Akshat Bhalla’s Post

Hello,    This is Armaan Syed From Sapphire software solutions , we have a position with one of our direct clients, below is the Job description  Please go through and let me know your interest in this and do send me your most recent resume. armaan@sapphiresoftwaresolutions.com   Title:  CyberArk Sr. – Build and Support / Ops Lead Location: Alpharetta, GA  / Dallas, TX (2-3 weeks remote max. then onsite) Duration: Long Term Contract Job Descriptation : •       Work on EFTPS Build activities. •       Target System on-boarding •       Single Point of Contact for support services •       Lead the complete operations team on technical front •       Respond to the email’s for any advisory task. •       On-call support with the aligned support team member. •       Debugging the issues •       Provide the onsite support for Major/Minor upgrade. •       Perform RCA’s •       DR Failover drills •       Define any new policies in the PAM Solution •       Break glass password retrieval •       Update documentation as and when required •       Any new server Account Addition /Deletion for existing types of integrations. •       Adding users in the group and opening of firewall port request. •       Troubleshooting of operational issues like: a.       Authentication Failure (LDAP user’s/application Internal users like appuser and gwuser) b.       End point target server connectivity issue c.       Password change/verification failure on                                                                            i.      Scheduled task                                                                          ii.      OS (Windows/Unix/Database) level Login accounts d.       PAM Daily scheduled backup failure e.       DC to DR data replication failure f.        PAM Email notification related configuration •       In an unforeseen event or in case the issue is not resolved via L3 team, log PAM support ticket with OEM and follow up for timely resolution. •       To perform drills related to: a.       DC-DR b.       DR-DC Fall-back c.       Vault Restoration •       Business continuity with DR environment •       Manage policies configured in the PAM solution •       Creating new policies •       Consider up to 50 target systems consisting of 25 Linux (Multiple Flavors), 10 Windows & 15 N/w or security devices •       Build and test framework for: o   New Server On-boarding o   User/ Admin Provisioning process for least privilege usage •       Create standard operating procedure documents that can be used as guides to continue onboarding of remaining systems •       Target system on-boarding onto EFTPS environment   ·       Reporting & Platform Maintenance: •       Response to performance alerts and warnings •       Log monitoring and analysis per instance •       Coordination with other resolver groups per instance  

Hi #connections I am #hiringimmediately Role - #SOC - L3    Location - NOIDA ( Work from office shift duty - 24/7 support) Security Engineers – (#SIEM/SOAR/UEBA) Education Criteria : Any BE/B.Tech/BCA/MCA Primary Skills - #Network Security, #endpointsecurity ,#Threatintelligence SOAR integration, SOAR playbook creation Secondary Skills : #SIEM/Qradar JD :- Sr. No Desired Skills Assessement by Partner 1 Monitor console & dashboards of in scope solutions and provide response to the reported incidents. 2 Perform initial analysis for known issues and provide the appropriate recommendations for closure.  3 Integrate new devices procured by client during the contract period with SOAR for logging and alerting 4 Ensure compliance to Service Level Agreements (SLA), process adherence and process improvements to achieve operational objectives and mitigate threats Monitor & Reporting of system components health and take necessary action in case of any observed issue. 5 Provide notification and communication with Incident management and respective application team upon threat detection. 6 Maintain the suitable architecture of the supplied solution 7 Monitoring and coordination of SOC standard activities like backup, patching etc. 8 Perform analysis on the reported incidents, determine the root cause, and recommend appropriate solution. 9 Triage incidents based on an agreed threat matrix 10 Provide necessary support during the Forensics investigation and threat hunting 11 Hunt for security threats, identify threat actor groups and their techniques, tools and processes 12 Perform analysis of security incidents for further enhancement of rules, reports, AI/ML models  13 Using knowledge of the current threat landscape, threat actor techniques, and the internal network, analyze log data to detect active threats within the network. Build, document and maintain a comprehensive model of relevant threats to Client 14 Proactively identify potential threat vectors and work with client Security team to improve prevention and detection methods. 15 Identify and propose automated alerts for new and previously unknown threats. 16 Detection of cyber-attack, analysis of the attack and remedial action as per SLAs. 17 Develop up-to 35 parsing rules if required for any non-standard logs during the entire contract period. 18 Creating custom playbooks as per client requirement. 20 Plan & table all Request for Changes (RFCs) for a Change Advisory Board (CAB) meeting, issues an agenda and circulates all requests for changes to Change Advisory Board members in advance of meetings to allow prior consideration 21 Participate in all CAB and ECAB meetings - Anticipated business risk etc   Interested Candidate can share resume at pooja.s@growelsoftech.com Growel Softech Ltd

Hi Network 😊 I’m still looking for THE BEST SPLUNK security monitoring analyst . Take a look ⬇️ Need to have experience reviewing security events from multiple systems (Windows, Unix, routers, switches, and endpoints) and be able to understand what events are benign and what may be malicious based on data classification, behavior, and context. On a daily, you will: ✔Monitor and detect security events from SIEM, Log collection Engines, and other security technologies, such as Splunk and McAfee DLP. ✔Perform investigations using security platforms to determine false positives or escalate ( IDS/IPS, DLP, etc.) ✔Monitoring of health alerts and downstream dependencies. ✔Review and take a proactive approach to false positives and work with other teams to improve the accuracy of the alerts. ✔Document, investigate, and notify appropriate contact for security events and response. ✔Collaborate with technical teams for security incident remediation and communication. ✔Conduct security research on threats and remediation methods. ✔Prepares system security reports by collecting, analyzing, and summarizing data and trends; presents reporting for management review. ✔This role focuses heavily on the review and triage of events but will also need to know how to design and implement correlation searches to respond to changes in the environment and reduce false positives. We offer some GREAT benefits👌 Let me know if you are interested or know someone who might be! PS: Feel free to share 😉 #vacante #hibrido #splunk #desarrollo #monitoreo #share #empleosti #reclutamiento #vacantes #IT #banco #manager #openposition #mexico

#hiring #hiringalerts #marketresearch #connections #Urgenthiring for #SOC-L3 Location - #NOIDA ( Work from office shift duty - 24/7 support) Security Engineers – (#SIEM/ #SOAR/ #UEBA) Education Criteria : Any BE/B.Tech/BCA/MCA Primary Skills - #NetworkSecurity, End point security,Threat intelligence #SOARintegration, #SOARplaybook creation Secondary Skills : #SIEM/ #Qradar Desired Skills:- Monitor console & dashboards of in scope solutions and provide response to the reported incidents. Perform initial analysis for known issues and provide the appropriate recommendations for closure. Integrate new devices procured by client during the contract period with #SOAR for logging and alerting Ensure compliance to Service Level Agreements (#SLA), process adherence and process improvements to achieve operational objectives and mitigate threats Monitor & Reporting of system components health and take necessary action in case of any observed issue. Provide notification and communication with Incident management and respective application team upon threat detection. Maintain the suitable architecture of the supplied solution Monitoring and coordination of SOC standard activities like backup, patching etc. Perform analysis on the reported incidents, determine the root cause, and recommend appropriate solution. Triage incidents based on an agreed threat matrix Provide necessary support during the Forensics investigation and threat hunting Hunt for security threats, identify threat actor groups and their techniques, tools and processes Perform analysis of security incidents for further enhancement of rules, reports, AI/ML models Using knowledge of the current threat landscape, threat actor techniques, and the internal network, analyze log data to detect active threats within the network. Build, document and maintain a comprehensive model of relevant threats to Client Proactively identify potential threat vectors and work with client Security team to improve prevention and detection methods. Identify and propose automated alerts for new and previously unknown threats. Detection of cyber-attack, analysis of the attack and remedial action as per SLAs. Develop up-to 35 parsing rules if required for any non-standard logs during the entire contract period. Creating custom playbooks as per client requirement. Plan & table all Request for Changes (RFCs) for a Change Advisory Board (CAB) meeting, issues an agenda and circulates all requests for changes to Change Advisory Board members in advance of meetings to allow prior consideration Participate in all CAB and ECAB meetings - Anticipated business risk etc Interested Candidates can share resume at pooja.s@growelsoftech.com Growel Softech Ltd

Hello Everyone, We are #Hiring for #Helpdesk_2 with our direct clients in #Lansing, #MI (#Onsite). Anyone #Interested please Share your updated resume to darren@arohatechnologies.com Job Description : Responsibility: · This position will be fully on – site with no remote work option and is responsible for initiating Incidents for Client's Critical Business Functions · Manages Medium, High, and Critical Incidents, including triage and assessment of impacted systems · Escalates Incidents to tier II for Major Incident investigation · Notifies and escalates to support teams using Standard Operating Procedure (SOP) 12 · Sends Communications Matrix Notifications using SOP12-2 for High and Critical Incidents · Monitors server and network system monitoring tools and responds appropriately to alarms · Monitor the environmental equipment (Generators, UPS, PDU, Air Conditioning and buildings water supply) to ensure their proper operation · Complete documentation of how the problem/issue was uncovered, who it affected, and the steps taken up to and including the final solution · Monitor the security equipment and situations to ensure their proper operations and report all issues/irregularities to the proper organizations/persons · Track and monitor security concerns · Complete documentation of how the issue/irregularity was uncovered, who it affected, and the steps taken up to and including the final solution · Monitors system resources (e.g: processor, memory and input/output) to ensure that Service Level Agreement performance criteria are met and that system resources are not being over-utilized by one customer · Opens trouble tickets and assign to the appropriate support group · Grants physical access to hosting centers both locally and remotely · Administers established security policy for physical access to the (2) Hosting Centers · Executes programs and jobs on the mainframe computers utilizing an operator display terminal · Controls production utilizing Automated Scheduling Systems to ensure that jobs are completed in the time required by the customers · Responsible for tape library functions including pulling and hanging tapes for production, test batch processing, managing off-site storage and logging user input tapes as needed · Prepares and submits status reports detailing system operations · Reads, comprehends, and complies with email messages in timely basis · Uses communications tools appropriately to receive and disburse information · Answers and makes phone calls as necessary · Communicates statuses using tools such as trouble tickets, status boards, broadcast messages and status reports · Reviews the Change Management Forward Schedule of Change and updates Requests for Changes (RFCs) as needed, when requested by the change builders #Jobs #Helpdesk #W2 #C2C #RFC #Lansing #MI #Long_Term_Contract

Kindly Share Resumes to kmahesh@conduitcs.com Job title: -Cybersecurity Architect Location: - Frisco, TX or Seattle, WA (Day 1 onsite with no flexibility) Client : HCL NOTE:- Make sure that the candidate should have mandate skills set. Designing & implementing preventive security, Defender policies Implementing threat-hunting & threat-management using Sentinel, ADX, LogAnalytics Enable Threat Problem Management   Looking for someone who can help develop our threat detection and threat management capabilities for our cloud landscape (Azure, AWS, GCP). This person should be able to lead design and development of threat detection/hunting solutions, threat management solutions and cloud-provider-native features/products. This person should be able to guide and enable team to deliver on preventative security and pre-emptive mitigations.   This person will need to be hands-on with actual experience building and operating threat-detection & threat-management practice in a production environment.   Designing & implementing preventive security, Defender policies Implementing threat-hunting & threat-management using Sentinel, ADX, LogAnalytics Designing & implementing and operating security incident management process & platform as part of threat management Designing & implementing preventative policies, runbooks/SOPs for resolution, automated resolution framework, and enforcement solutions Enable Threat Problem Management: Aligning other parts of security domain (IDM, IAM, Data security, etc.) with detected/discovered threats or security incidents to ensure shift-left in threat management. Designing & implementing infra-authentication & authorization, infrastructure automation (infra-as-code, gitops), config management Designing & implementing policies for data encryption, data access, DB logging, data retention Designing & implementing for secrets & key management, auto log enablement, log aggregation for DLP/SIEM   Our platform of choice for most of SIEM/SOAR capability development is Azure; hence that is the area of expertise we will be interested in. #C2C #w2 #cybersecurity #vendorlist #vendors #employers #USA #Texas

#hiring *Senior Info Sec Analyst (Enforce Developer)*, Charlotte, *United States*, contract #opentowork #jobs #jobseekers #careers #Charlottejobs #NorthCarolinajobs #Engineering *Apply*: https://lnkd.in/eHZQ78DR Title: Information Security Analyst Location: Charlotte, NC; Irving, TX; Chandler, AZ Duration: 12 Months Group's responsibility/Current Project and Timeline: This group sits within Cyber Security and is responsible Defense Monitoring and DLP(Data Loss Prevention). This group is looking to bring on a number of resources tied to specific Data Loss Prevention initiatives throughout organization. Organizations use multiple tools for Data Loss Prevention, our client uses Broadcom (who bought Symantic)- specifically, Enforce Server as the central management platform that enables you to define, deploy, and enforce data loss prevention and security policies. The Ideal candidate will be an Enforce Developer who will be reviewing/configuring policy. What are the day to day responsibilities? DLP rule writer experience, preferably with Broadcom Symantec Enforce v16.0. including RegEx and source code scripting. Should be familiar with the Jira/Agile/Product Model, and Service Now. What are the top 3 must have skills? 3+ years of Enforce Developer experience (Version does not matter but a ton of people are on 15- they are on 16.0) a ton of people on 15 Someone who can own taking directions(code Is business configuration or RegEx or Source Code scripting)- could find people writing for it into sematic DLP Should be able to define solutions to the LOB and if it is a new policy rollout they will be owning the presentation piece and communication ServiceNow- how this works from a change perspective- can look through it- have to be a user Jira/Agile/Product- managing efforts in there-should be familiar with how it works About ManpowerGroup, Parent Company of: Manpower, Experis, Talent Solutions, and Jefferson Wells ManpowerGroup (NYSE: MAN), the leading global workforce solutions company, helps organizations transform in a fast-changing world of work by sourcing, assessing, developing, and managing the talent that enables them to win. We develop innovative solutions for hundreds of thousands of organizations every year, providing them with skilled talent while finding meaningful, sustainable employment for millions of people across a wide range of industries and skills. Our expert family of brands - Manpower, Experis, Talent Solutions, and Jefferson Wells - creates substantial value for candidates and clients across more than 75 countries and territories and has done so for over 70 years. We are recognized consistently for our diversity - as a best place to work for Women, Inclusion, Equality and Disability and in 2022 ManpowerGroup was named one of the World's Most Ethical Companies for the 13th year - all confirming our position as the brand of choi

#Immediate_Hiring Hello Professionals, Please Find Below Mentioned Requirement and Share Profiles To my Email ID:- aashish@yochana.com Job title: -Cybersecurity Architect Location: - 1) Frisco, TX (Day 1 onsite) 2) Seattle, WA (Day 1 onsite) EXP:- 11+ Years NOTE:- Make sure that the candidate should have mandate skills set. ·        Designing & implementing preventive security, Defender policies ·        Implementing threat-hunting & threat-management using Sentinel, ADX, Log Analytics ·        Enable Threat Problem Management ·        Azure sentinel ·        Automation ·        Deployment ·        Can runbooks in Azure   Looking for someone who can help develop our threat detection and threat management capabilities for our cloud landscape (Azure, AWS, GCP). This person should be able to lead design and development of threat detection/hunting solutions, threat management solutions and cloud-provider-native features/products. This person should be able to guide and enable team to deliver on preventative security and pre-emptive mitigations.   This person will need to be hands-on with actual experience building and operating threat-detection & threat-management practice in a production environment.   ·        Designing & implementing preventive security, Defender policies ·        Implementing threat-hunting & threat-management using Sentinel, ADX, Log Analytics ·        Designing & implementing and operating security incident management process & platform as part of threat management ·        Designing & implementing preventative policies, runbooks/SOPs for resolution, automated resolution framework, and enforcement solutions ·        Enable Threat Problem Management: Aligning other parts of security domain (IDM, IAM, Data security, etc.) with detected/discovered threats or security incidents to ensure shift-left in threat management. o   Designing & implementing infra-authentication & authorization, infrastructure automation (infra-as-code, gitops), config management o   Designing & implementing policies for data encryption, data access, DB logging, data retention o   Designing & implementing for secrets & key management, auto log enablement, log aggregation for DLP/SIEM   Our platform of choice for most of SIEM/SOAR capability development is Azure; hence that is the area of expertise we will be interested in. #Hiring #CyberSecurity #Architect #C2C #Corp2Corp

CGI is Hiring!!!! Please DM me your resume if you are interested. Role: SentinelOne Administrator Designation: SSE \ LA (Senior Systems Engineer \ Lead Analyst) Experience: 5-10 Years Job Description: 1. Hands-on experiences with SentinelOne EDR administration, Configuration, and management of solutions 2. Experience with policy tuning, customization, implementation of best practices, determine specific value driven use cases, and fully integrate the solution into the environment. 3. Understanding of MITRE ATT&CK and NIST Cyber Security Frameworks standards and requirements and ability to apply them to an enterprise environment 4. Investigating the root cause of suspicious threats and analyzing the global threats in environment and implement the preventive strategies 5. Monitor and Analyze Sentinel One EDR version compliance 6. Monitor events and alerts to understand the files, processes and applications used in the environment to allow or block them with necessary approvals from Stakeholders to avoid unwanted software executions (includes adware, unlicensed software, freeware, etc.) 7. Prepare and Update Configuration and Operational Documents 8. In-depth understanding of Windows operating systems and general knowledge of Unix, Linux operating systems 9. Incident, Service Request and Change Management 10.Quarterly review of Sentinel One EDR policies to validate and clean up unwanted or unused policies as part of policy management.