Stimulating. Motivating. Challenging.
Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes and systems for companies and organizations around the world, safeguarding their assets at a time of increasingly remote communications.
Lieu : Bangalore, India
Mission
Responsabilités
- Threat Monitoring
- Be the main point of contact of the Cyber Fusion Center at the client’s side
- Support standard Cyber Fusion Center activities (Threat Monitoring, Security Device management, Endpoint Detection and Response, Vulnerability scanning services)
- Investigate/Remediate incident escalated by the Cyber Fusion Center or Client’s internal units
- Write specific incident response playbooks for the Client
- Define, test, deploy or perform specific use cases and correlation rule, threat hunting activities and threat intelligence activities for the client
- Support large scale incident response activities
- Service improvement
- Perform rules tuning of client SIEM in operation
- Support rules factory program in improving the global set of detection
- Qualify, analyze, and provide recommendations for new standard data source requests
- Support Product teams to build best new services to fit with Operations capabilities
- Contribute to client’s security projects
- Implement new tools or scripts to increase security operations’ efficiency
- General responsibilities
- Take responsibility for customer satisfaction and overall success of managed services.
- Recommend improvements for Standard Operating Procedures
- Propose enhancement on tools and workflow
- Document actions in tickets to effectively communicate information internally and to customers.
- Adhere to policies, procedures, and security best practices.
Exigences / profil
- Minimum 3 years’ experience in information security, particularly in cyber operations
- Excellent client service skills
- Knowledge of incident response processes (detection, triage, incident analysis, remediation and reporting)
- Experience with two or more of the following technologies: EDR/NGAV (MS Defender, CS), SIEM (Sentinel, Splunk), Falcon Nextgen SIEM, Google SecOps, Vulnerability Scanning, Managed Attacker Deception, SOAR
- Experience reviewing and analyzing log data, network packets captures
- Strong knowledge of Windows/Linux OS, network protocols, scripting languages
- Good knowledge in cyber security threats and tactics
- Good knowledge in Cloud and OT/ICS technologies
- An in-depth understanding of information security industry forces and trends
- An excellent knowledge of the security landscape and different security visibility solutions (SIEM based visibility vs EDR).
Référence : 15688
Date de publication : 23-01-2026
