327 Threat Detection jobs in Mumbai

• Monitor security systems, including SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), and firewalls, for security breaches and policy violations.
• Analyze security alerts and logs to identify potential threats and vulnerabilities.
• Investigate security incidents, determine their scope, and initiate response procedures.
• Develop and refine threat detection rules and correlation logic within security tools.
• Conduct regular vulnerability assessments and penetration testing.
• Stay current with the latest cyber threats, attack vectors, and security technologies.
• Develop and maintain incident response plans and playbooks.
• Collaborate with IT teams to implement security best practices and remediation strategies.
• Provide timely and accurate reporting on security incidents and threat landscape.
• Participate in security awareness training for employees.
• Assist in the development and enforcement of security policies and procedures.
• Perform forensic analysis of compromised systems.
• Evaluate and recommend new security tools and technologies.
• Contribute to the overall cybersecurity strategy and risk management efforts.
• Ensure compliance with relevant data protection regulations.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Proven experience as a Cybersecurity Analyst, Security Operations Center (SOC) Analyst, or similar role.
• Strong knowledge of network protocols, operating systems (Windows, Linux), and cybersecurity principles.
• Hands-on experience with SIEM tools (e.g., Splunk, QRadar, ArcSight) and other security monitoring solutions.
• Familiarity with common attack techniques and threat actors.
• Excellent analytical and problem-solving skills.
• Ability to interpret complex data and draw actionable conclusions.
• Strong communication skills, both written and verbal, with the ability to document findings clearly.
• Relevant certifications such as CompTIA Security+, CEH, CISSP are highly desirable.
• Ability to work independently and as part of a team, often under pressure.
• Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.
• Understanding of cloud security principles (AWS, Azure, GCP) is advantageous.
• Knowledge of incident response frameworks (e.g., NIST).

• Monitor and analyze security alerts from various sources (e.g., SIEM, IDS/IPS, endpoint detection).
• Investigate security incidents, perform root cause analysis, and implement appropriate response and remediation actions.
• Conduct regular vulnerability assessments and penetration testing to identify system weaknesses.
• Develop and refine security policies, procedures, and best practices to enhance the overall security posture.
• Stay current with the latest threat intelligence, attack vectors, and security vulnerabilities.
• Design and implement security controls and technologies to protect the organization's network, systems, and data.
• Collaborate with IT and other departments to ensure security requirements are integrated into system designs and operational processes.
• Participate in security awareness training initiatives for employees.
• Manage security incidents from detection through to resolution, including communication with stakeholders.
• Develop and maintain incident response plans and playbooks.
• Evaluate and recommend new security tools and technologies.
• Conduct security audits and ensure compliance with relevant regulations.

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Minimum of 5 years of experience in information security, with a focus on threat detection and incident response.
• Proven expertise in security monitoring tools (e.g., SIEM, EDR, firewalls) and network security principles.
• Strong understanding of common attack vectors, malware, and threat actor TTPs.
• Experience with vulnerability assessment and penetration testing methodologies.
• Excellent analytical, problem-solving, and critical thinking skills.
• Relevant security certifications such as CISSP, CEH, GCIH, or OSCP are highly desirable.
• Strong communication and interpersonal skills, with the ability to explain technical concepts to non-technical audiences.
• Ability to work effectively in a hybrid work environment.
• Demonstrated ability to work independently and as part of a collaborative team.

• Monitor and analyze security alerts from SIEM, EDR, and other security tools.
• Investigate potential security incidents, performing root cause analysis.
• Conduct threat hunting activities to proactively identify and neutralize threats.
• Develop and tune detection rules and signatures for security monitoring systems.
• Respond to security incidents, coordinating containment, eradication, and recovery efforts.
• Perform forensic analysis of compromised systems and analyze malware.
• Stay current with the latest cybersecurity threats, vulnerabilities, and attack techniques.
• Create detailed incident reports and post-incident reviews.
• Collaborate with IT and other departments to implement security improvements.
• Contribute to the development and maintenance of security policies and procedures.

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 5-7 years of experience in cybersecurity, with a focus on SOC operations, incident response, or threat detection.
• Strong understanding of SIEM technologies (e.g., Splunk, QRadar), IDS/IPS, and EDR solutions.
• Proficiency in network protocols, operating system security (Windows, Linux), and common attack vectors.
• Experience with incident response methodologies and forensic analysis tools.
• Excellent analytical and problem-solving skills.
• Ability to work independently and manage multiple high-priority tasks in a remote setting.
• Strong written and verbal communication skills, with the ability to document findings clearly.
• Relevant certifications such as CISSP, GCIA, GCIH, or CEH are highly desirable.
• Demonstrated ability to stay calm and effective during high-pressure situations.

Company – Our client is a global technology services and consulting leader, recognized for driving innovation in enterprise IT and cybersecurity. Known for its collaborative culture and digital transformation expertise, this Fortune 500 organization partners with top enterprises worldwide to elevate their security posture and resilience.

Job Title – Vulnerability Management L2 Support Engineer

Location – Remote (flexible to collaborate across global teams)

Role Type – Contract (12 months) only

Must Have Skills:

• 2–4 years of experience in IT security or vulnerability management
• Hands-on experience with vulnerability scanning tools such as Qualys, Tenable, Rapid7, or Nessus
• Strong understanding of patch management processes (Windows, Linux, applications)
• Familiarity with CVE/CVSS scoring systems and threat prioritization
• Proficiency in generating and maintaining dashboards and reports

Responsibilities and Job Details:

• Execute regular vulnerability scans and validate results for accuracy
• Collaborate with infrastructure and application teams to coordinate remediation
• Track and report on remediation progress, escalating high-risk findings as needed
• Support patch management and assist with configuration baseline enforcement
• Maintain vulnerability dashboards and prepare regulatory compliance reports
• Provide L2-level technical support and mentorship to L1 teams
• Assist in defining security hardening guidelines and vulnerability baselines
• Engage with Security Operations and L3 teams for critical issue resolution
• Utilize strong analytical and troubleshooting skills for issue analysis
• Communicate effectively with global stakeholders across security and IT teams
• Leverage knowledge of networking, firewalls, OS, and app security
• (Bonus) Apply scripting skills and familiarity with standards like ISO 27001, PCI-DSS, HIPAA

Company – Our client is a global technology services and consulting leader, recognized for driving innovation in enterprise IT and cybersecurity. Known for its collaborative culture and digital transformation expertise, this Fortune 500 organization partners with top enterprises worldwide to elevate their security posture and resilience.

Job Title – Vulnerability Management L2 Support Engineer

Location – Remote (flexible to collaborate across global teams)

Role Type – Contract (12 months) only

Must Have Skills:

• 2–4 years of experience in IT security or vulnerability management
• Hands-on experience with vulnerability scanning tools such as Qualys, Tenable, Rapid7, or Nessus
• Strong understanding of patch management processes (Windows, Linux, applications)
• Familiarity with CVE/CVSS scoring systems and threat prioritization
• Proficiency in generating and maintaining dashboards and reports

Responsibilities and Job Details:

• Execute regular vulnerability scans and validate results for accuracy
• Collaborate with infrastructure and application teams to coordinate remediation
• Track and report on remediation progress, escalating high-risk findings as needed
• Support patch management and assist with configuration baseline enforcement
• Maintain vulnerability dashboards and prepare regulatory compliance reports
• Provide L2-level technical support and mentorship to L1 teams
• Assist in defining security hardening guidelines and vulnerability baselines
• Engage with Security Operations and L3 teams for critical issue resolution
• Utilize strong analytical and troubleshooting skills for issue analysis
• Communicate effectively with global stakeholders across security and IT teams
• Leverage knowledge of networking, firewalls, OS, and app security
• (Bonus) Apply scripting skills and familiarity with standards like ISO 27001, PCI-DSS, HIPAA

Company – Our client is a global technology services and consulting leader, recognized for driving innovation in enterprise IT and cybersecurity. Known for its collaborative culture and digital transformation expertise, this Fortune 500 organization partners with top enterprises worldwide to elevate their security posture and resilience.

Job Title – Vulnerability Management L2 Support Engineer

Location – Remote (flexible to collaborate across global teams)

Role Type – Contract (12 months) only

Must Have Skills:

• 2–4 years of experience in IT security or vulnerability management
• Hands-on experience with vulnerability scanning tools such as Qualys, Tenable, Rapid7, or Nessus
• Strong understanding of patch management processes (Windows, Linux, applications)
• Familiarity with CVE/CVSS scoring systems and threat prioritization
• Proficiency in generating and maintaining dashboards and reports

Responsibilities and Job Details:

• Execute regular vulnerability scans and validate results for accuracy
• Collaborate with infrastructure and application teams to coordinate remediation
• Track and report on remediation progress, escalating high-risk findings as needed
• Support patch management and assist with configuration baseline enforcement
• Maintain vulnerability dashboards and prepare regulatory compliance reports
• Provide L2-level technical support and mentorship to L1 teams
• Assist in defining security hardening guidelines and vulnerability baselines
• Engage with Security Operations and L3 teams for critical issue resolution
• Utilize strong analytical and troubleshooting skills for issue analysis
• Communicate effectively with global stakeholders across security and IT teams
• Leverage knowledge of networking, firewalls, OS, and app security
• (Bonus) Apply scripting skills and familiarity with standards like ISO 27001, PCI-DSS, HIPAA

Company – Our client is a global technology services and consulting leader, recognized for driving innovation in enterprise IT and cybersecurity. Known for its collaborative culture and digital transformation expertise, this Fortune 500 organization partners with top enterprises worldwide to elevate their security posture and resilience.

Job Title – Vulnerability Management L2 Support Engineer

Location – Remote (flexible to collaborate across global teams)

Role Type – Contract (12 months) only

Must Have Skills:

• 2–4 years of experience in IT security or vulnerability management
• Hands-on experience with vulnerability scanning tools such as Qualys, Tenable, Rapid7, or Nessus
• Strong understanding of patch management processes (Windows, Linux, applications)
• Familiarity with CVE/CVSS scoring systems and threat prioritization
• Proficiency in generating and maintaining dashboards and reports

Responsibilities and Job Details:

• Execute regular vulnerability scans and validate results for accuracy
• Collaborate with infrastructure and application teams to coordinate remediation
• Track and report on remediation progress, escalating high-risk findings as needed
• Support patch management and assist with configuration baseline enforcement
• Maintain vulnerability dashboards and prepare regulatory compliance reports
• Provide L2-level technical support and mentorship to L1 teams
• Assist in defining security hardening guidelines and vulnerability baselines
• Engage with Security Operations and L3 teams for critical issue resolution
• Utilize strong analytical and troubleshooting skills for issue analysis
• Communicate effectively with global stakeholders across security and IT teams
• Leverage knowledge of networking, firewalls, OS, and app security
• (Bonus) Apply scripting skills and familiarity with standards like ISO 27001, PCI-DSS, HIPAA

Company – Our client is a global technology services and consulting leader, recognized for driving innovation in enterprise IT and cybersecurity. Known for its collaborative culture and digital transformation expertise, this Fortune 500 organization partners with top enterprises worldwide to elevate their security posture and resilience.

Job Title – Vulnerability Management L2 Support Engineer

Location – Remote (flexible to collaborate across global teams)

Role Type – Contract (12 months) only

Must Have Skills:

• 2–4 years of experience in IT security or vulnerability management
• Hands-on experience with vulnerability scanning tools such as Qualys, Tenable, Rapid7, or Nessus
• Strong understanding of patch management processes (Windows, Linux, applications)
• Familiarity with CVE/CVSS scoring systems and threat prioritization
• Proficiency in generating and maintaining dashboards and reports

Responsibilities and Job Details:

• Execute regular vulnerability scans and validate results for accuracy
• Collaborate with infrastructure and application teams to coordinate remediation
• Track and report on remediation progress, escalating high-risk findings as needed
• Support patch management and assist with configuration baseline enforcement
• Maintain vulnerability dashboards and prepare regulatory compliance reports
• Provide L2-level technical support and mentorship to L1 teams
• Assist in defining security hardening guidelines and vulnerability baselines
• Engage with Security Operations and L3 teams for critical issue resolution
• Utilize strong analytical and troubleshooting skills for issue analysis
• Communicate effectively with global stakeholders across security and IT teams
• Leverage knowledge of networking, firewalls, OS, and app security
• (Bonus) Apply scripting skills and familiarity with standards like ISO 27001, PCI-DSS, HIPAA

Hi, We have 4 open positions for the below role in Mumbai, Secondary location is Pune. Interested candidates can email their updated profiles to alongwith the following details: Current CTC, Expected CTC, Notice period, Preferred location: Mumbai / Pune

L3 – Vulnerability Management, Risk & Compliance Lead

Job Summary:

ITCI Cyber Security team is looking for the role which is accountable for leading the organization’s end-to-end vulnerability lifecycle and aligning risk and compliance efforts with regulatory mandates such as RBI Master Directions and SEBI Cybersecurity Framework. The individual will ensure timely vulnerability detection, validation, remediation governance, and risk-based prioritization. The role also anchors all compliance readiness activities across cybersecurity, translating control gaps into actionable security initiatives while coordinating with internal and external audit functions.

Key Responsibilities:

• Lead the overall vulnerability management lifecycle across infra and application assets (VM, risk scoring, remediation tracking).
• Own end-to-end delivery of VM scans, validation cycles, and risk-based prioritization using tools like Tenable/Nessus.
• Map vulnerabilities to business risk and generate executive-level dashboards with risk exposure summaries.
• Define and maintain risk treatment plans per RBI and SEBI frameworks, coordinating with infra and app teams.
• Conduct compliance checks, technical control validations, and support readiness for RBI/SEBI/ISO audits.
• Perform monthly risk posture reviews, threat trend reporting, and mitigation progress evaluations.
• Oversee gap assessments against RBI Master Direction, SEBI circulars, and DPDP data security provisions.
• Provide expertise in documenting technical controls, ISMS artifacts, and audit trails for internal and external audits.
• Engage with stakeholders to establish security exceptions, compensating controls, and policy deviation approvals.
• Build and maintain GRC tools and risk registers with role-based access and automated updates.

Key Skills & Certifications:

1. 10+ years in cyber risk management, vulnerability assessment, and compliance delivery.
2. Strong experience with Tenable/Nessus, Qualys, and GRC tools.
3. ISO 27001 Lead Auditor, CRISC, or CISA certified.
4. In-depth knowledge of RBI Master Direction on IT Framework, SEBI Cybersecurity Guidelines.
5. Strong skills in risk quantification, reporting, and policy enforcement.