":" 1. Role: D atabase Activity Monitoring (DAM) Technical Support Engineer This is a senior technical IC role which requirescandidate to be hands on and ability to manage the application platformindependently 2. Technology : Imperva DAM 3. Location : Mumbai at customer site 4. Position : 01(One) 5. Total experience : 6 to 10 years (max) 6. Effective exp. : Last 1.5 - 2 years as DAM SME or technicalsupport expert 7. Working Window Should be flexible to work in shifts and ondemand for any weekend maintenance activities 8. Job Description/KRAs Ensuring uptime of the DAMplatform as per defined service levels Ensuring coverage of thesolution to ensure adequate security posture Implement and fine tunepolicies in accordance with security policies and continually evolving threatlandscape. Define reports and dashboards Integration of databaseswith DAM platform as per organisational requirements DAM application administration,management and advanced troubleshooting. Attend to P1 incidents anddocumentation of RCA Define SOPs to facilitateeffective collaboration of work with cross functional stakeholders in customerorganisation Keeping platform currentwith defined security baselines and OEM defined best practices Participation in auditexercises and closing out observations within defined timeframes Participation in BCP and DRdrills. Ensuring platform is resilient from uptime perspective Track licensing, OEM supportvalidity and coordination for scheduled audits of the platform Coordination with OEMsupport for bug fixes or product issues Guide and support Tier 2Engineers on administration and platform Update requireddocumentation on need basis 9. Education and Professional Qualifications B.E/ B. Tech/MCA fromrecognized university. CISSP/CISA/CISMcertification is mandatory DAM Technical certificationis preferred Should have handled DAMoperations of large environment with multiple DB flavours Intermediate scripting skills in Python or any CGI is preferred 10. Soft Skills: Strong analytical andproblem-solving skills Good communication andinterpersonal skills, with the ability to communicate technical information to non-technicalstakeholders Ability to workindependently and have good negotiation skills to manage/calibrate stakeholderrequirements ","

Platform Monitoring Maintenance: Monitor and maintain the LogRhythm platform, addressing any issues that arise in a timely manner. Log Source Integration: Assist in integrating various log sources (up to 25 different types) and manage configurations for optimal performance. Troubleshooting: Investigate and resolve platform issues, escalating to L3 administrators when necessary. Compliance Support: Ensure that the platform complies with PCI-DSS, ISO27001, and BCP standards. Content Optimization: Support the development and fine-tuning of SIEM use cases, alerts, and reports as required. Collaboration: Work closely with the L3 administrator and organizationteams to ensure seamless system performance. Platform Maintenance: Assist with scheduled platform upgrades and other administrative tasks. Documentation: Maintain clear and concise documentation of system issues, configurations, and resolutions. Requirements Skills and Qualifications: Experience: 3-5 years of experience in SIEM administration, with hands-on knowledge of LogRhythm. Technical Skills: Understanding of log source integration, platform troubleshooting, and basic parser development. Certifications: LogRhythm certified (preferred), PCI-DSS, ISO27001 (optional but desirable). Communication: Good communication skills to interact with teams and provide technical support. Availability: Must be available during business hours and willing to extend work hours as per business needs.

Design and implement end-to-end security solutions using Microsoft security suite, including Microsoft Defender, Sentinel, and Defender for Endpoint. Integrate Microsoft security tools with other industry-leading SIEM, SOAR, UBA, EDR, and ticketing systems for a comprehensive security posture. Utilize Microsoft Copilot for AI-driven security insights, automation, and incident analysis to improve security response efficiency. SOC L3 Expertise Incident Response Lead SOC Level 3 investigations, incident response, threat hunting, and forensic analysis using Microsoft Sentinel Defender. Provide expert guidance on incident escalation, root cause analysis, and response strategies. Optimize SOC workflows using Microsoft Copilot, leveraging AI to automate investigations, generate reports, and enhance analyst efficiency. Develop and implement SOC processes, playbooks, and best practices to ensure an effective security operations framework. Threat Intelligence, SOAR, UBA AI Integration Implement User Behavior Analytics (UBA) to detect anomalies, insider threats, and behavioral deviations. Design and automate security workflows using SOAR solutions to reduce response time. Correlate threat intelligence feeds across Microsoft Defender, Sentinel, and third-party SIEM tools to proactively identify emerging threats. Use Microsoft Copilots AI-driven capabilities to assist in security event correlation, data analysis, and automated threat response. SOC Security Process Management Oversee SOC operations, ensuring 24/7 security monitoring, alert triage, and proactive threat mitigation. Define, document, and enforce SOC playbooks, security policies, and compliance guidelines aligned with industry best practices. Conduct security audits and assessments using Microsoft security tools, ensuring adherence to standards like MITRE ATTCK, NIST, and ISO 27001. Required Skills Experience: 8+ years of experience in cybersecurity, SOC management, and security architecture. Hands-on expertise in Microsoft security solutions (Microsoft Defender, Sentinel, Defender for Identity, Defender for Endpoint). Proven experience in SOC Level 3 operations, incident response, threat hunting, and forensic investigations. Strong understanding of SIEM, SOAR, UBA, and AI-driven security automation. Experience in integrating Microsoft security tools with third-party security solutions like EDR, SIEM, and ticketing systems. Familiarity with Microsoft Copilot and its application in SOC operations, security automation, and AI-driven threat detection. Ability to draft SOC processes, security playbooks, and incident response frameworks. Strong analytical skills with the ability to connect insights across different security modules.

Oversee the issuance, revocation, and renewal of digital certificates using Nexus Smart ID and Microsoft PKI. Implement and manage password-less authentication and multi-factor authentication (MFA) solutions. Maintain and monitor Identity Provider (IdP) integrations to ensure seamless authentication. Enforce access control policies to prevent unauthorized access. System Administration Security: Monitor system performance and conduct regular updates and patches for Nexus Smart ID. Perform troubleshooting and incident resolution for identity and certificate-related issues. Ensure compliance with industry regulations and best practices for digital identity security. Operational Support Optimization: Conduct health checks and security audits of IAM solutions. Provide technical support and guidance to end-users and IT teams. Develop documentation, SOPs, and training materials for identity and certificate management. Collaborate with security teams to strengthen identity governance and access policies . Required Skills Qualifications: 7 years of experience in Identity Access Management (IAM) , Public Key Infrastructure (PKI) , or related security roles. Hands-on experience with Nexus Smart ID for password-less authentication and MFA solutions. Strong understanding of Microsoft PKI Certificate Management , including CA (Certificate Authority) administration. Experience with Identity Providers (IdP) and Single Sign-On (SSO) solutions. Knowledge of access control models (RBAC, ABAC) and identity governance. Familiarity with security frameworks such as NIST, ISO 27001, and Zero Trust architecture . Strong troubleshooting skills for identity authentication and certificate issues . Experience with scripting (PowerShell, Python) for automation is a plus. Preferred Certifications: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Microsoft Certified: Security, Compliance, and Identity Fundamentals Certified Identity and Access Manager (CIAM)

: Platform Monitoring Maintenance: Monitor and maintain the LogRhythm platform, addressing any issues that arise in a timely manner. Log Source Integration: Assist in integrating various log sources (up to 25 different types) and manage configurations for optimal performance. Troubleshooting: Investigate and resolve platform issues, escalating to L3 administrators when necessary. Compliance Support: Ensure that the platform complies with PCI-DSS, ISO27001, and BCP standards. Content Optimization: Support the development and fine-tuning of SIEM use cases, alerts, and reports as required. Collaboration: Work closely with the L3 administrator and NPCI teams to ensure seamless system performance. Platform Maintenance: Assist with scheduled platform upgrades and other administrative tasks. Documentation: Maintain clear and concise documentation of system issues, configurations, and resolutions. Skillsand Qualifications: Experience: 3-5 years of experience in SIEM administration, with hands-on knowledge of LogRhythm. Technical Skills: Understanding of log source integration, platform troubleshooting, and basic parser development. Certifications: LRSA, LRPA, LRDE Communication: Good communication skills to interact with teams and provide technical support. Availability: Must be available during business hours and willing to extend work hours as per business needs. Requirements LRSA, LRPA, LRDE Certifications. ","

Implement and maintain network security policies, firewalls, and access controls . Monitor network traffic for anomalies, volumetric spikes, and security breaches . Utilize Akamai Security Operations Command Center (SOCC) for real-time threat intelligence and alerting. Conduct vulnerability assessments and penetration testing to identify risks. 2. DDoS Attack Mitigation (L3/L7Protection) Identify and mitigate L3 volumetric attacks (TCP SYN floods, UDP floods, ICMP floods, amplification attacks). Mitigate L7 application-layer attacks targeting APIs, HTTP/S endpoints, and critical services. Implement traffic scrubbing, geo-blocking, rate limiting, and ACLs for DDoS prevention. Work with ISPs and enterprise clients to counter large-scale network attacks. 3. Web Application Firewall (WAF)Management Configure, tune, and optimize Akamai WAF to block application-layer threats. Monitor and mitigate OWASP Top 10 vulnerabilities (SQL Injection, XSS, CSRF, etc.). Perform log analysis and security rule updates to adapt to evolving threats. 4. Microsegmentation (Guardicore) Zero Trust Security Implement network microsegmentation using Akamai Guardicore to restrict lateral movement. Design and manage zero-trust security architectures for enterprise environments. Continuously optimize segmentation policies to enhance network isolation and compliance . 5. Incident Response SecurityOptimization Develop and execute incident response plans for DDoS, WAF, and network security breaches. Conduct root cause analysis (RCA) and forensic investigations after security incidents. Create security reports, dashboards, and threat intelligence briefs for stakeholders. Improve network and application security policies based on lessons learned. Required Skills Experience: 5+ years of experience in network security, DDoS mitigation, and WAF administration . Hands-on expertise with Akamai L3/L7 DDoS, Akamai WAF, and Guardicore Microsegmentation . Strong understanding of network protocols (TCP/IP, HTTP/S, DNS, BGP, SSL/TLS, IPSec, etc.) . Experience with firewalls (Palo Alto, Cisco ASA, Fortinet, Check Point) and IDS/IPS solutions . Proficiency in threat intelligence, traffic analysis, and SIEM integration (e.g., Splunk, QRadar). Hands-on experience with security automation (Python, Bash, PowerShell, Terraform, Ansible) . Strong knowledge of incident response frameworks and compliance standards (ISO 27001, NIST, PCI-DSS, GDPR, etc.) .

We are seeking an experienced Cybersecurity Specialist with expertise in Privileged Access Management (PAM), Key Management, andSecure Identity Access Solutions . The ideal candidate will havehands-on experience with industry-leading products like CyberArk PAM , ThalesHSM , Nexus Smart ID , and Microsoft PKI to support and securethe organizations critical assets. Key Responsibilities 1. Privileged Access Management (PAM) Manage and maintain CyberArk PAM to secure privileged accounts and access across the organization. Implement and administer CyberArk Secrets Management to ensure secure storage and retrieval of sensitive credentials. Monitor and respond to PAM-related incidents, ensuring compliance with security policies. 2. Key Management Oversee the complete lifecycle of cryptographic keys using Thales HSM and Thales Cipher Trust solutions. Conduct root key ceremonies and manage secure key generation, distribution, rotation, and retirement. Ensure compliance with PCI-DSS, ISO 27001 , and other key management standards. 3. Secure Identity Access Implement and manage Nexus Smart ID for passwordless MFA and identity provider services. Integrate identity services with enterprise applications to enable seamless and secure access. 4. Certificate Management Administer and maintain Microsoft PKI infrastructure to manage certificates for internal and external systems. Ensure secure and reliable certificate issuance, renewal, and revocation processes. Support certificate-based authentication and encryption services across the organization. Skills Qualifications Experience : 7+ years in cybersecurity, focusing on Privileged Access Management, Key Management, Identity Access Management, and Certificate Management . Technical Proficiency : Hands-on experience with CyberArk PAM and Secrets Management . Strong knowledge of Thales HSM and Thales CipherTrust key management solutions. Expertise in Nexus Smart ID for MFA and identity services. Proficiency in managing Microsoft PKI infrastructure. Compliance Knowledge : Familiarity with PCI-DSS, ISO 27001 , and FIPS 140-2 standards. Problem-Solving Skills : Strong troubleshooting and analytical skills to resolve security incidents. Communication Skills : Ability to work with cross-functional teams and effectively communicate technical concepts

Platform Administration: Oversee the day-to-day administration of the LogRhythm platform, including troubleshooting and resolving issues across multiple sites. Parser Development: Create and maintain custom parsers as required for various log sources. Platform Upgrades: Plan, test, and implement platform upgrades to ensure up-to-date security and performance. Content Development: Develop and optimize SIEM content (use cases, alerts, reports) in alignment with organizations security needs. Compliance Management: Ensure adherence to PCI-DSS, ISO27001, and BCP standards. Integration Automation: Manage the integration of LogRhythm with other tools and technologies, including SOAR platforms. Team Collaboration: Provide guidance and mentorship to L2 administrators, ensuring efficient team performance. Reporting: Generate and present reports on system performance, upgrades, and incident handling to organizationleadership. Skillsand Qualifications: Experience: 7-10 years of experience with LogRhythm SIEM, with a strong understanding of SIEM architecture, deployment, and administration. Certifications: LogRhythm Certified, PCI-DSS, ISO27001. Technical Expertise: Expertise in custom parser development, platform upgrades, log source integration, and compliance requirements. Communication: Excellent communication skills to interact with stakeholders and manage business requirements. Availability: Must be available during business hours and extend work hours as per business needs. Requirements LogRhythm Certified, PCI-DSS certifications ","

Weare seeking a highly skilled and experienced LogRhythm L3 Sr. Tech Lead Security Engineering Subject Matter Expert (SME) to join our cybersecurityteam. The ideal candidate will have extensive expertise in Security Informationand Event Management (SIEM), SOAR, User and Entity Behavior Analytics (UEBA),and Network Monitoring (NetMon) using LogRhythm. This role involves advancedtroubleshooting, system optimization, and ensuring the security of our networkinfrastructure. 5. KRAs of the role This is a core technical IC role which requires candidateto be hands on and ability to deliver the below tasks independently. > Ownership ofSIEM platform in terms of administration and management (should be currentlyperforming this role) a. Ensuring platform and serviceuptime. b. Efficient management of theplatform to ensure proper performance. c. Upgrade and updates (KBs)/patch as per OEM. d. Platform capacity management. e. Administration and managementof underlying Infrastructure Layer. f. Log Source Integration toinclude development of custom parsers for non-supported log sources. g. Integration with otherplatforms like Threat Intelligence. h. Configuration of SOAR plugins. i. Advanced troubleshooting ofthe SIEM platform. j. Problem management. Working closely with OEM. k. Configuration of rules reportsand dashboards based on inputs from monitoring team. l. Documentation of RCAs formajor incidents > Otherskills required a. Ability to interact with andmanage customer stakeholders in the context of platform management. b. Good team working skills andcommunication. 6. Technology and skills a. SIEM: LogRhythm is mandatory. b. SOAR: SIEM native of any thirdparty. c. UEBA Management: Configure, maintain,upgrade, and optimize the LogRhythm UEBA module to detect and respond toanomalous user activities. d. NetMon Management: Oversee thedeployment, configuration, and maintenance of LogRhythm NetMon to ensurecomprehensive network visibility. e. System Integration: Integratevarious data sources and security tools with SIEM, SOAR, UEBA, and NetMonplatforms to enhance visibility and detection capabilities. f. Technical Support: Provideadvanced technical support and troubleshooting for SIEM, SOAR, UEBA, andNetMon-related issues. g. Content Development: - Developand fine-tune detection use cases, and custom Reports / Dashboard to improvedetection capabilities and reduce false positives. And LogRhythm SOAR pluginsconfiguration (Standard / Customization). h. Threat Intelligence and BrandMonitoring. i. Scripting: Regex is mandatory. j. Knowledge of scriptinglanguages (e.g., Python, PowerShell) for automation. k. OS: Windows and Linux(intermediate skills). l. Good knowledge of securitydomain is mandatory.

We are seeking an experienced Senior SOC L3 Analyst with deep expertise in Microsoft Sentinel SIEM to lead security monitoring, threat detection, and incident response. This role involves handling advanced cyber threats, fine-tuning SIEM capabilities, mentoring SOC teams, and driving security automation. Key Responsibilities: Advanced Threat Detection Incident Response: - Act as the final escalation point for critical security incidents. - Perform deep forensic analysis, malware analysis, and threat hunting across hybrid environments. - Investigate Advanced Persistent Threats (APT), zero-day exploits, and insider threats. - Develop and optimize custom KQL queries, detection rules, and Sentinel analytics for precise threat detection. - Lead post-incident forensics, root cause analysis (RCA), and corrective action plans. - Automate and streamline incident response using SOAR playbooks. SIEM Administration Optimization: - Configure, optimize, and fine-tune Microsoft Sentinel SIEM for maximum visibility and efficiency. - Design and implement custom detection rules, log parsers, and alerting mechanisms. - Integrate Azure Defender, Microsoft Defender, and third-party threat intelligence feeds into Sentinel. - Enhance log collection, correlation, and anomaly detection using AI/ML-based techniques. Threat Hunting Threat Intelligence: - Conduct proactive threat hunting using behavioral analytics and KQL-based queries. - Leverage MITRE ATTCK, Cyber Kill Chain, and Diamond Model frameworks for adversary tracking. - Implement Threat Intelligence Platforms (TIPs) and integrate with SIEM/SOAR solutions. - Identify and mitigate emerging threats, including fileless attacks, privilege escalation, and supply chain attacks. Compliance Security Governance: - Ensure compliance with industry standards (ISO 27001, NIST, PCI-DSS, GDPR, SOC2). - Develop and maintain SIEM reporting dashboards for executive and compliance reporting. - Assist in audit preparation, risk assessments, and security posture improvement plans. Leadership Mentoring: - Guide and mentor SOC L1 L2 analysts in advanced security investigation techniques. - Develop incident response playbooks, runbooks, and SOPs for the SOC team. - Conduct cybersecurity training, tabletop exercises, and red/blue team drills. - Collaborate with CISOs, IT, DevOps, and risk teams to enhance overall security posture. Required Skills Qualifications: 7+ years of hands-on experience in SOC operations, incident response, and threat hunting. Expertise in Microsoft Sentinel SIEM (rule creation, automation, integration). Strong knowledge of EDR, IDS/IPS, firewalls, network security, and cloud security (Azure, AWS, GCP). Proficiency in Kusto Query Language (KQL), PowerShell, Python for security automation. Deep understanding of MITRE ATTCK, Cyber Kill Chain, TTP-based threat modeling. Experience in threat intelligence, malware reverse engineering, and forensic investigations. Hands-on experience with SOAR platforms and security automation workflows. Certifications preferred: SC-200, CISSP, CISM, CISA, GIAC (GCFA, GCIH, GCIA), CEH, OSCP. Requirements > Hands-on experience in SOC operations, incident response, and threat hunting. Expertise in Microsoft. >Expertise in Microsoft Sentinel SIEM (rule creation, automation, integration). >Strong knowledge of EDR, IDS/IPS, firewalls, network security, and cloud security (Azure, AWS, GCP). >Proficiency in Kusto Query Language (KQL), PowerShell, Python for security automation. >Deep understanding of MITRE ATTCK, Cyber Kill Chain, TTP-based threat modeling. >Experience in threat intelligence, malware reverse engineering, and forensic investigations. >Hands-on experience with SOAR platforms and security automation workflows.

Experience : 7-12 years in Identity and Access Management, with minimum one full lifecycle implementation of One Identity Manager . Key Responsibilities: Lead the design and implementation of IAM solutions, with a focus on One Identity Manager . Oversee the end-to-end lifecycle implementation of One Identity Manager, including architecture design, process orchestration, and API integrations. Perform onboarding and integration of new applications into the IAM system. Develop and manage custom connectors, processes, and scripts for Quest One Identity. Support production issues and provide optimal solutions for troubleshooting. Conduct synchronization and reconciliation tasks to detect and address rogue accounts. Lead and coordinate code migrations across development, test, and production environments. Collaborate with stakeholders to understand requirements and translate them into effective IAM solutions. Provide support for IAM operations, including RBAC implementation , scripting tasks, and system maintenance. Technical Skills: Advanced knowledge of One Identity Manager architecture and functionality. Expertise in Process Orchestration , IM Tables , and SQL . Proficient in VB.Net development with experience in API integrations. Hands-on experience with Python or PowerShell scripting . Strong understanding of RBAC concepts , IT security best practices , and IAM principles. Familiarity with Active Directory (AD) , Azure AD , and Azure Security . Experience with IGA tools like SailPoint , Saviynt , or ForgeRock (preferred). Soft Skills: Excellent written and verbal communication skills with the ability to articulate complex solutions. Strong leadership abilities and a proactive approach to team coordination and delivery ownership . Outstanding analytical and problem-solving skills. Client-focused mindset with a commitment to quality and efficiency.