What makes Cognizant a unique place to work? The combination of rapid growth and an international and innovative environment! This is creating many opportunities for people like YOU - people with an entrepreneurial spirit who want to make a difference in this world. At Cognizant, together with your colleagues from all around the world, you will collaborate on creating solutions for the world's leading companies and help them become more flexible, more innovative, and successful. Moreover, this is your chance to be part of the success story. Your day-to-day will entail: - Security Operations & Incident Response - Lead threat detection, investigation, and remediation efforts using tools such as IBM QRadar, Splunk, CrowdStrike Falcon, Microsoft 365 Defender, and Sentinel One. - Perform real-time and retrospective analysis of logs, alerts, and PCAP files to detect malicious activity using Wireshark and SIEM platforms. - Conduct static and dynamic malware analysis and coordinate with threat intelligence teams for actionable IOCs. - Develop, tune, and maintain incident response playbooks, ensuring alignment with organizational risk posture. - Implement and maintain a Zero Trust Architecture, securing access through strong authentication, micro-segmentation, and continuous monitoring. - Leverage ZTNA principles in cloud and hybrid environments, ensuring strict verification for every access request regardless of location or device. - Integrate identity-based access controls across firewalls, VPNs, and cloud platforms to support secure remote access and workload isolation. - Collaborate with network, AD, and cloud teams to establish secure perimeters and enforce device trust and user validation. - Maintain comprehensive visibility and lifecycle management of IT/OT assets using tools like Axonius and CrowdStrike. - Implement robust endpoint security across environments including manufacturing and lab systems. - Integrate asset inventory with vulnerability management processes to ensure accurate risk scoring and prioritization. - Classify assets based on risk level, business criticality, and compliance needs - Conduct vulnerability assessments using Nessus, and CrowdStrike, and coordinate remediation with system owners. - Document and track security incidents, risks, and mitigation strategies through centralized dashboards and reports. - Collaborate with leadership to deliver executive-level reports and insights on security posture, incidents, - Build automation scripts and workflows to reduce manual effort in detection, remediation, and reporting. - Create custom correlation rules, dashboards, and threat detection content in Splunk. - Implemented and managed Zero Trust Network Access (ZTNA) to enforce secure, identity-aware access to applications and data across hybrid environments. - Configured ZTNA policies for application segmentation, reducing lateral movement and enhancing the overall Zero Trust posture. - Monitored and analyzed web and application traffic through the ZTNA cloud platform to detect anomalies and enforce security policies. - Created dynamic ZTNA policies based on user identity, device posture, location, and risk score to limit exposure and secure remote access. - Leveraged Secure Web Gateway (SWG) capabilities to inspect web traffic, block malicious downloads, and prevent data exfiltration. - Deployed and maintained Cybersecurity Asset Management's platform to achieve complete, centralized asset visibility across the enterprise. - Created dynamic queries to detect unmanaged, non-compliant, or vulnerable assets and trigger automated remediation workflows. - Utilized Asset management tools to correlate data across IT and security systems, enabling real-time identification of security gaps and misconfigurations. - Supported compliance audits and reporting through Asset management tool dashboards detailing asset security posture, patch status, and tool coverage. - Leveraged Asset management tools for continuous asset lifecycle tracking, software licensing checks, and enforcement of security baselines. Technical Skills & Tools that will see you succeed in the role: - Endpoint Security: Microsoft 365 Defender, CrowdStrike and/ or Sentinel One - SIEM & EDR: IBM Qradar, Splunk, CrowdStrike Falcon, Sentinel One (SME in any one of the tools) - Asset Management: Axonius, CrowdStrike Asset Inventory, AD Asset Integration (SME in any one of the tools) - Vulnerability Tools: Nessus, IBM AppScan, OSINT, Joe Sandbox (basic and good to have) - Firewalls & Networking: Fortinet, Palo Alto, DNS, TCP/IP, DHCP, IPS/IDS (basic knowledge) - Email Security: Proofpoint, DarkTrace, Mimecast (basic/ good to have) Preferred Qualifications: - Relevant certifications: CISSP, CISM, CEH, Microsoft Certified: Azure Security Engineer, CompTIA Security, or similar Next Steps: If you feel this opportunity suits you, or Cognizant is the type of organization you would like to join, we want to have a conversation with you! Please apply directly with us. For a complete list of open opportunities with Cognizant, visit http://www.cognizant.com/careers. Cognizant is committed to providing Equal Employment Opportunities. Successful candidates will be required to undergo a background check. Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.