281 Threat Detection jobs in Mumbai

• Monitor security alerts and events from various sources, including SIEM, IDS/IPS, firewalls, and endpoint detection solutions.
• Perform in-depth analysis of security incidents, identify root causes, and develop effective containment and eradication strategies.
• Develop and tune security detection rules and use cases to enhance the effectiveness of threat monitoring.
• Conduct threat hunting activities to proactively identify advanced persistent threats (APTs) and other sophisticated attacks.
• Respond to security incidents, acting as a lead investigator and coordinating response efforts.
• Document incident details, actions taken, and lessons learned for post-incident reviews and reporting.
• Collaborate with IT and other business units to implement security best practices and remediation plans.
• Stay current with emerging threats, vulnerabilities, and security technologies.
• Participate in security awareness training and advocate for a strong security culture.
• Contribute to the development and refinement of incident response playbooks and procedures.
• Mentor junior security analysts and provide technical guidance.
• Assist in the evaluation and implementation of new security tools and technologies.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 6 years of experience in information security, with a strong focus on threat detection and incident response.
• Proven experience with Security Information and Event Management (SIEM) tools (e.g., Splunk, QRadar, ELK Stack).
• Hands-on experience with Intrusion Detection/Prevention Systems (IDS/IPS), firewalls, and endpoint security solutions.
• Proficiency in analyzing network traffic and system logs for malicious activity.
• Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.
• Strong understanding of common attack vectors, malware types, and threat actor tactics, techniques, and procedures (TTPs).
• Relevant security certifications such as CISSP, GIAC (GSEC, GCIA, GCIH), or OSCP are highly desirable.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and collaboration abilities.
• Ability to work effectively in a hybrid work environment, balancing remote and in-office responsibilities.

• Monitor and analyze security alerts from various security tools (SIEM, IDS/IPS, EDR).
• Investigate security incidents, perform forensic analysis, and develop containment strategies.
• Develop and refine threat detection rules, signatures, and use cases.
• Research and analyze emerging cyber threats, vulnerabilities, and attack vectors.
• Conduct threat hunting activities to proactively identify malicious activities.
• Respond to and manage security incidents, coordinating with relevant teams.
• Develop and maintain incident response playbooks and procedures.
• Generate regular reports on security incidents, trends, and threat landscape.
• Collaborate with IT teams to implement security controls and remediation measures.
• Contribute to security awareness training and phishing simulations.
• Stay current with the latest cybersecurity technologies, threats, and best practices.

• Bachelor's or Master's degree in Computer Science, Information Security, Cybersecurity, or a related field.
• Minimum of 5 years of experience in information security, with a focus on threat detection and incident response.
• Proven experience with SIEM platforms (e.g., Splunk, LogRhythm), IDS/IPS, and endpoint security solutions.
• Strong understanding of networking protocols, operating systems (Windows, Linux), and common attack vectors.
• Experience with scripting languages (e.g., Python, PowerShell) for automation and analysis.
• Knowledge of threat intelligence platforms and methodologies.
• Relevant certifications such as CISSP, CEH, GIAC, or CompTIA Security+ are highly desirable.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong written and verbal communication skills.
• Ability to work independently and as part of a remote team.

• Monitor security systems for threats and anomalies.
• Investigate and analyze security incidents.
• Develop and tune threat detection rules and signatures.
• Perform vulnerability assessments and penetration testing support.
• Contribute to incident response planning and execution.
• Analyze malware and conduct forensic investigations.
• Stay abreast of the latest cybersecurity threats and trends.
• Prepare reports on security incidents and findings.
• Collaborate with IT teams to implement security controls.

L3 – Vulnerability Management, Risk & Compliance Lead

Location : Mumbai (Andheri East)

Mode: Hybird

Job Summary:

ITCI Cyber Security team is looking for the role which is accountable for leading the organization’s end-to-end vulnerability lifecycle and aligning risk and compliance efforts with regulatory mandates such as RBI Master Directions and SEBI Cybersecurity Framework. The individual will ensure timely vulnerability detection, validation, remediation governance, and risk-based prioritization. The role also anchors all compliance readiness activities across cybersecurity, translating control gaps into actionable security initiatives while coordinating with internal and external audit functions.

Key Responsibilities:

• Lead the overall vulnerability management lifecycle across infra and application assets (VM, risk scoring, remediation tracking).
• Own end-to-end delivery of VM scans, validation cycles, and risk-based prioritization using tools like Tenable/Nessus.
• Map vulnerabilities to business risk and generate executive-level dashboards with risk exposure summaries.
• Define and maintain risk treatment plans per RBI and SEBI frameworks, coordinating with infra and app teams.
• Conduct compliance checks, technical control validations, and support readiness for RBI/SEBI/ISO audits.
• Perform monthly risk posture reviews, threat trend reporting, and mitigation progress evaluations.
• Oversee gap assessments against RBI Master Direction, SEBI circulars, and DPDP data security provisions.
• Provide expertise in documenting technical controls, ISMS artifacts, and audit trails for internal and external audits.
• Engage with stakeholders to establish security exceptions, compensating controls, and policy deviation approvals.
• Build and maintain GRC tools and risk registers with role-based access and automated updates.

Key Skills & Certifications:

1. 10+ years in cyber risk management, vulnerability assessment, and compliance delivery.
2. Strong experience with Tenable/Nessus, Qualys, and GRC tools.
3. ISO 27001 Lead Auditor, CRISC, or CISA certified.
4. In-depth knowledge of RBI Master Direction on IT Framework, SEBI Cybersecurity Guidelines.
5. Strong skills in risk quantification, reporting, and policy enforcement.

L3 – Vulnerability Management, Risk & Compliance Lead

Location : Mumbai (Andheri East)

Mode: Hybird

Job Summary:

ITCI Cyber Security team is looking for the role which is accountable for leading the organization’s end-to-end vulnerability lifecycle and aligning risk and compliance efforts with regulatory mandates such as RBI Master Directions and SEBI Cybersecurity Framework. The individual will ensure timely vulnerability detection, validation, remediation governance, and risk-based prioritization. The role also anchors all compliance readiness activities across cybersecurity, translating control gaps into actionable security initiatives while coordinating with internal and external audit functions.

Key Responsibilities:

• Lead the overall vulnerability management lifecycle across infra and application assets (VM, risk scoring, remediation tracking).
• Own end-to-end delivery of VM scans, validation cycles, and risk-based prioritization using tools like Tenable/Nessus.
• Map vulnerabilities to business risk and generate executive-level dashboards with risk exposure summaries.
• Define and maintain risk treatment plans per RBI and SEBI frameworks, coordinating with infra and app teams.
• Conduct compliance checks, technical control validations, and support readiness for RBI/SEBI/ISO audits.
• Perform monthly risk posture reviews, threat trend reporting, and mitigation progress evaluations.
• Oversee gap assessments against RBI Master Direction, SEBI circulars, and DPDP data security provisions.
• Provide expertise in documenting technical controls, ISMS artifacts, and audit trails for internal and external audits.
• Engage with stakeholders to establish security exceptions, compensating controls, and policy deviation approvals.
• Build and maintain GRC tools and risk registers with role-based access and automated updates.

Key Skills & Certifications:

• 10+ years in cyber risk management, vulnerability assessment, and compliance delivery.
• Strong experience with Tenable/Nessus, Qualys, and GRC tools.
• ISO 27001 Lead Auditor, CRISC, or CISA certified.
• In-depth knowledge of RBI Master Direction on IT Framework, SEBI Cybersecurity Guidelines.
• Strong skills in risk quantification, reporting, and policy enforcement.

Company – Our client is a global technology services and consulting leader, recognized for driving innovation in enterprise IT and cybersecurity. Known for its collaborative culture and digital transformation expertise, this Fortune 500 organization partners with top enterprises worldwide to elevate their security posture and resilience.Job Title – Vulnerability Management L2 Support EngineerLocation – Remote (flexible to collaborate across global teams)Role Type – Contract (12 months) onlyMust Have Skills:2–4 years of experience in IT security or vulnerability managementHands-on experience with vulnerability scanning tools such as Qualys, Tenable, Rapid7, or NessusStrong understanding of patch management processes (Windows, Linux, applications)Familiarity with CVE/CVSS scoring systems and threat prioritizationProficiency in generating and maintaining dashboards and reportsResponsibilities and Job Details:Execute regular vulnerability scans and validate results for accuracyCollaborate with infrastructure and application teams to coordinate remediationTrack and report on remediation progress, escalating high-risk findings as neededSupport patch management and assist with configuration baseline enforcementMaintain vulnerability dashboards and prepare regulatory compliance reportsProvide L2-level technical support and mentorship to L1 teamsAssist in defining security hardening guidelines and vulnerability baselinesEngage with Security Operations and L3 teams for critical issue resolutionUtilize strong analytical and troubleshooting skills for issue analysisCommunicate effectively with global stakeholders across security and IT teamsLeverage knowledge of networking, firewalls, OS, and app security(Bonus) Apply scripting skills and familiarity with standards like ISO 27001, PCI-DSS, HIPAA

L3 – Vulnerability Management, Risk & Compliance Lead

Location : Mumbai (Andheri East)

Mode: Hybird

Job Summary:

ITCI Cyber Security team is looking for the role which is accountable for leading the organization’s end-to-end vulnerability lifecycle and aligning risk and compliance efforts with regulatory mandates such as RBI Master Directions and SEBI Cybersecurity Framework. The individual will ensure timely vulnerability detection, validation, remediation governance, and risk-based prioritization. The role also anchors all compliance readiness activities across cybersecurity, translating control gaps into actionable security initiatives while coordinating with internal and external audit functions.

Key Responsibilities:

• Lead the overall vulnerability management lifecycle across infra and application assets (VM, risk scoring, remediation tracking).
• Own end-to-end delivery of VM scans, validation cycles, and risk-based prioritization using tools like Tenable/Nessus.
• Map vulnerabilities to business risk and generate executive-level dashboards with risk exposure summaries.
• Define and maintain risk treatment plans per RBI and SEBI frameworks, coordinating with infra and app teams.
• Conduct compliance checks, technical control validations, and support readiness for RBI/SEBI/ISO audits.
• Perform monthly risk posture reviews, threat trend reporting, and mitigation progress evaluations.
• Oversee gap assessments against RBI Master Direction, SEBI circulars, and DPDP data security provisions.
• Provide expertise in documenting technical controls, ISMS artifacts, and audit trails for internal and external audits.
• Engage with stakeholders to establish security exceptions, compensating controls, and policy deviation approvals.
• Build and maintain GRC tools and risk registers with role-based access and automated updates.

Key Skills & Certifications:

1. 10+ years in cyber risk management, vulnerability assessment, and compliance delivery.
2. Strong experience with Tenable/Nessus, Qualys, and GRC tools.
3. ISO 27001 Lead Auditor, CRISC, or CISA certified.
4. In-depth knowledge of RBI Master Direction on IT Framework, SEBI Cybersecurity Guidelines.
5. Strong skills in risk quantification, reporting, and policy enforcement.

Company – Our client is a global technology services and consulting leader, recognized for driving innovation in enterprise IT and cybersecurity. Known for its collaborative culture and digital transformation expertise, this Fortune 500 organization partners with top enterprises worldwide to elevate their security posture and resilience.

Job Title – Vulnerability Management L2 Support Engineer

Location – Remote (flexible to collaborate across global teams)

Role Type – Contract (12 months) only

Must Have Skills:

• 2–4 years of experience in IT security or vulnerability management
• Hands-on experience with vulnerability scanning tools such as Qualys, Tenable, Rapid7, or Nessus
• Strong understanding of patch management processes (Windows, Linux, applications)
• Familiarity with CVE/CVSS scoring systems and threat prioritization
• Proficiency in generating and maintaining dashboards and reports

Responsibilities and Job Details:

• Execute regular vulnerability scans and validate results for accuracy
• Collaborate with infrastructure and application teams to coordinate remediation
• Track and report on remediation progress, escalating high-risk findings as needed
• Support patch management and assist with configuration baseline enforcement
• Maintain vulnerability dashboards and prepare regulatory compliance reports
• Provide L2-level technical support and mentorship to L1 teams
• Assist in defining security hardening guidelines and vulnerability baselines
• Engage with Security Operations and L3 teams for critical issue resolution
• Utilize strong analytical and troubleshooting skills for issue analysis
• Communicate effectively with global stakeholders across security and IT teams
• Leverage knowledge of networking, firewalls, OS, and app security
• (Bonus) Apply scripting skills and familiarity with standards like ISO 27001, PCI-DSS, HIPAA

Company – Our client is a global technology services and consulting leader, recognized for driving innovation in enterprise IT and cybersecurity. Known for its collaborative culture and digital transformation expertise, this Fortune 500 organization partners with top enterprises worldwide to elevate their security posture and resilience.

Job Title – Vulnerability Management L2 Support Engineer

Location – Remote (flexible to collaborate across global teams)

Role Type – Contract (12 months) only

Must Have Skills:

• 2–4 years of experience in IT security or vulnerability management
• Hands-on experience with vulnerability scanning tools such as Qualys, Tenable, Rapid7, or Nessus
• Strong understanding of patch management processes (Windows, Linux, applications)
• Familiarity with CVE/CVSS scoring systems and threat prioritization
• Proficiency in generating and maintaining dashboards and reports

Responsibilities and Job Details:

• Execute regular vulnerability scans and validate results for accuracy
• Collaborate with infrastructure and application teams to coordinate remediation
• Track and report on remediation progress, escalating high-risk findings as needed
• Support patch management and assist with configuration baseline enforcement
• Maintain vulnerability dashboards and prepare regulatory compliance reports
• Provide L2-level technical support and mentorship to L1 teams
• Assist in defining security hardening guidelines and vulnerability baselines
• Engage with Security Operations and L3 teams for critical issue resolution
• Utilize strong analytical and troubleshooting skills for issue analysis
• Communicate effectively with global stakeholders across security and IT teams
• Leverage knowledge of networking, firewalls, OS, and app security
• (Bonus) Apply scripting skills and familiarity with standards like ISO 27001, PCI-DSS, HIPAA