Home › Companies › Ejgk Fa Em2 Oraclecloud Com CX 3001 › Cyber_MS_KDNI-MDR - Consultant
Cyber_MS_KDNI-MDR - Consultant
Ejgk Fa Em2 Oraclecloud Com CX 3001 · Gurgaon-KGS, Gurugram, Haryana, IN · Active · Oracle Recruiting Cloud / Fusion HCM
Job facts
| Field | Value |
|---|---|
| Company | Ejgk Fa Em2 Oraclecloud Com CX 3001 |
| Title | Cyber_MS_KDNI-MDR - Consultant |
| Normalized title | - |
| Department / team | - |
| Location | Haryana, IN, United States |
| Work model | - |
| Employment type | Full Time |
| Salary | - |
| Status | active |
| ATS provider | Oracle Recruiting Cloud / Fusion HCM |
| Posted / first seen | 2026-03-02 / 2026-05-31 |
| Changed / last seen | 2026-06-03 / 2026-06-21 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Ejgk Fa Em2 Oraclecloud Com CX 3001. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through Oracle Recruiting Cloud / Fusion HCM. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| City jobs | Active postings in Haryana. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Ejgk Fa Em2 Oraclecloud Com CX 3001 |
| Source | 3e96ffc1-1635-4bd0-82bd-25dd71399682 |
| ATS provider | Oracle Recruiting Cloud / Fusion HCM |
Description
Description
Function: MDR Response Team
Position: Level 2 Consultant
Location: Bangalore
The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office.
Note : Candidate must be willing to Work from Office only ( Bangalore Location) & willing to do 24x7 rotational shift (Mandatory requirement for this role)
You will be working as a consultant in KPMG’s expanding Security Operations practice.
As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders.
The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization.
Be able to drive client calls & discussions on day-to-day basis and/or address operational issues
You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry.
You will be working in a dynamic environment and engage with leading companies around the world.
Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to:
Firewalls
Systems and Network Devices
Web Proxies
Intrusion Detection/Prevention Systems
Data Loss Prevention
EDR / Antivirus Systems
Knowledgebase Framework (Confluence)
Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including:
SIEM alert queue
Security email inbox
Intel feeds via email and other sources (e.g. NH-ISAC)
Incident Ticketing queue (IT Security group)
Roles & Responsibilities:
Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context
Performing triage of service requests from customers and internal teams
Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation
Assist with containment of threats and remediation of environment during or after an incident
Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers
Document event analysis and write comprehensive reports of incident investigations
Proactively improve security-related operational processes and procedures
Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools
Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis
Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs
Conduct research and document events of interest within the scope of IT Security
Hands-on experience in a Security Operations Centre
Alternatively, consulting, or advisory experience in Security Operations
Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression.
Validate IOCs that triggered the original alert.
Research additional internal and external data sources for additional enrichment of event information
Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident.
Create filters, data monitors, dashboards, and reports within monitoring utilities.
Troubleshoot security monitoring devices to improve event correlation and performance.
Handle high and critical severity incidents as described in the operations playbook.
Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing
In-depth knowledge of at least one SIEM platform or security data lake and related processes
Knowledge of various security tools, their functions, and comparisons
Knowledge of network and cloud security fundamentals
Ability to explain complex technical concepts in business terms.
Extensive experience in report writing and presentation.
Strong, adaptable, and flexible work ethic
Good time management skills
Ability to work under pressure and priorities activities.
Required skills:
5+ years of technical experience in Information Security
Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree
Good communication skills and the ability to drive & lead client calls
Knowledge of security best practices and concepts
Organized, responsive, and thorough problem-solving and analytical skills.
Strong communication, interpersonal and presentation skills
Keen cyber threat-landscape interest and awareness
Previous experience in cyber project management
Part of a large transformation and implementation project
Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool.
Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool
Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools.
Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.)
Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies
Knowledge of Windows, Unix-based systems, architectures, and network security devices
Must have a solid understanding of information technology, information security domains.
Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations.
Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc.,
Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification.
Responsibilities
Function: MDR Response Team
Position: Level 2 Consultant
Location: Bangalore
The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office.
Note : Candidate must be willing to Work from Office only ( Bangalore Location) & willing to do 24x7 rotational shift (Mandatory requirement for this role)
You will be working as a consultant in KPMG’s expanding Security Operations practice.
As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders.
The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization.
Be able to drive client calls & discussions on day-to-day basis and/or address operational issues
You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry.
You will be working in a dynamic environment and engage with leading companies around the world.
Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to:
Firewalls
Systems and Network Devices
Web Proxies
Intrusion Detection/Prevention Systems
Data Loss Prevention
EDR / Antivirus Systems
Knowledgebase Framework (Confluence)
Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including:
SIEM alert queue
Security email inbox
Intel feeds via email and other sources (e.g. NH-ISAC)
Incident Ticketing queue (IT Security group)
Roles & Responsibilities:
Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context
Performing triage of service requests from customers and internal teams
Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation
Assist with containment of threats and remediation of environment during or after an incident
Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers
Document event analysis and write comprehensive reports of incident investigations
Proactively improve security-related operational processes and procedures
Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools
Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis
Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs
Conduct research and document events of interest within the scope of IT Security
Hands-on experience in a Security Operations Centre
Alternatively, consulting, or advisory experience in Security Operations
Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression.
Validate IOCs that triggered the original alert.
Research additional internal and external data sources for additional enrichment of event information
Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident.
Create filters, data monitors, dashboards, and reports within monitoring utilities.
Troubleshoot security monitoring devices to improve event correlation and performance.
Handle high and critical severity incidents as described in the operations playbook.
Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing
In-depth knowledge of at least one SIEM platform or security data lake and related processes
Knowledge of various security tools, their functions, and comparisons
Knowledge of network and cloud security fundamentals
Ability to explain complex technical concepts in business terms.
Extensive experience in report writing and presentation.
Strong, adaptable, and flexible work ethic
Good time management skills
Ability to work under pressure and priorities activities.
Required skills:
5+ years of technical experience in Information Security
Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree
Good communication skills and the ability to drive & lead client calls
Knowledge of security best practices and concepts
Organized, responsive, and thorough problem-solving and analytical skills.
Strong communication, interpersonal and presentation skills
Keen cyber threat-landscape interest and awareness
Previous experience in cyber project management
Part of a large transformation and implementation project
Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool.
Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool
Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools.
Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.)
Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies
Knowledge of Windows, Unix-based systems, architectures, and network security devices
Must have a solid understanding of information technology, information security domains.
Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations.
Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc.,
Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification.
Qualifications
Function: MDR Response Team
Position: Level 2 Consultant
Location: Bangalore
The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office.
Note : Candidate must be willing to Work from Office only ( Bangalore Location) & willing to do 24x7 rotational shift (Mandatory requirement for this role)
You will be working as a consultant in KPMG’s expanding Security Operations practice.
As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders.
The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization.
Be able to drive client calls & discussions on day-to-day basis and/or address operational issues
You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry.
You will be working in a dynamic environment and engage with leading companies around the world.
Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to:
Firewalls
Systems and Network Devices
Web Proxies
Intrusion Detection/Prevention Systems
Data Loss Prevention
EDR / Antivirus Systems
Knowledgebase Framework (Confluence)
Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including:
SIEM alert queue
Security email inbox
Intel feeds via email and other sources (e.g. NH-ISAC)
Incident Ticketing queue (IT Security group)
Roles & Responsibilities:
Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context
Performing triage of service requests from customers and internal teams
Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation
Assist with containment of threats and remediation of environment during or after an incident
Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers
Document event analysis and write comprehensive reports of incident investigations
Proactively improve security-related operational processes and procedures
Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools
Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis
Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs
Conduct research and document events of interest within the scope of IT Security
Hands-on experience in a Security Operations Centre
Alternatively, consulting, or advisory experience in Security Operations
Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression.
Validate IOCs that triggered the original alert.
Research additional internal and external data sources for additional enrichment of event information
Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident.
Create filters, data monitors, dashboards, and reports within monitoring utilities.
Troubleshoot security monitoring devices to improve event correlation and performance.
Handle high and critical severity incidents as described in the operations playbook.
Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing
In-depth knowledge of at least one SIEM platform or security data lake and related processes
Knowledge of various security tools, their functions, and comparisons
Knowledge of network and cloud security fundamentals
Ability to explain complex technical concepts in business terms.
Extensive experience in report writing and presentation.
Strong, adaptable, and flexible work ethic
Good time management skills
Ability to work under pressure and priorities activities.
Required skills:
5+ years of technical experience in Information Security
Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree
Good communication skills and the ability to drive & lead client calls
Knowledge of security best practices and concepts
Organized, responsive, and thorough problem-solving and analytical skills.
Strong communication, interpersonal and presentation skills
Keen cyber threat-landscape interest and awareness
Previous experience in cyber project management
Part of a large transformation and implementation project
Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool.
Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool
Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools.
Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.)
Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies
Knowledge of Windows, Unix-based systems, architectures, and network security devices
Must have a solid understanding of information technology, information security domains.
Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations.
Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc.,
Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification.
Full job record
| Job ID | f21c92d36b47fd04b8520d622c25a98222287950 |
| Org ID | 9e54c86f-8c2b-4681-942c-a58d7d4a1b9e |
| Source ID | 3e96ffc1-1635-4bd0-82bd-25dd71399682 |
| Board ID | 3e96ffc1-1635-4bd0-82bd-25dd71399682 |
| Provider | oracle_hcm |
| Provider Job Key | 30035194 |
| Title | Cyber_MS_KDNI-MDR - Consultant |
| Normalized Title | — |
| Status | active |
| Active | yes |
| Location Text | Gurgaon-KGS, Gurugram, Haryana, IN |
| Department | — |
| Team | — |
| Employment Type | full_time |
| Workplace Type | — |
| Remote Policy | — |
| Country | United States |
| Region | IN |
| City | Haryana |
| Salary Raw | Description Function: MDR Response Team Position: Level 2 Consultant Location: Bangalore The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office. Note : Candidate must be willing to Work from Office only ( Bangalore Location) & willing to do 24x7 rotational shift (Mandatory requirement for this role) You will be working as a consultant in KPMG’s expanding Security Operations practice. As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders. The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization. Be able to drive client calls & discussions on day-to-day basis and/or address operational issues You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry. You will be working in a dynamic environment and engage with leading companies around the world. Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to: Firewalls Systems and Network Devices Web Proxies Intrusion Detection/Prevention Systems Data Loss Prevention EDR / Antivirus Systems Knowledgebase Framework (Confluence) Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including: SIEM alert queue Security email inbox Intel feeds via email and other sources (e.g. NH-ISAC) Incident Ticketing queue (IT Security group) Roles & Responsibilities: Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context Performing triage of service requests from customers and internal teams Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation Assist with containment of threats and remediation of environment during or after an incident Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers Document event analysis and write comprehensive reports of incident investigations Proactively improve security-related operational processes and procedures Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs Conduct research and document events of interest within the scope of IT Security Hands-on experience in a Security Operations Centre Alternatively, consulting, or advisory experience in Security Operations Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression. Validate IOCs that triggered the original alert. Research additional internal and external data sources for additional enrichment of event information Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident. Create filters, data monitors, dashboards, and reports within monitoring utilities. Troubleshoot security monitoring devices to improve event correlation and performance. Handle high and critical severity incidents as described in the operations playbook. Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing In-depth knowledge of at least one SIEM platform or security data lake and related processes Knowledge of various security tools, their functions, and comparisons Knowledge of network and cloud security fundamentals Ability to explain complex technical concepts in business terms. Extensive experience in report writing and presentation. Strong, adaptable, and flexible work ethic Good time management skills Ability to work under pressure and priorities activities. Required skills: 5+ years of technical experience in Information Security Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree Good communication skills and the ability to drive & lead client calls Knowledge of security best practices and concepts Organized, responsive, and thorough problem-solving and analytical skills. Strong communication, interpersonal and presentation skills Keen cyber threat-landscape interest and awareness Previous experience in cyber project management Part of a large transformation and implementation project Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool. Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools. Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.) Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies Knowledge of Windows, Unix-based systems, architectures, and network security devices Must have a solid understanding of information technology, information security domains. Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations. Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc., Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification. Responsibilities Function: MDR Response Team Position: Level 2 Consultant Location: Bangalore The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office. Note : Candidate must be willing to Work from Office only ( Bangalore Location) & willing to do 24x7 rotational shift (Mandatory requirement for this role) You will be working as a consultant in KPMG’s expanding Security Operations practice. As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders. The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization. Be able to drive client calls & discussions on day-to-day basis and/or address operational issues You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry. You will be working in a dynamic environment and engage with leading companies around the world. Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to: Firewalls Systems and Network Devices Web Proxies Intrusion Detection/Prevention Systems Data Loss Prevention EDR / Antivirus Systems Knowledgebase Framework (Confluence) Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including: SIEM alert queue Security email inbox Intel feeds via email and other sources (e.g. NH-ISAC) Incident Ticketing queue (IT Security group) Roles & Responsibilities: Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context Performing triage of service requests from customers and internal teams Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation Assist with containment of threats and remediation of environment during or after an incident Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers Document event analysis and write comprehensive reports of incident investigations Proactively improve security-related operational processes and procedures Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs Conduct research and document events of interest within the scope of IT Security Hands-on experience in a Security Operations Centre Alternatively, consulting, or advisory experience in Security Operations Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression. Validate IOCs that triggered the original alert. Research additional internal and external data sources for additional enrichment of event information Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident. Create filters, data monitors, dashboards, and reports within monitoring utilities. Troubleshoot security monitoring devices to improve event correlation and performance. Handle high and critical severity incidents as described in the operations playbook. Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing In-depth knowledge of at least one SIEM platform or security data lake and related processes Knowledge of various security tools, their functions, and comparisons Knowledge of network and cloud security fundamentals Ability to explain complex technical concepts in business terms. Extensive experience in report writing and presentation. Strong, adaptable, and flexible work ethic Good time management skills Ability to work under pressure and priorities activities. Required skills: 5+ years of technical experience in Information Security Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree Good communication skills and the ability to drive & lead client calls Knowledge of security best practices and concepts Organized, responsive, and thorough problem-solving and analytical skills. Strong communication, interpersonal and presentation skills Keen cyber threat-landscape interest and awareness Previous experience in cyber project management Part of a large transformation and implementation project Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool. Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools. Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.) Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies Knowledge of Windows, Unix-based systems, architectures, and network security devices Must have a solid understanding of information technology, information security domains. Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations. Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc., Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification. Qualifications Function: MDR Response Team Position: Level 2 Consultant Location: Bangalore The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office. Note : Candidate must be willing to Work from Office only ( Bangalore Location) & willing to do 24x7 rotational shift (Mandatory requirement for this role) You will be working as a consultant in KPMG’s expanding Security Operations practice. As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders. The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization. Be able to drive client calls & discussions on day-to-day basis and/or address operational issues You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry. You will be working in a dynamic environment and engage with leading companies around the world. Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to: Firewalls Systems and Network Devices Web Proxies Intrusion Detection/Prevention Systems Data Loss Prevention EDR / Antivirus Systems Knowledgebase Framework (Confluence) Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including: SIEM alert queue Security email inbox Intel feeds via email and other sources (e.g. NH-ISAC) Incident Ticketing queue (IT Security group) Roles & Responsibilities: Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context Performing triage of service requests from customers and internal teams Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation Assist with containment of threats and remediation of environment during or after an incident Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers Document event analysis and write comprehensive reports of incident investigations Proactively improve security-related operational processes and procedures Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs Conduct research and document events of interest within the scope of IT Security Hands-on experience in a Security Operations Centre Alternatively, consulting, or advisory experience in Security Operations Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression. Validate IOCs that triggered the original alert. Research additional internal and external data sources for additional enrichment of event information Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident. Create filters, data monitors, dashboards, and reports within monitoring utilities. Troubleshoot security monitoring devices to improve event correlation and performance. Handle high and critical severity incidents as described in the operations playbook. Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing In-depth knowledge of at least one SIEM platform or security data lake and related processes Knowledge of various security tools, their functions, and comparisons Knowledge of network and cloud security fundamentals Ability to explain complex technical concepts in business terms. Extensive experience in report writing and presentation. Strong, adaptable, and flexible work ethic Good time management skills Ability to work under pressure and priorities activities. Required skills: 5+ years of technical experience in Information Security Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree Good communication skills and the ability to drive & lead client calls Knowledge of security best practices and concepts Organized, responsive, and thorough problem-solving and analytical skills. Strong communication, interpersonal and presentation skills Keen cyber threat-landscape interest and awareness Previous experience in cyber project management Part of a large transformation and implementation project Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool. Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools. Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.) Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies Knowledge of Windows, Unix-based systems, architectures, and network security devices Must have a solid understanding of information technology, information security domains. Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations. Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc., Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification. |
| Salary Min | — |
| Salary Max | — |
| Salary Currency | — |
| Salary Period | day |
| Source URL | https://ejgk.fa.em2.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_3001/job/30035194 |
| Apply URL | https://ejgk.fa.em2.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_3001/job/30035194 |
| First Seen At | 2026-05-31 18:01:08Z |
| Last Seen At | 2026-06-21 12:04:23Z |
| Last Checked At | 2026-06-21 12:04:23Z |
| Last Changed At | 2026-06-03 11:20:20Z |
| Inactive At | — |
| Source Posted At | 2026-03-02 08:06:29Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=oracle_hcm/board=ejgk.fa.em2.oraclecloud.com|CX_3001/date=2026-06-21/2026-06-21T12-04-16-442Z-c678efa3ef422c9de3faae07c40985ee4e8b53441bde24ec35b47e52505f129d.json |
Event Fields
{
"content_hash": "c78cf0a805d04adff3618b526e8b0a89dc02bcbe711d3ef08d08a88832219591",
"source_hash": "94e0261c5343b52eaa0d927c6bc182f2ff8695ae13287459aba5125afb5a060d",
"last_changed_at": "2026-06-03T11:20:20.906Z",
"active_status": "active"
}Parsed Structured
{
"dedupe": null,
"language": "en",
"location": {
"raw": "Gurgaon-KGS, Gurugram, Haryana, IN",
"city": "Haryana",
"region": "IN",
"country": "United States",
"is_remote": false,
"confidence": 0.9
},
"salary_max": null,
"salary_min": null,
"inferred_at": "2026-06-21T12:04:23.594Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en",
"location": {
"raw": "Gurgaon-KGS, Gurugram, Haryana, IN",
"city": "Haryana",
"region": "IN",
"country": "United States",
"is_remote": false,
"confidence": 0.9
},
"countries": [
"United States"
]
},
"remote_policy": null,
"salary_period": "day",
"workplace_type": null,
"salary_currency": null
}Extensions
{}Native Structured
{
"detail": {
"Id": "30035194",
"Title": "Cyber_MS_KDNI-MDR - Consultant",
"media": [],
"skills": [],
"JobType": null,
"Category": null,
"JobGrade": null,
"JobLevel": null,
"JobShift": null,
"WorkDays": null,
"WorkHours": null,
"WorkYears": null,
"Department": null,
"HotJobFlag": false,
"StudyLevel": "Graduation",
"WorkMonths": null,
"WorkerType": null,
"GeographyId": 300002240961169,
"JobFamilyId": null,
"JobFunction": null,
"JobSchedule": "Full time",
"BusinessUnit": null,
"ContractType": null,
"Organization": null,
"TrendingFlag": false,
"workLocation": [
{
"Country": "IN",
"Region1": null,
"Region2": "Haryana",
"Region3": null,
"Building": null,
"Latitude": "28.47894",
"Longitude": "77.09193",
"LocationId": 300000007677505,
"PostalCode": "122002",
"TownOrCity": "Gurugram",
"AddressLine1": "KGS",
"AddressLine2": null,
"AddressLine3": null,
"AddressLine4": null,
"LocationName": "Gurgaon-KGS"
}
],
"ContentLocale": "en",
"HiringManager": null,
"LegalEmployer": null,
"RequisitionId": 300006388505138,
"WorkplaceType": "",
"BusinessUnitId": 300006168739567,
"OrganizationId": 300006217443132,
"GeographyNodeId": 300002241670230,
"JobFunctionCode": null,
"LegalEmployerId": 300006214458667,
"PrimaryLocation": "Bangalore, Karnataka, India",
"RequisitionType": "KGS Lateral - Full Term Employee",
"NumberOfOpenings": null,
"WorkplaceTypeCode": null,
"BeFirstToApplyFlag": false,
"otherWorkLocations": [],
"secondaryLocations": [
{
"Name": "Pune, Maharashtra, India",
"Latitude": "18.50423",
"Longitude": "73.85286",
"CountryCode": "IN",
"GeographyId": 300002240957224,
"GeographyNodeId": 300002241670240,
"RequisitionLocationId": 300006388505144
}
],
"ExternalContactName": null,
"ShortDescriptionStr": "",
"ExternalContactEmail": null,
"ExternalPostedEndDate": null,
"OtherRequisitionTitle": null,
"requisitionFlexFields": [],
"ApplyWhenNotPostedFlag": false,
"DomesticTravelRequired": null,
"ExternalDescriptionStr": "<p style=\"margin-left:0in;\">Function: <strong>MDR Response Team</strong></p>\n<p>Position: Level 2 Consultant</p>\n<p>Location: Bangalore</p>\n<p> </p>\n<p>The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office.</p>\n<p><br/><strong>Note</strong>: Candidate must be willing to Work from Office only (<strong>Bangalore </strong>Location) & willing to do<strong> 24x7 </strong>rotational shift (Mandatory requirement for this role)</p>\n<ul>\n <li>You will be working as a consultant in KPMG’s expanding Security Operations practice.</li>\n <li>As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders.</li>\n <li>The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization.</li>\n <li>Be able to drive client calls & discussions on day-to-day basis and/or address operational issues</li>\n <li>You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry.</li>\n <li>You will be working in a dynamic environment and engage with leading companies around the world.</li>\n <li>Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to:\n <ol>\n <li>Firewalls</li>\n <li>Systems and Network Devices</li>\n <li>Web Proxies</li>\n <li>Intrusion Detection/Prevention Systems</li>\n <li>Data Loss Prevention</li>\n <li>EDR / Antivirus Systems</li>\n <li>Knowledgebase Framework (Confluence)</li>\n </ol></li>\n <li>Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including:</li>\n <li>SIEM alert queue</li>\n <li>Security email inbox</li>\n <li>Intel feeds via email and other sources (e.g. NH-ISAC)</li>\n <li>Incident Ticketing queue (IT Security group)</li>\n</ul>\n<p> </p>\n<p> </p>\n<p> </p>\n<p> </p>\n<p><strong><u>Roles & Responsibilities:</u></strong></p>\n<ul>\n <li>Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context </li>\n <li>Performing triage of service requests from customers and internal teams</li>\n <li>Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation</li>\n <li>Assist with containment of threats and remediation of environment during or after an incident</li>\n <li>Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers</li>\n <li>Document event analysis and write comprehensive reports of incident investigations</li>\n <li>Proactively improve security-related operational processes and procedures</li>\n <li>Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools</li>\n <li>Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis</li>\n <li>Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs</li>\n <li>Conduct research and document events of interest within the scope of IT Security</li>\n <li>Hands-on experience in a <strong>Security Operations Centre</strong></li>\n <li>Alternatively, consulting, or advisory experience in Security Operations</li>\n <li>Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression.</li>\n <li>Validate IOCs that triggered the original alert.</li>\n <li>Research additional internal and external data sources for additional enrichment of event information</li>\n <li>Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident.</li>\n <li>Create filters, data monitors, dashboards, and reports within monitoring utilities.</li>\n <li>Troubleshoot security monitoring devices to improve event correlation and performance.</li>\n <li>Handle high and critical severity incidents as described in the operations playbook. </li>\n <li>Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing</li>\n <li>In-depth knowledge of at least one SIEM platform or security data lake and related processes</li>\n <li>Knowledge of various security tools, their functions, and comparisons</li>\n <li>Knowledge of network and cloud security fundamentals</li>\n <li>Ability to explain complex technical concepts in business terms.</li>\n <li>Extensive experience in report writing and presentation.</li>\n <li>Strong, adaptable, and flexible work ethic</li>\n <li>Good time management skills</li>\n <li>Ability to work under pressure and priorities activities.</li>\n</ul>\n<p><strong>Required skills:</strong></p>\n<ul>\n <li>5+ years of technical experience in Information Security</li>\n <li>Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree</li>\n <li>Good communication skills and the ability to drive & lead client calls</li>\n <li>Knowledge of security best practices and concepts</li>\n <li>Organized, responsive, and thorough problem-solving and analytical skills.</li>\n <li>Strong communication, interpersonal and presentation skills</li>\n <li>Keen cyber threat-landscape interest and awareness</li>\n <li>Previous experience in cyber project management</li>\n <li>Part of a large transformation and implementation project</li>\n <li>Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool.</li>\n <li>Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool</li>\n <li>Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools.</li>\n <li>Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.)</li>\n <li>Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies</li>\n <li>Knowledge of Windows, Unix-based systems, architectures, and network security devices</li>\n <li>Must have a solid understanding of information technology, information security domains.</li>\n <li>Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations.</li>\n <li>Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc.,</li>\n <li>Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification.</li>\n</ul>",
"ObjectVerNumberProfile": null,
"PrimaryLocationCountry": "IN",
"CorporateDescriptionStr": "",
"ExternalPostedStartDate": "2026-03-02T08:06:29+00:00",
"ExternalQualificationsStr": "<p style=\"margin-left:0in;\">Function: <strong>MDR Response Team</strong></p>\n<p>Position: Level 2 Consultant</p>\n<p>Location: Bangalore</p>\n<p> </p>\n<p>The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office.</p>\n<p><br/><strong>Note</strong>: Candidate must be willing to Work from Office only (<strong>Bangalore </strong>Location) & willing to do<strong> 24x7 </strong>rotational shift (Mandatory requirement for this role)</p>\n<ul>\n <li>You will be working as a consultant in KPMG’s expanding Security Operations practice.</li>\n <li>As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders.</li>\n <li>The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization.</li>\n <li>Be able to drive client calls & discussions on day-to-day basis and/or address operational issues</li>\n <li>You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry.</li>\n <li>You will be working in a dynamic environment and engage with leading companies around the world.</li>\n <li>Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to:\n <ol>\n <li>Firewalls</li>\n <li>Systems and Network Devices</li>\n <li>Web Proxies</li>\n <li>Intrusion Detection/Prevention Systems</li>\n <li>Data Loss Prevention</li>\n <li>EDR / Antivirus Systems</li>\n <li>Knowledgebase Framework (Confluence)</li>\n </ol></li>\n <li>Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including:</li>\n <li>SIEM alert queue</li>\n <li>Security email inbox</li>\n <li>Intel feeds via email and other sources (e.g. NH-ISAC)</li>\n <li>Incident Ticketing queue (IT Security group)</li>\n</ul>\n<p><strong><u>Roles & Responsibilities:</u></strong></p>\n<ul>\n <li>Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context </li>\n <li>Performing triage of service requests from customers and internal teams</li>\n <li>Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation</li>\n <li>Assist with containment of threats and remediation of environment during or after an incident</li>\n <li>Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers</li>\n <li>Document event analysis and write comprehensive reports of incident investigations</li>\n <li>Proactively improve security-related operational processes and procedures</li>\n <li>Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools</li>\n <li>Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis</li>\n <li>Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs</li>\n <li>Conduct research and document events of interest within the scope of IT Security</li>\n <li>Hands-on experience in a <strong>Security Operations Centre</strong></li>\n <li>Alternatively, consulting, or advisory experience in Security Operations</li>\n <li>Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression.</li>\n <li>Validate IOCs that triggered the original alert.</li>\n <li>Research additional internal and external data sources for additional enrichment of event information</li>\n <li>Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident.</li>\n <li>Create filters, data monitors, dashboards, and reports within monitoring utilities.</li>\n <li>Troubleshoot security monitoring devices to improve event correlation and performance.</li>\n <li>Handle high and critical severity incidents as described in the operations playbook. </li>\n <li>Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing</li>\n <li>In-depth knowledge of at least one SIEM platform or security data lake and related processes</li>\n <li>Knowledge of various security tools, their functions, and comparisons</li>\n <li>Knowledge of network and cloud security fundamentals</li>\n <li>Ability to explain complex technical concepts in business terms.</li>\n <li>Extensive experience in report writing and presentation.</li>\n <li>Strong, adaptable, and flexible work ethic</li>\n <li>Good time management skills</li>\n <li>Ability to work under pressure and priorities activities.</li>\n</ul>\n<p> </p>\n<p><strong>Required skills:</strong></p>\n<ul>\n <li>5+ years of technical experience in Information Security</li>\n <li>Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree</li>\n <li>Good communication skills and the ability to drive & lead client calls</li>\n <li>Knowledge of security best practices and concepts</li>\n <li>Organized, responsive, and thorough problem-solving and analytical skills.</li>\n <li>Strong communication, interpersonal and presentation skills</li>\n <li>Keen cyber threat-landscape interest and awareness</li>\n <li>Previous experience in cyber project management</li>\n <li>Part of a large transformation and implementation project</li>\n <li>Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool.</li>\n <li>Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool</li>\n <li>Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools.</li>\n <li>Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.)</li>\n <li>Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies</li>\n <li>Knowledge of Windows, Unix-based systems, architectures, and network security devices</li>\n <li>Must have a solid understanding of information technology, information security domains.</li>\n <li>Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations.</li>\n <li>Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc.,</li>\n <li>Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification.</li>\n</ul>",
"InternalQualificationsStr": "<p style=\"margin-left:0in;\">Function: <strong>MDR Response Team</strong></p>\n<p>Position: Level 2 Consultant</p>\n<p>Location: Bangalore</p>\n<p> </p>\n<p>The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office.</p>\n<p><br/><strong>Note</strong>: Candidate must be willing to Work from Office only (<strong>Bangalore </strong>Location) & willing to do<strong> 24x7 </strong>rotational shift (Mandatory requirement for this role)</p>\n<ul>\n <li>You will be working as a consultant in KPMG’s expanding Security Operations practice.</li>\n <li>As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders.</li>\n <li>The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization.</li>\n <li>Be able to drive client calls & discussions on day-to-day basis and/or address operational issues</li>\n <li>You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry.</li>\n <li>You will be working in a dynamic environment and engage with leading companies around the world.</li>\n <li>Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to:\n <ol>\n <li>Firewalls</li>\n <li>Systems and Network Devices</li>\n <li>Web Proxies</li>\n <li>Intrusion Detection/Prevention Systems</li>\n <li>Data Loss Prevention</li>\n <li>EDR / Antivirus Systems</li>\n <li>Knowledgebase Framework (Confluence)</li>\n </ol></li>\n <li>Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including:</li>\n <li>SIEM alert queue</li>\n <li>Security email inbox</li>\n <li>Intel feeds via email and other sources (e.g. NH-ISAC)</li>\n <li>Incident Ticketing queue (IT Security group)</li>\n</ul>\n<p><strong><u>Roles & Responsibilities:</u></strong></p>\n<ul>\n <li>Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context </li>\n <li>Performing triage of service requests from customers and internal teams</li>\n <li>Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation</li>\n <li>Assist with containment of threats and remediation of environment during or after an incident</li>\n <li>Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers</li>\n <li>Document event analysis and write comprehensive reports of incident investigations</li>\n <li>Proactively improve security-related operational processes and procedures</li>\n <li>Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools</li>\n <li>Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis</li>\n <li>Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs</li>\n <li>Conduct research and document events of interest within the scope of IT Security</li>\n <li>Hands-on experience in a <strong>Security Operations Centre</strong></li>\n <li>Alternatively, consulting, or advisory experience in Security Operations</li>\n <li>Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression.</li>\n <li>Validate IOCs that triggered the original alert.</li>\n <li>Research additional internal and external data sources for additional enrichment of event information</li>\n <li>Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident.</li>\n <li>Create filters, data monitors, dashboards, and reports within monitoring utilities.</li>\n <li>Troubleshoot security monitoring devices to improve event correlation and performance.</li>\n <li>Handle high and critical severity incidents as described in the operations playbook. </li>\n <li>Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing</li>\n <li>In-depth knowledge of at least one SIEM platform or security data lake and related processes</li>\n <li>Knowledge of various security tools, their functions, and comparisons</li>\n <li>Knowledge of network and cloud security fundamentals</li>\n <li>Ability to explain complex technical concepts in business terms.</li>\n <li>Extensive experience in report writing and presentation.</li>\n <li>Strong, adaptable, and flexible work ethic</li>\n <li>Good time management skills</li>\n <li>Ability to work under pressure and priorities activities.</li>\n</ul>\n<p> </p>\n<p><strong>Required skills:</strong></p>\n<ul>\n <li>5+ years of technical experience in Information Security</li>\n <li>Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree</li>\n <li>Good communication skills and the ability to drive & lead client calls</li>\n <li>Knowledge of security best practices and concepts</li>\n <li>Organized, responsive, and thorough problem-solving and analytical skills.</li>\n <li>Strong communication, interpersonal and presentation skills</li>\n <li>Keen cyber threat-landscape interest and awareness</li>\n <li>Previous experience in cyber project management</li>\n <li>Part of a large transformation and implementation project</li>\n <li>Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool.</li>\n <li>Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool</li>\n <li>Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools.</li>\n <li>Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.)</li>\n <li>Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies</li>\n <li>Knowledge of Windows, Unix-based systems, architectures, and network security devices</li>\n <li>Must have a solid understanding of information technology, information security domains.</li>\n <li>Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations.</li>\n <li>Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc.,</li>\n <li>Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification.</li>\n</ul>",
"OrganizationDescriptionStr": "",
"primaryLocationCoordinates": [
{
"Latitude": "12.96618",
"Longitude": "77.5869",
"CountryCode": "IN",
"GeographyId": 300002240961169,
"GeographyNodeId": 300002241670230
}
],
"ExternalResponsibilitiesStr": "<p style=\"margin-left:0in;\">Function: <strong>MDR Response Team</strong></p>\n<p>Position: Level 2 Consultant</p>\n<p>Location: Bangalore</p>\n<p> </p>\n<p>The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office.</p>\n<p><br/><strong>Note</strong>: Candidate must be willing to Work from Office only (<strong>Bangalore </strong>Location) & willing to do<strong> 24x7 </strong>rotational shift (Mandatory requirement for this role)</p>\n<ul>\n <li>You will be working as a consultant in KPMG’s expanding Security Operations practice.</li>\n <li>As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders.</li>\n <li>The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization.</li>\n <li>Be able to drive client calls & discussions on day-to-day basis and/or address operational issues</li>\n <li>You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry.</li>\n <li>You will be working in a dynamic environment and engage with leading companies around the world.</li>\n <li>Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to:\n <ol>\n <li>Firewalls</li>\n <li>Systems and Network Devices</li>\n <li>Web Proxies</li>\n <li>Intrusion Detection/Prevention Systems</li>\n <li>Data Loss Prevention</li>\n <li>EDR / Antivirus Systems</li>\n <li>Knowledgebase Framework (Confluence)</li>\n </ol></li>\n <li>Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including:</li>\n <li>SIEM alert queue</li>\n <li>Security email inbox</li>\n <li>Intel feeds via email and other sources (e.g. NH-ISAC)</li>\n <li>Incident Ticketing queue (IT Security group)</li>\n</ul>\n<p><strong><u>Roles & Responsibilities:</u></strong></p>\n<ul>\n <li>Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context </li>\n <li>Performing triage of service requests from customers and internal teams</li>\n <li>Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation</li>\n <li>Assist with containment of threats and remediation of environment during or after an incident</li>\n <li>Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers</li>\n <li>Document event analysis and write comprehensive reports of incident investigations</li>\n <li>Proactively improve security-related operational processes and procedures</li>\n <li>Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools</li>\n <li>Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis</li>\n <li>Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs</li>\n <li>Conduct research and document events of interest within the scope of IT Security</li>\n <li>Hands-on experience in a <strong>Security Operations Centre</strong></li>\n <li>Alternatively, consulting, or advisory experience in Security Operations</li>\n <li>Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression.</li>\n <li>Validate IOCs that triggered the original alert.</li>\n <li>Research additional internal and external data sources for additional enrichment of event information</li>\n <li>Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident.</li>\n <li>Create filters, data monitors, dashboards, and reports within monitoring utilities.</li>\n <li>Troubleshoot security monitoring devices to improve event correlation and performance.</li>\n <li>Handle high and critical severity incidents as described in the operations playbook. </li>\n <li>Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing</li>\n <li>In-depth knowledge of at least one SIEM platform or security data lake and related processes</li>\n <li>Knowledge of various security tools, their functions, and comparisons</li>\n <li>Knowledge of network and cloud security fundamentals</li>\n <li>Ability to explain complex technical concepts in business terms.</li>\n <li>Extensive experience in report writing and presentation.</li>\n <li>Strong, adaptable, and flexible work ethic</li>\n <li>Good time management skills</li>\n <li>Ability to work under pressure and priorities activities.</li>\n</ul>\n<p> </p>\n<p><strong>Required skills:</strong></p>\n<ul>\n <li>5+ years of technical experience in Information Security</li>\n <li>Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree</li>\n <li>Good communication skills and the ability to drive & lead client calls</li>\n <li>Knowledge of security best practices and concepts</li>\n <li>Organized, responsive, and thorough problem-solving and analytical skills.</li>\n <li>Strong communication, interpersonal and presentation skills</li>\n <li>Keen cyber threat-landscape interest and awareness</li>\n <li>Previous experience in cyber project management</li>\n <li>Part of a large transformation and implementation project</li>\n <li>Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool.</li>\n <li>Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool</li>\n <li>Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools.</li>\n <li>Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.)</li>\n <li>Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies</li>\n <li>Knowledge of Windows, Unix-based systems, architectures, and network security devices</li>\n <li>Must have a solid understanding of information technology, information security domains.</li>\n <li>Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations.</li>\n <li>Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc.,</li>\n <li>Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification.</li>\n</ul>",
"InternalResponsibilitiesStr": "<p style=\"margin-left:0in;\">Function: <strong>MDR Response Team</strong></p>\n<p>Position: Level 2 Consultant</p>\n<p>Location: Bangalore</p>\n<p> </p>\n<p>The primary role of a Security Analyst (L2) is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, these analysts will be responsible for monitoring the SIEM tools for security events and closing or escalating those events as necessary. Security Analysts maintain the group email address and distribution lists, answer the main phone lines, and update all relevant documentation such as shift logs and tickets. Additionally, assist the MDR Analyst in an incident workflow and assist the MDR team in incident detection, remediation and communicate with external teams in proper incident resolution. We are currently seeking a Senior Security Associate for our KPMG Managed Services (Spectrum) practice to join us in our Bangalore office.</p>\n<p><br/><strong>Note</strong>: Candidate must be willing to Work from Office only (<strong>Bangalore </strong>Location) & willing to do<strong> 24x7 </strong>rotational shift (Mandatory requirement for this role)</p>\n<ul>\n <li>You will be working as a consultant in KPMG’s expanding Security Operations practice.</li>\n <li>As a Security Operations consultant, you will help our clients in solving some of the key challenges faced by security operations leaders.</li>\n <li>The work would involve advising our clients on Security Operations Strategy, Design, Maturity Assessment, and Optimization.</li>\n <li>Be able to drive client calls & discussions on day-to-day basis and/or address operational issues</li>\n <li>You will get a chance to learn new skills, certifications, and work with some of our key alliance partners, including some of the largest security vendors in the industry.</li>\n <li>You will be working in a dynamic environment and engage with leading companies around the world.</li>\n <li>Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available security logs and intelligence sources to include but not limited to:\n <ol>\n <li>Firewalls</li>\n <li>Systems and Network Devices</li>\n <li>Web Proxies</li>\n <li>Intrusion Detection/Prevention Systems</li>\n <li>Data Loss Prevention</li>\n <li>EDR / Antivirus Systems</li>\n <li>Knowledgebase Framework (Confluence)</li>\n </ol></li>\n <li>Continuously monitor SIEM and logging environments for security events and alerts to threats, intrusions, and/or compromises, including:</li>\n <li>SIEM alert queue</li>\n <li>Security email inbox</li>\n <li>Intel feeds via email and other sources (e.g. NH-ISAC)</li>\n <li>Incident Ticketing queue (IT Security group)</li>\n</ul>\n<p><strong><u>Roles & Responsibilities:</u></strong></p>\n<ul>\n <li>Validate alerts as they come in to eliminate false positives and use other internal and external data sources to enrich alerts with additional context </li>\n <li>Performing triage of service requests from customers and internal teams</li>\n <li>Use playbook procedures to carry out standard plays for routine event types and escalate alerts to Level 2 Analysts for further triage and remediation</li>\n <li>Assist with containment of threats and remediation of environment during or after an incident</li>\n <li>Act as a participant during Threat Hunting activities at the direction of one or more Incident Response Handlers</li>\n <li>Document event analysis and write comprehensive reports of incident investigations</li>\n <li>Proactively improve security-related operational processes and procedures</li>\n <li>Use available security tools for historical analysis purposes as necessary for detected events; for example, historical searches using SIEM tools</li>\n <li>Maintain operational shift logs with relevant activity from the Analyst’s shift. Document investigation results, ensuring relevant details are passed to Level 2 or MDR Analysts for final event analysis</li>\n <li>Update/reference knowledgebase tool (e.g. Confluence) as necessary for changes to processes and procedures, and ingestion of daily intelligence reports and previous shift logs</li>\n <li>Conduct research and document events of interest within the scope of IT Security</li>\n <li>Hands-on experience in a <strong>Security Operations Centre</strong></li>\n <li>Alternatively, consulting, or advisory experience in Security Operations</li>\n <li>Monitor and analyse Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset and other event logs to identify security attacks and threats for remediation/suppression.</li>\n <li>Validate IOCs that triggered the original alert.</li>\n <li>Research additional internal and external data sources for additional enrichment of event information</li>\n <li>Determine when an event has reached the threshold of an incident and engage Incident Response Handler to declare an incident.</li>\n <li>Create filters, data monitors, dashboards, and reports within monitoring utilities.</li>\n <li>Troubleshoot security monitoring devices to improve event correlation and performance.</li>\n <li>Handle high and critical severity incidents as described in the operations playbook. </li>\n <li>Operational level experience in some of these domains (not all): security engineering, alert triaging, rule writing, incident response, DFIR, threat intelligence and management, vulnerability management, and security control testing</li>\n <li>In-depth knowledge of at least one SIEM platform or security data lake and related processes</li>\n <li>Knowledge of various security tools, their functions, and comparisons</li>\n <li>Knowledge of network and cloud security fundamentals</li>\n <li>Ability to explain complex technical concepts in business terms.</li>\n <li>Extensive experience in report writing and presentation.</li>\n <li>Strong, adaptable, and flexible work ethic</li>\n <li>Good time management skills</li>\n <li>Ability to work under pressure and priorities activities.</li>\n</ul>\n<p> </p>\n<p><strong>Required skills:</strong></p>\n<ul>\n <li>5+ years of technical experience in Information Security</li>\n <li>Bachelor’s degree in information security, Computer Science, Engineering, Technology, or a similar degree</li>\n <li>Good communication skills and the ability to drive & lead client calls</li>\n <li>Knowledge of security best practices and concepts</li>\n <li>Organized, responsive, and thorough problem-solving and analytical skills.</li>\n <li>Strong communication, interpersonal and presentation skills</li>\n <li>Keen cyber threat-landscape interest and awareness</li>\n <li>Previous experience in cyber project management</li>\n <li>Part of a large transformation and implementation project</li>\n <li>Candidate must have hands-on experience in Microsoft Sentinel as a Primary tool.</li>\n <li>Candidate must have hands-on experience in EDR tools like Microsoft Defender, Crowd Strike, Carbon Black, Forcepoint etc., as a Secondary tool</li>\n <li>Candidate must have hands-on experience & exposure to Incident Response processes, also exposure to SOAR tools.</li>\n <li>Candidate must have hands-on experience of log analysis, also must have fundamental knowledge in IDS/IPS and Firewalls (Cisco, FortiGate, Sourcefire, Palo Alto etc.)</li>\n <li>Familiar with TCP/IP protocol, OSI Seven Layer Model, LAN/WAN terminologies</li>\n <li>Knowledge of Windows, Unix-based systems, architectures, and network security devices</li>\n <li>Must have a solid understanding of information technology, information security domains.</li>\n <li>Personal drive, positive work ethic to deliver results within tight deadlines and in demanding situations.</li>\n <li>Familiar with ticketing tool / ITSM tool like ServiceNow, Jira etc.,</li>\n <li>Good to have - at least one of the following certifications – Security+, C|EH, Network+, CISSP, CISM, CCSP, GIAC certifications or an equivalent security certification.</li>\n</ul>",
"InternationalTravelRequired": null
},
"list_job": {
"Id": "30035194",
"Title": "Cyber_MS_KDNI-MDR - Consultant",
"JobType": null,
"Distance": 1772409600000,
"JobShift": null,
"Language": "US",
"WorkDays": null,
"JobFamily": null,
"Relevancy": 3,
"WorkHours": null,
"Department": null,
"HotJobFlag": false,
"PostedDate": "2026-03-02",
"StudyLevel": null,
"WorkerType": null,
"GeographyId": 300002240961169,
"JobFunction": null,
"JobSchedule": null,
"BusinessUnit": null,
"ContractType": null,
"ManagerLevel": null,
"Organization": null,
"TrendingFlag": false,
"workLocation": [
{
"Country": "IN",
"Region1": null,
"Region2": "Haryana",
"Region3": null,
"Building": null,
"Latitude": 28.47894,
"Longitude": 77.09193,
"LocationId": 300000007677505,
"PostalCode": "122002",
"TownOrCity": "Gurugram",
"AddressLine1": "KGS",
"AddressLine2": null,
"AddressLine3": null,
"AddressLine4": null,
"LocationName": "Gurgaon-KGS"
}
],
"LegalEmployer": null,
"MediaThumbURL": null,
"WorkplaceType": "",
"BusinessUnitId": 300006168739567,
"OrganizationId": 300006217443132,
"PostingEndDate": null,
"LegalEmployerId": 300006214458667,
"PrimaryLocation": "Bangalore, Karnataka, India",
"WorkDurationYears": null,
"WorkplaceTypeCode": null,
"BeFirstToApplyFlag": false,
"WorkDurationMonths": null,
"otherWorkLocations": [],
"secondaryLocations": [
{
"Name": "Pune, Maharashtra, India",
"Latitude": 18.50423,
"Longitude": 73.85286,
"CountryCode": "IN",
"GeographyId": 300002240957224,
"GeographyNodeId": 300002241670240,
"RequisitionLocationId": 300006388505144
}
],
"ShortDescriptionStr": "",
"requisitionFlexFields": [],
"DomesticTravelRequired": null,
"PrimaryLocationCountry": "IN",
"ExternalQualificationsStr": null,
"ExternalResponsibilitiesStr": null,
"InternationalTravelRequired": null
},
"detail_meta": {
"url": "https://ejgk.fa.em2.oraclecloud.com/hcmRestApi/resources/latest/recruitingCEJobRequisitionDetails?expand=all&onlyData=true&finder=ById;Id=%2230035194%22,siteNumber=CX_3001",
"http_status": 200,
"content_type": "application/json",
"response_bytes": 44393
},
"detail_errors": []
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/f21c92d36b47fd04b8520d622c25a98222287950?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/9e54c86f-8c2b-4681-942c-a58d7d4a1b9eJSONGET https://api.bluedoor.sh/job-postings/v1/sources/3e96ffc1-1635-4bd0-82bd-25dd71399682JSONGET https://api.bluedoor.sh/job-postings/v1/jobs/f21c92d36b47fd04b8520d622c25a98222287950/eventsJSON