280 Arcsight Jobs

As Security Services Consultant, you are responsible for managing day to day operations of Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. What will you do * Responsible for implementation partner to see project on track along with providing required reports to management and client Handle the project as well as BAU operations while ensuring high level of systems security compliance Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. Analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 4+ years of experience in IT security with at least 3+ Years in SOC. Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM Working knowledge of industry standard risk, governance and security standard methodologies Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting Competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc. Preferred technical and professional experience One or more security certificationsCEH, Security+, GSEC, GCIH, etc., Ability to multitask and work independently with minimal direction and maximum accountability. Intuitive individual with an ability to manage change and proven time management Proven interpersonal skills while contributing to team effort by accomplishing related results as needed Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Solution Architect Project Role Description : Translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. Must have skills : Solution Architecture Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : Minimum BE BTech from a reputed university Summary :As a Solution Architect, you will translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. To design and deploy cyber security solutions in on-premises and public cloud infrastructure for large scale technology projects such as data lake, digital platform, and other core business and supporting applications Cyber Security Architect Roles & Responsibilities:-SPOC for cyber security design and deployment for any designated projects-Take full accountability of design of cyber security domain including network connectivity to various entities such as on-premises data centers and partner networks -Take ownership of design related issues and challenges and drive for solutions working with various internal teams and third-party solution providers such as OEMs and technology partners-Define and develop high level operating procedures for seamless operations of the project-Support transition of projects from deployment to operations-Anchor design and implementation of cyber security components-Be a SPOC for all cyber security initiatives in existing project and able to navigate through the clients landscape to upsell new initiatives in infrastructure space or able to pave ways for upselling value-driven initiatives for the client in other related domains such as application modernization, network transformation, and information security.-Lead the teams across various security solutions and thrive for upskilling and cross skilling to rationalize the resources across the towers and across the clients.-Introduce innovative solutions such as automation to increase productivity and improve service delivery quality -Participate in architecture and design review and approval forums to ensure the design principles are adhered to for any changes in the existing landscape or any new initiatives being rolled out in the existing landscape-Participate in client account planning and discussions to ensure security level initiatives are accounted for and issues are escalated to the right leaders for resolution-Build strong relationships with all client stakeholders and Accenture project teams for effective collaboration and outcomes Professional & Technical Skills: -Must have:-Hands-on Architecture and Design skills for SIEM, SOAR, UEBA, and cyber security-operations in on-premises data centers and public cloud-Strong experience working in Splunk, Palo Alto, and other leading OEMs in security domain-Strong Communication skills-Ability to drive discussions and ideas with clients senior leadership forums-Problem solving skills-Good to have-TOGAF or any equivalent certification in enterprise Security Architecture Additional Information:-Total IT experience of minimum 15 years; and-Minimum 4 years of experience in design and deployment of cyber security solutions in public cloud infrastructure (anyone from AWS, Azure, GCP, and OCI)-Minimum 10 years of experience in design and deployment of cyber security in on-premises infrastructure (SIEM, SOAR, UEBA, and cyber security operations)- This position is based at our Mumbai office.- A Minimum BE BTech from a reputed university is required. Qualification Minimum BE BTech from a reputed university

Person should be responsible for administration & management of three or more technologies listed Firewall, F5 WAF, F5 SSLO, Ant-DDoS, Packet Broker, Anti-Apt, IPS, etc. Managing complete administration including but not limited of creation, modification of rules and configuration, system upgrades. Handling escalated calls and providing SME support on above technologies. On-boarding of new applications in F5 SSLO, F5 WAF, Packet Broker and handle critical issues for the same. Single point of contact for above mentioned technologies. Incident management & timely escalation of incident. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Overall 4+ years of experience in the field of network security Person should be able to manage the team. Person should have good understanding on SIEM IR & should be able to guide the team. Require advance level of network security devices troubleshooting knowledge, tcpdump, log analysis etc. B. E. / B.Tech in Computer Science or Electronics & Telecommunications Preferred technical and professional experience Person should have good understanding on SIEM IR & should be able to guide the team. Require advance level of network security devices troubleshooting knowledge, tcpdump, log analysis etc.

TCS is conducting in-person interview drive for Hyderabad & Chennai location NOTE: Candidate interested in WALK-IN DRIVE in Hyderabad & Chennai must apply TCS is hosting an In-Person Interview Drive on Saturday, 21st June , we’d like to invite you to join us! This is a great opportunity to explore exciting career opportunities with us and meet our hiring team face-to-face. Role **: SOC Analyst / Consultant Desired Skill Set: Cyber security, SIEM, A ntivirus, Vulnerability management, Web Proxy, Security Patch management. Experience Range: 4-10yrs & 10+yrs Joining Location: PAN India Venue : Hyderabad : TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai : TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description: Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Oversight of facilitates for other offices in the UK and provide support and guidance where required. Ability to translate event analysis findings into new monitoring proposals. Remain flexible with 24/7 shift and task assignments. Show more Show less

L3 Security Incident Analyst Position Overview The L3 Security Incident Analyst is responsible for handling complex security incidents and leading incident response efforts. This role involves advanced threat analysis and strategy development to improve the organization’s security posture. Key Responsibilities - Lead investigations of complex security incidents and advanced persistent threats. - Develop and implement advanced threat detection and response strategies. - Collaborate with cross-functional teams to address vulnerabilities and improve security measures. - Perform forensics and malware analysis to understand and counter threats. - Develop and refine incident response plans and playbooks. - Provide expert guidance and training to L1 and L2 analysts. - Stay updated on emerging threats and technologies to enhance security defenses. Skill Required: Education: Bachelor’s degree in computer science, Information Security, or related field (or equivalent work experience). Certifications: Intermediate to advanced certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or equivalent preferred. Experience: years of experience in a security operations center (SOC) or incident response role. Technical Skills: Strong expertise in analyzing security events and incident response processes. Extensive experience in cybersecurity and incident response. Proficiency in using SIEM platforms and security monitoring tools. Proficiency in advanced security tools and technologies (firewalls, IDS/IPS, antivirus, CASB, EDR. SIEM, SOAR, TI etc.). Strong understanding of network protocols, operating systems, and common attack vectors. Understanding of enterprise IT Systems, applications and databases, cloud infrastructure and security principles, solutions, and technologies Expertise in threat analysis, forensics, and malware analysis, reverse engineering, and vulnerability assessment. E- Good written & verbal communication & presentation skills Strong leadership and communication skills. Regards Kirti Rustagi kirti.rustagi@raspl.com Show more Show less

Job Summary As a Cyber Security Specialist you will play a crucial role in safeguarding our organizations digital assets. With a focus on LDAP Ping Directory and a hybrid work model you will ensure the integrity and confidentiality of sensitive information. Your expertise will contribute to maintaining a secure environment supporting our mission to protect data and enhance trust in our services. Responsibilities Develop and implement security measures to protect the organizations digital infrastructure. Monitor and analyze security alerts to identify potential threats and vulnerabilities. Collaborate with IT teams to integrate security protocols into existing systems. Conduct regular security audits and assessments to ensure compliance with industry standards. Provide guidance and support to staff on security best practices and protocols. Investigate security breaches and incidents to determine root causes and implement corrective actions. Maintain and update security policies and procedures to reflect current threats and technologies. Utilize LDAP expertise to manage and secure directory services effectively. Work closely with stakeholders to address security concerns and implement solutions. Ensure the confidentiality integrity and availability of sensitive information. Stay informed about the latest cybersecurity trends and technologies to enhance security measures. Contribute to the development of security awareness programs for employees. Support the organizations mission by ensuring a secure and trustworthy digital environment. Qualifications Possess strong experience in LDAP and its application in cybersecurity. Have a solid understanding of cybersecurity principles and practices. Demonstrate proficiency in conducting security audits and assessments. Exhibit excellent problem-solving skills to address security challenges. Show ability to work collaboratively with cross-functional teams. Display knowledge of industry standards and compliance requirements. Have experience in developing and implementing security policies. Be familiar with security incident response and investigation techniques. Possess strong communication skills to convey security concepts effectively. Have a proactive approach to identifying and mitigating security risks. Show commitment to continuous learning and staying updated on cybersecurity trends. Demonstrate ability to manage and secure directory services using LDAP.

TCS has been a great pioneer in feeding the fire of Young Techies like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role**: SOC/SIEM Admin Experience Range: 5+ years We are currently planning to do a Walk-In Interview at below locations : Date – 21st June 2025 (Saturday) Hyderabad - TCS Synergy Park Phase1, Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai - TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description Role & Responsibilities: Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Show more Show less

Saint-Gobain group through its group company Grindwell Norton Limited has established INDEC - an International Delivery Center in Mumbai to provide IT solutions and services to the groups’ businesses Globally. INDEC is currently organized into INDEC Application Development, INDEC Infrastructure Management and Cyber Security Management. While INDEC Apps specializes in Software application development and maintenance services (ADM), INDEC Infra specializes in monitoring and managing the key IT infrastructure assets of the group deployed globally across 70 countries worldwide. INDEC provides IT Services and Solutions to the Saint-Gobain group through its state-of-the-art delivery centers based at Andheri – East in Mumbai. There are approximately 1200+ associates working in INDEC currently. INDEC Apps provides software application development and maintenance services across a wide spectrum covering SAP, Java, PHP, .Net, CRM, Mobility, Digital, Artificial Intelligence (AI), and Robotic Automation. INDEC Infra on the other hand operates the following service lines: Network Coordination Center (NCC/NOC), Data Center Infrastructure Support, IT Standards, Tools Engineering and Reporting Automation. INDEC Cybersecurity provides 24/7 Security monitoring to detect & react on any suspicious activity in Saint- Gobain. It provides services on vulnerability scanning, web application firewall, endpoint protection, strong authentication, digital certificate, Win 10 MBAM and SFTS support . Key Responsibiitie s:• Evaluate and enhance the performance of SIEM/SOAR systems to ensure optimal threat detection and incident respons e.• Develop and maintain automation scripts and playbooks to streamline incident detection, analysis, and response processes. Leverage SOAR capabilities to reduce manual intervention and improve response time s.• Oversee the day-to-day administration of SIEM/SOAR platforms, ensuring their availability, reliability, and security. Perform regular updates, patches, and configuration change s.• Collaborate with the Incident Response team to ensure seamless integration of detection and response functions. Provide support during security incidents to ensure timely and effective remediatio n.• Work closely with other IT and security teams to develop specific use cases and to enhance the overall security posture of the organization. Share insights and recommendations to improve overall cybersecurity postur e.• Maintain detailed documentation of automation, scripts, and improvemen t.• Manage execution of standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/SOAR platform s.• Manage technical documentation around the content deployed to the SIEM/SOA R.• Manage reports, dashboards, metrics for CyberSOC KPIs and presentation to senior management & other stakeholde rs Qualificat on:• Bachelor's degree in Computer Science, Information Security, EXTC or related fie ld.• Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirab le.• Proven experience (3+ years) working within the Cybersecurity field, with a focus on security platform implementation & administrati on.• Experience with deploying and managing a large SIEM/SOAR environme nt.• Experience with Palo Alto XDR and/or other SIEM platforms like Sentinel, Qradar, Splunk, ArcSight, e tc.• Experience with Palo Alto XSOAR and/or equivalent SOAR Platforms like Resilient, Phantom, e tc.• Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is highly desirab le. Functional Skills/Competenc ies:• Has a systematic, disciplined, and analytical approach to problem solv ing.• Excellent ability to think critically under press ure.• Strong communication skills to convey technical concepts clearly to both technical and non- technical stakehold ers.• Willingness to stay updated with evolving cyber threats, technologies, and industry tre nds.• Capacity to work collaboratively with cross-functional teams, developers, and management to implement robust security measu res. SELECTION PRO CESS:Interested Candidates are mandatorily required to apply through this listing on Jigya. Only applications received through Jigya will be evaluated fur ther.Shortlisted candidates may be required to appear in an Online Assessment administered by Jigya on behalf of Saint-Gobain INDECCandidates selected after the screening test will be interviewed by Saint-Gobain INDEC Show more Show less

Bangalore,Karnataka,India Job ID 768423 Join our Team About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

About VOIS: VO IS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value and enhancing quality and efficiency across 28 countries, and operating from 7 locations: Albania, Egypt, Hungary, India, Romania, Spain and the UK.Over 29,000 highly skilled individuals are dedicated to being Vodafone Group’s partner of choice for talent, technology, and transformation. We deliver the best services across IT, Business Intelligence Services, Customer Operations, Business Operations, HR, Finance, Supply Chain, HR Operations, and many more.#VOIS About VOIS India: In 2009, VO IS started operating in India and now has established global delivery centres in Pune, Bangalore and Ahmedabad. With more than 14,500 employees, VO IS India supports global markets and group functions of Vodafone, and delivers best-in-class customer experience through multi-functional services in the areas of Information Technology, Networks, Business Intelligence and Analytics, Digital Business Solutions (Robotics & AI), Commercial Operations (Consumer & Business), Intelligent Operations, Finance Operations, Supply Chain Operations and HR Operations and more. Role Purpose: The purpose of this role (CDA- Cyber Defence Analyst) is to provide security analyst expertise and contribute to the success of the Cyber Security Operations Center (‘SOC’). The role reports into the AM & T Team Lead and is responsible to identify and validate threats by data analysis (e.g. log file information, consolidated event / alert data, firewall data) with the wide range of security tools and cyber Defence products. The role will deliver qualified analysis about actual threats and indications / recommendations how the associated risk can be investigated and responded The position works closely together with the Senior Cyber Defense Analysts / security incident manager and provide the technical security expertise in order to provide professional security analysis reports for further corrective actions and security measures. Core competencies, knowledge and experience: 3+ year’s relevant experience in Cyber Security- SOC , SIEM, Event /Alert Analysis, Security Incident investigation and management. Must have an understanding about network and security concepts, SIEM technologies (ArcSight / Splunk / QRadar, Logrhythm, etc.) Must have Industry recognized security certifications like CEH, CCNA Cyber Ops, Security + , Must have excellent analytical skills and communication skills Should be able to follow defined triage playbooks. Aspire to learn about new threats in Cyber Security apply the skills on daily investigation and protect Vodafone against new threats. Must have technical / professional qualifications: Degree in Computer Science/ Information Technology/ Engineering or similar Prior experience in Cyber Security SOC. Prior experience in event analysis and triage. Good knowledge in Networking and security concepts Experience of global customer handling A reputation for self-motivation, integrity, cultural sensitivity and strong interpersonal skills VOIS Equal Opportunity Employer Commitment VO IS is proud to be an Equal Employment Opportunity Employer. We celebrate differences and we welcome and value diverse people and insights. We believe that being authentically human and inclusive powers our employees’ growth and enables them to create a positive impact on themselves and society. We do not discriminate based on age, colour, gender (including pregnancy, childbirth, or related medical conditions), gender identity, gender expression, national origin, race, religion, sexual orientation, status as an individual with a disability, or other applicable legally protected characteristics.As a result of living and breathing our commitment, our employees have helped us get certified as a Great Place to Work in India for four years running. We have been also highlighted among the Top 10 Best Workplaces for Millennials, Equity, and Inclusion , Top 50 Best Workplaces for Women , Top 25 Best Workplaces in IT & IT-BPM and 10th Overall Best Workplaces in India by the Great Place to Work Institute in 2024. These achievements position us among a select group of trustworthy and high-performing companies which put their employees at the heart of everything they do.By joining us, you are part of our commitment. We look forward to welcoming you into our family which represents a variety of cultures, backgrounds, perspectives, and skills! Apply now, and we’ll be in touch!

Must have hands-on working on SIEM Implementation Projects(any two of the below in order of preference) • LogRhythm • FortiSIEM • ArcSight • Splunk/Securonix/Azure Sentinel 3. Experience in Installation, Configuration and Troubleshooting of various SIEM Components. 4. Experience in Supported and Non-Supported Devices Integration with SIEM. 5. Experience in Custom parser Development(Regex based and SQL based) 6. Experience in SIEM Architecture design and distributed Architecture Implementation. 7. Experience in design, Implement, Finetune SIEM Usecases(Cross Corelated Usecases, Threat Based Usecases and Mitre based Usecases) 8. Experience in UEBA – Integrations and Usecases 9. Experience working in a large team and customer facing role. 10. Experience deploying standard SOAR playbooks deployment. 11. Knowledge on Python or PowerShell scripting and APIs. 12. Knowledge on various Cloud Components and relevant functionality and logging(Ex: S3 Bucket, Event Hub, Cloudtrail, Cloudwatch etc.) 13. Should have OEM Certifications in SIEM 14. Security Certifications – CEH, Comptia Security+ or Similar. Roles and Responsibilities: 1. Engage with Customers during the project lifecycle as Technical SPOC and ensure the Implementation is done smoothly. 2. Coordinate internally and customer teams for technical requirements and issues resolutions. 3. Work on device onboarding, Usecases creation, Parser development which are part of project scope and success criteria 4. Technical SPOC for customer meetings, BRM sessions and other workshops held during the project lifecycle. 5. Work on Internal SOC team for successful handover of the projects for SOC monitoring Go-live 6. Engage with Cross Functional teams for Cloud Logsources integration with SIEM. 7. Build project technical documentations including HLD, LLD and other technical documents. 8. Adhere to project delivery processes and Tata Communications internal processes for successful project delivery. 9. Publish weekly and daily status updates to Customer and work support TPM to send the weekly status reports. 10. Contribute to Threat Management practice development - SOPs, Developments, Automations etc. 11. Effectively collaborate with internal and external teams. 12. Support pre-sales for technical pointers and inputs. Show more Show less

Greetings From TCS !! Position : SOC Analyst Experience : 5+ years Location : Walkin Interview on 21st June (saturday) at below locations : Hyderabad TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description : Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Oversight of facilitates for other offices in the UK and provide support and guidance where required. Ability to translate event analysis findings into new monitoring proposals. Remain flexible with 24/7 shift and task assignments Interested Candidates can share their CV to divya.jillidimudi1@tcs.com Regards, Divya Jillidimudi Show more Show less

About VOIS VO IS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value and enhancing quality and efficiency across 28 countries, and operating from 7 locations: Albania, Egypt, Hungary, India, Romania, Spain and the UK.Over 29,000 highly skilled individuals are dedicated to being Vodafone Group’s partner of choice for talent, technology, and transformation. We deliver the best services across IT, Business Intelligence Services, Customer Operations, Business Operations, HR, Finance, Supply Chain, HR Operations, and many more.#VOIS About VOIS India In 2009, VO IS started operating in India and now has established global delivery centres in Pune, Bangalore and Ahmedabad. With more than 14,500 employees, VO IS India supports global markets and group functions of Vodafone, and delivers best-in-class customer experience through multi-functional services in the areas of Information Technology, Networks, Business Intelligence and Analytics, Digital Business Solutions (Robotics & AI), Commercial Operations (Consumer & Business), Intelligent Operations, Finance Operations, Supply Chain Operations and HR Operations and more. Role Purpose The purpose of this role (CDA- Cyber Defence Analyst) is to provide security analyst expertise and contribute to the success of the Cyber Security Operations Center (‘SOC’). The role reports into the AM & T Team Lead and is responsible to identify and validate threats by data analysis (e.g. log file information, consolidated event / alert data, firewall data) with the wide range of security tools and cyber Defence products. The role will deliver qualified analysis about actual threats and indications / recommendations how the associated risk can be investigated and responded The position works closely together with the Senior Cyber Defense Analysts / security incident manager and provide the technical security expertise in order to provide professional security analysis reports for further corrective actions and security measures. Core Competencies, Knowledge And Experience 3+ year’s relevant experience in Cyber Security- SOC , SIEM, Event /Alert Analysis, Security Incident investigation and management. Must have an understanding about network and security concepts, SIEM technologies (ArcSight / Splunk / QRadar, Logrhythm, etc.) Must have Industry recognized security certifications like CEH, CCNA Cyber Ops, Security + , Must have excellent analytical skills and communication skills Should be able to follow defined triage playbooks. Aspire to learn about new threats in Cyber Security apply the skills on daily investigation and protect Vodafone against new threats. Must Have Technical / Professional Qualifications Degree in Computer Science/ Information Technology/ Engineering or similar Prior experience in Cyber Security SOC. Prior experience in event analysis and triage. Good knowledge in Networking and security concepts Experience of global customer handling A reputation for self-motivation, integrity, cultural sensitivity and strong interpersonal skills VOIS Equal Opportunity Employer Commitment VO IS is proud to be an Equal Employment Opportunity Employer. We celebrate differences and we welcome and value diverse people and insights. We believe that being authentically human and inclusive powers our employees’ growth and enables them to create a positive impact on themselves and society. We do not discriminate based on age, colour, gender (including pregnancy, childbirth, or related medical conditions), gender identity, gender expression, national origin, race, religion, sexual orientation, status as an individual with a disability, or other applicable legally protected characteristics.As a result of living and breathing our commitment, our employees have helped us get certified as a Great Place to Work in India for four years running. We have been also highlighted among the Top 10 Best Workplaces for Millennials, Equity, and Inclusion , Top 50 Best Workplaces for Women , Top 25 Best Workplaces in IT & IT-BPM and 10th Overall Best Workplaces in India by the Great Place to Work Institute in 2024. These achievements position us among a select group of trustworthy and high-performing companies which put their employees at the heart of everything they do.By joining us, you are part of our commitment. We look forward to welcoming you into our family which represents a variety of cultures, backgrounds, perspectives, and skills! Apply now, and we’ll be in touch! Show more Show less

Responsibilities Participate or Lead engagements for ICS/OT Cyber Security Maturity Assessments, Transformations, Strategy Development, and Target Operating Model design Controls mapping between clients internal frameworks with an industry recognized framework Design solutions and corresponding Roadmap of activities for ICS/OT clients Prepare or support Business Proposals for various KPMG service offerings Understand clients requirements and identify relevant opportunities to better serve the client Present engagement case studies and KPMG approach in internal and external Qualifications : A minimum of five years of experience in cyber security for Operational Technology environment Bachelor`s degree from an accredited college/university or equivalent experience Good understanding of general OT network topologies, Purdue Model, PLCs, SCADA systems, DCS, and OT specific communication protocols such as OPC, Modbus, IEC 60870, DNP3, etc. Working knowledge and deployment of IEC 62443, NIST 800-82, NIST CSF, and familiarity with NIS CAF and NERC CIP Hands-on experience in OT specific cyber security solutions such as Nozomi, Claroty, Splunk, etc. Strong oral and written communication skills. Solid understanding of the relevant industries production processes and operational procedures Cyber OT endpoint OS, Server OS, and embedded systems knowledge Knowledge of OT Capable SIEM, IPS/IDS, Patch Management, Asset Management, security events logging and monitoring technologies and platforms such as Nozomi, Claroty, Nextnine, Industrial defender, Splunk, ArcSight, QRadar, etc. Experience in deploying of unidirectional firewalls, host-based firewalls, Anti-Malware, HIDS in plant and operational environments Strong oral and written communication Characteristics : Certifications in good standing such as : IEC 62443, CISSP, CISM, CISA, CEH, etc. Experience working in a consulting environment or with Big4 firms Demonstrated analytical and complex problem-solving skills Ability to work effectively in a team and across functions, partnering with other teams globally Very strong work ethic and ability to deal with confidential information Develop people through effective coaching and mentoring. Strong interpersonal skills. (ref:hirist.tech) Show more Show less

Relevant Experience: 5-7 Years on SOC Operation Education: BE/BTECH/MCA/BCA/MSC/BSC in Computer Science Certification: CISA/CISSP/CISM/Any OEM Certification in the field of IT Security Skills – Security Tools : Ø ArcSight (SIEM) Ø DLP Ø WAF Ø DAM Ø NBA Ø PIM Ø AlgoSec Ø Anti Malware Ø Cisco HCI Ø Tenable Job Types: Full-time, Permanent Pay: ₹800,000.00 - ₹1,400,000.00 per year Benefits: Health insurance Schedule: Rotational shift Application Question(s): What is your notice period? What is your current CTC? What is your total relevant experience? Location: Kolkata, West Bengal (Required) Work Location: In person

Relevant Experience: 5-7 Years on SOC Operation Education: BE/BTECH/MCA/BCA/MSC/BSC in Computer Science Certification: CISA/CISSP/CISM/Any OEM Certification in the field of IT Security Skills – Security Tools : Ø ArcSight (SIEM) Ø DLP Ø WAF Ø DAM Ø NBA Ø PIM Ø AlgoSec Ø Anti Malware Ø Cisco HCI Ø Tenable Job Types: Full-time, Permanent Pay: ₹800,000.00 - ₹1,400,000.00 per year Benefits: Health insurance Schedule: Rotational shift Application Question(s): What is your notice period? What is your current CTC? What is your total relevant experience? Location: Kolkata, West Bengal (Required) Work Location: In person

Bangalore,Karnataka,India Job ID 768423 Join our Team About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

SIEM Implementation Lead Experience: 7-9 years Location: Pune Employment Type: Full-time Job Overview We are looking for an experienced SIEM Implementation Lead to manage and drive end-to-end SIEM deployments across enterprise environments. The ideal candidate will have deep technical expertise in security monitoring, incident detection, and security architecture using SIEM platforms. Key Responsibilities (KRAs) Lead the design, implementation, and configuration of SIEM platforms (e.g., Splunk, QRadar, ArcSight, LogRhythm) Integrate security data sources and ensure effective log management across all layers Define and tune use cases, correlation rules, and alerting mechanisms Work with SOC and IT teams to refine alert triaging and incident escalation workflows Perform SIEM health checks, capacity planning, and optimization Document SIEM architecture, configurations, and operational procedures Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, ISO 27001) Required Skillsets Hands-on experience with leading SIEM tools (e.g., Splunk, IBM QRadar, ArcSight) Deep understanding of log parsing, normalization, and data ingestion techniques Strong knowledge of cybersecurity frameworks (e.g., MITRE ATT&CK, NIST) Experience in scripting languages (e.g., Python, Bash) for automation Familiarity with firewall, IDS/IPS, antivirus, endpoint security solutions Strong leadership and project management skills Certifications like SIEM Engineer, CISSP, or GCIA preferred (ref:hirist.tech) Show more Show less

The SIEM Administrator will be responsible for administering the deployed SIEM service. The candidate is also expected to have hands on experience of deploying a SIEM solution from scratch, where the candidate should have the skills and knowledge to gather all the required information to build the SIEM solution. In-depth knowledge of technical approaches in security analytics, monitoring and alerting. Maintains technical knowledge within areas of expertise. This role is also responsible for identifying, analyzing, developing new or tuning & Refinement of the content or use cases. Strong problem solving and troubleshooting skills including the ability to perform root cause analysis for preventative investigation Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Should have experience in any of the query language i.eAQL ,KQL, SPL, LEQL etc for writing the complex queries & saved search creation. Should have strong knowledge of different cybersecurity frameworks i.e.MITRE, NIST and Cyber kill chain model. Should have understanding of regular expression writing and custom parsing Preferred technical and professional experience Collaborate with key stakeholders within technology, application and cyber security to develop use cases to address specific business needs. Create technical documentation around the content deployed to the SIEM. Creates and develops correlation and detection rules with SIEM solution, reports & dashboards to detect emerging threats

As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. * Responsible for security researcher to provide insight and understanding of new and existing information security threats * Responsible to participate in recommending improvements to SOC security process, procedures, policies, security incident management and vulnerability management processes * You will be involved in evaluating, recommending, implementing, and solving problems related to security solutions and evaluating IT security of the new IT Infrastructure systems * Keep yourself up-to-date with emerging security threats including applicable regulatory security requirements * Work in a 24x7 Security Operation Centre (SOC) environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * Minimum 2+ years’ experience in SIEM. * Proven expertise in handling the daily monitoring of Information Security events on the QRadar / ArcSight / Splunk console platform * Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists * Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Managed Cloud Security Services Good to have skills : Security Information and Event Management (SIEM), Incident Management, Delivery & Service ManagemMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). A typical day involves overseeing project implementation and ensuring successful delivery of security services. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead the implementation and delivery of Security Services projects- Leverage global delivery capability for successful project execution- Ensure adherence to project timelines and quality standards Professional & Technical Skills: - Must To Have Skills: Proficiency in Managed Cloud Security Services- Good To Have Skills: Experience with Incident Management- Strong understanding of security protocols and best practices- Knowledge of Security Information and Event Management (SIEM) systems- Experience in managing security incidents and response procedures Additional Information:- The candidate should have a minimum of 7.5 years of experience in Managed Cloud Security Services- This position is based at our Bengaluru office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Work with asset owners to ensure the timely and efficient collection of computer security events and logs for the purpose of detecting and responding to information security incidents. Roles & Responsibilities:- Lead the implementation and delivery of Security Services projects- Leverage global delivery capability for successful project execution- Ensure adherence to project timelines and quality standards Professional & Technical Skills- Proficiency in any Security Information and Event Management (SIEM)- Experience with Security Risk Assessment, Google SecOps- Strong understanding of security principles and practices- Experience in implementing security solutions- Knowledge of threat detection and incident response- Ability to analyze and interpret security data- Engage with multiple teams and contribute on key decisions- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Provide solutions to problems for their immediate team and across multiple teams- Verify custom reports, manage log source groups, and validate log sources with client- Maintain a close partnership with SIEM on feature requests, upgrade planning, and product roadmap alignment- Focus on content creation regarding advanced threat analysis (rules, variables, trending, watch lists, etc.) of incoming data and for self-monitoring of the solution itself.- Perform supporting tasks such as system hardening, high availability configurations, and developing backup strategies.- Identify and implement Automation opportunities in project- Troubleshoot issues with log sources or systems with vendor, and report system defects as needed- Coordinate & lead the technical discussions with Client/vendors.- Identify root cause of security incidents.- Implement SOC best practices to deliver business outcomes Professional & Technical Skills: -Experience in Information Security, Risk Management, Infrastructure Security and Compliance- Experience on SOC Operation-Experience in working UBA and Advanced Threat Detection- Any Security device Installations, Configuration, and troubleshooting (e.g., firewall, IDS, etc.)- Hands on experience in any SIEM tool- Mid-level expertise in UNIX, Linux, and Windows- Experience working in a diversified, virtual environment.-Scripting experience in any language- Experience in data manipulation and regular expressions- Experience with Database installation & configuration- Certifications such as CISSP, ITIL, CISA, CISM, GIAC-GCIA, AWS/Azure/Cloud based Certifications- Advanced Certification from any SIEM vendor on products such as ArcSight, QRadar, McAfee Nitro, RSA SA, SPLUNK, Google SecOps etc. Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM)- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 1 SOC analysts are incident responders, remediating serious attacks escalated, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 3 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 2 Years’ Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting Show more Show less

Job Title: L3 SOC Lead Location: Kolkata Job Description We are urgently looking for an experienced L3 SOC Lead to join the Security Operations Center (SOC) team at UCO Bank. The ideal candidate will have extensive experience in SOC operations and security management tools, and will be responsible for leading the SOC team to monitor, detect, analyze, and respond to cybersecurity threats and incidents effectively. Key Responsibilities Lead and manage the SOC team for continuous monitoring, detection, and response of security incidents. Oversee SOC operations to ensure timely and effective incident management. Perform advanced analysis and investigation of security events and incidents. Develop and implement SOC processes, procedures, and escalation mechanisms. Collaborate with cross-functional teams for threat intelligence sharing and incident remediation. Manage and optimize security tools including SIEM, DLP, WAF, DAM, and others. Conduct periodic security assessments and audits to ensure compliance. Provide technical guidance and mentorship to SOC analysts. Prepare reports and communicate SOC metrics, incident trends, and risk posture to management. Required Skills and Expertise Strong hands-on experience with the following Security Tools: ArcSight (SIEM) Data Loss Prevention (DLP) Web Application Firewall (WAF) Database Activity Monitoring (DAM) Network Behavior Analysis (NBA) Privileged Identity Management (PIM) AlgoSec (Security Policy Management) Anti-Malware Solutions Cisco HyperFlex Infrastructure (HCI) Tenable (Vulnerability Management) Expertise in analyzing and responding to cybersecurity threats and incidents. In-depth knowledge of security frameworks, threat intelligence, and incident response. Proven experience in leading SOC operations and teams. Strong understanding of networking, system security, and endpoint protection. Education & Certifications Bachelor’s or Master’s degree in Computer Science or related field (BE/B.Tech/MCA/BCA/MSc/BSc). Relevant professional certifications (mandatory): CISA / CISSP / CISM or Any OEM certification in IT Security (e.g., Certified Ethical Hacker, GIAC, etc.) Experience 5-7 years of relevant experience in SOC operations. Prior experience leading a SOC or security team will be preferred. Show more Show less