Science, Information Security, or a related field; relevant certifications (e.g., CISSP, CEH, GIAC) are highly preferred.
• Minimum of 5 years of experience in information security, with a focus on threat detection and incident response.
• Proven experience with SIEM tools (e.g., Splunk, QRadar), IDS/IPS, firewalls, and endpoint security solutions.
• Strong understanding of common attack vectors, malware analysis, and network security.
• Excellent analytical and problem-solving skills, with the ability to think critically under pressure.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation and analysis is a plus.
• Strong written and verbal communication skills.
• Ability to work effectively in a team environment and independently.
• Experience with cloud security principles (AWS, Azure) is beneficial.
• Commitment to maintaining confidentiality and ethical conduct.

• Monitor security alerts and events from SIEM, IDS/IPS, EDR, and other security tools.
• Investigate security incidents, determine scope and impact, and develop containment strategies.
• Perform threat hunting to proactively identify advanced persistent threats (APTs) and malicious activities.
• Analyze malware and phishing attempts to understand attack methodologies.
• Develop and tune detection rules and signatures to improve security posture.
• Contribute to the development and improvement of incident response playbooks.
• Stay current with the latest cybersecurity threats, vulnerabilities, and mitigation techniques.
• Generate reports on security incidents and trends for management.
• Collaborate with IT teams to implement security best practices and remediation actions.

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
• 2-4 years of experience in cybersecurity operations, incident response, or threat analysis.
• Strong understanding of networking protocols (TCP/IP, HTTP/S), operating systems (Windows, Linux), and security concepts.
• Experience with SIEM platforms (e.g., Splunk, QRadar), IDS/IPS, and EDR solutions.
• Familiarity with scripting languages (Python, PowerShell) for automation and analysis.
• Knowledge of common attack vectors, malware types, and threat actor tactics, techniques, and procedures (TTPs).
• Excellent analytical and problem-solving skills.
• Strong communication and documentation abilities.
• Relevant certifications such as CompTIA Security+, CEH, or GIAC are a plus.

• Monitor and analyze security alerts from various security tools (SIEM, IDS/IPS, etc.).
• Investigate security incidents and breaches, identify root causes, and recommend remediation steps.
• Perform vulnerability assessments and penetration testing.
• Develop and maintain security policies, procedures, and guidelines.
• Respond to security incidents in a timely and effective manner.
• Assist in the development and implementation of security awareness training programs.
• Stay up-to-date with the latest cybersecurity threats, trends, and technologies.
• Collaborate with IT teams to implement security solutions and controls.
• Conduct regular security audits and reviews.
• Contribute to the continuous improvement of the organization's security posture.

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 3 years of experience in cybersecurity analysis or a similar role.
• Proficiency with SIEM, IDS/IPS, firewalls, and endpoint security solutions.
• Strong understanding of network protocols and security principles.
• Experience with vulnerability assessment tools and methodologies.
• Excellent analytical and problem-solving skills.
• Ability to communicate technical information clearly to both technical and non-technical audiences.
• Relevant certifications such as CompTIA Security+, CEH, or CISSP are a plus.
• Experience with scripting languages (e.g., Python, PowerShell) is advantageous.

Job Title: Cybersecurity Threat Detection Engineer

Experience: 6 + Years

Location: Hyderabad,

Notice Period: Immediate Joiner

Cab Facility: Available

Job Summary:

We are seeking a skilled Cybersecurity Threat Detection Engineer with 6+years of experience in cybersecurity, specializing in threat detection and incident response. This is a contract-to-hire opportunity for a candidate with strong expertise in SIEM platforms, detection content development, and cloud security. The role involves working closely with clients and internal teams to enhance detection capabilities across on-premises, cloud, and SaaS environments.

Key Responsibilities:

• Design and develop detection rules, policies, and alerting mechanisms to identify cybersecurity threats across varied technology stacks.
  
• Lead the creation and deployment of high-fidelity detection content across on-prem , cloud (AWS, Azure, GCP), and SaaS platforms.
  
• Collaborate with threat hunters, security analysts, and intelligence teams to incorporate emerging threats into detection strategies.
  
• Fine-tune detection mechanisms to reduce false positives and increase accuracy.
  
• Stay current with the latest cybersecurity trends, tools, and attack techniques.
  
• Assist clients in boarding the security platform and integrating diverse data sources.
  
• Document detection uses cases, processes, and generate security metrics reports.
  
• Provide technical guidance and collaborate with Security Operations on alert response automation and playbook development.
  
• Understand and work with network security tools and infrastructure such as firewalls, EDR, DLP, proxies, IDS/IPS , and email security solutions.
  

Required Qualifications:

• Bachelor’s degree in computer science, Information Security , or related discipline.
  
• 5+ years of hands-on experience in cybersecurity , with emphasis on threat detection , incident response , and SIEM tools.
  
• Expertise in log analysis , SIEM tuning , and detection rule creation.
  
• Strong familiarity with MITRE ATT&CK , Cyber Kill Chain , and adversary TTPs.
  
• Knowledge of cloud-based threat detection techniques and strategies.
  
• Excellent written and verbal communication skills with the ability to collaborate effectively with clients and cross-functional teams.
  

Technical Skills & Tools:

• Hands-on experience with SIEM platforms : Splunk, Elastic Stack (ELK/Security Onion), IBM QRadar, Securonix, Wazuh, Azure Sentinel.
  
• Ability to create and manage SIEM queries, alerts, dashboards, and integrate new log sources.
  
• Familiarity with CSPM, SOAR, EDR/XDR, WAF , and other security toolsets.
  
• Scripting and automation knowledge for alert responses and playbooks.
  

Preferred Certifications:

• OSCP , CISSP , or GIAC certifications such as GCIH, GCIA , or similar.