285 Arcsight Jobs

Mizuho Global Services Pvt Ltd (MGS) is a subsidiary company of Mizuho Bank, Ltd, which is one of the largest banks or so called ‘Mega Banks’ of Japan. MGS was established in the year 2020 as part of Mizuho’s long term strategy of creating a captive global processing centre for remotely handling banking and IT related operations of Mizuho Bank’s domestic and overseas offices and Mizuho’s group companies across the globe. At Mizuho we are committed to a culture that is driven by ethical values and supports diversity in all its forms for its talent pool. Direction of MGS’s development is paved by its three key pillars, which are Mutual Respect, Discipline and Transparency, which are set as the baseline of every process and operation carried out at MGS. What’s in it for you? o Immense exposure and learning o Excellent career growth o Company of highly passionate leaders and mentors o Ability to build things from scratch Know more about MGS: https://www.mizuhogroup.com/asia-pacific/mizuho-global-services About the Role: We are seeking a highly skilled and motivated Senior Security Operations Center (SOC) Analyst to join our dynamic team. You will play a critical role in safeguarding our organization's information assets by monitoring, detecting, and responding to security threats. Roles and Responsibilities: · Monitor security events and alerts generated by SIEM tools and other security systems. · Conduct in-depth investigations of security incidents to identify root causes and potential threats. · Respond to security incidents in a timely and effective manner, following established incident response procedures. · Develop and maintain SOC rules, playbooks, and procedures. · Analyze security trends and identify potential vulnerabilities. · Collaborate with other security teams to improve overall security posture. · Stay up-to-date on the latest security threats and trends. Relevant Skills and Experience: · 5-7 years of experience in security operations, incident response, or a related field. · Strong understanding of security concepts, principles, and best practices. · Proficiency in using SIEM tools (e.g., Splunk, QRadar, ArcSight). · Experience in developing and maintaining SOC rules, playbooks, and procedures. · Knowledge of common security threats, vulnerabilities, and attack vectors. · Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). · Experience with scripting languages (e.g., Python, PowerShell). · Experience with cloud security (e.g., AWS, Azure, GCP). Qualifications: · Bachelor's degree in computer science, information technology, or a related field. · Security certifications (e.g., CISSP, CISM, CEH). · Strong problem-solving and analytical skills. · Excellent communication and interpersonal skills. · Ability to work independently and as part of a team. Additional Skills (Preferred): · Experience with threat intelligence platforms. · Experience with digital forensics. · Experience with security incident response frameworks (e.g., NIST, ISO 27001). Note : Only F2F interviews will be conducted if shortlisted. Interested candidates can send resume on mgs.rec@mizuho-cb.com along with the below details. Current CTC Expected CTC Notice period Experience in SOC Available for F2F ? Address: Mizuho Global Services India Pvt. ltd. 8th Floor, Campus 5, RMZ Millenia Business Park II, No.143, Dr. MGR Road, Perungudi Village, Kandanchavadi, Sholinganallur Taluk, Chennai - 600096, Tamil Nadu. Show more Show less

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Preferred technical and professional experience Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures

SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures Preferred technical and professional experience SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis

Senior SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This Senior SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Senior SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Preferred technical and professional experience Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures

As Security Services Consultant, you are responsible for managing day to day operations of Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. What will you do * Responsible for implementation partner to see project on track along with providing required reports to management and client Handle the project as well as BAU operations while ensuring high level of systems security compliance Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. Analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 4+ years of experience in IT security with at least 3+ Years in SOC. Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM Working knowledge of industry standard risk, governance and security standard methodologies Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting Competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc. Preferred technical and professional experience One or more security certificationsCEH, Security+, GSEC, GCIH, etc., Ability to multitask and work independently with minimal direction and maximum accountability. Intuitive individual with an ability to manage change and proven time management Proven interpersonal skills while contributing to team effort by accomplishing related results as needed Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Solution Architect Project Role Description : Translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. Must have skills : Solution Architecture Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : Minimum BE BTech from a reputed university Summary :As a Solution Architect, you will translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. To design and deploy cyber security solutions in on-premises and public cloud infrastructure for large scale technology projects such as data lake, digital platform, and other core business and supporting applications Cyber Security Architect Roles & Responsibilities:-SPOC for cyber security design and deployment for any designated projects-Take full accountability of design of cyber security domain including network connectivity to various entities such as on-premises data centers and partner networks -Take ownership of design related issues and challenges and drive for solutions working with various internal teams and third-party solution providers such as OEMs and technology partners-Define and develop high level operating procedures for seamless operations of the project-Support transition of projects from deployment to operations-Anchor design and implementation of cyber security components-Be a SPOC for all cyber security initiatives in existing project and able to navigate through the clients landscape to upsell new initiatives in infrastructure space or able to pave ways for upselling value-driven initiatives for the client in other related domains such as application modernization, network transformation, and information security.-Lead the teams across various security solutions and thrive for upskilling and cross skilling to rationalize the resources across the towers and across the clients.-Introduce innovative solutions such as automation to increase productivity and improve service delivery quality -Participate in architecture and design review and approval forums to ensure the design principles are adhered to for any changes in the existing landscape or any new initiatives being rolled out in the existing landscape-Participate in client account planning and discussions to ensure security level initiatives are accounted for and issues are escalated to the right leaders for resolution-Build strong relationships with all client stakeholders and Accenture project teams for effective collaboration and outcomes Professional & Technical Skills: -Must have:-Hands-on Architecture and Design skills for SIEM, SOAR, UEBA, and cyber security-operations in on-premises data centers and public cloud-Strong experience working in Splunk, Palo Alto, and other leading OEMs in security domain-Strong Communication skills-Ability to drive discussions and ideas with clients senior leadership forums-Problem solving skills-Good to have-TOGAF or any equivalent certification in enterprise Security Architecture Additional Information:-Total IT experience of minimum 15 years; and-Minimum 4 years of experience in design and deployment of cyber security solutions in public cloud infrastructure (anyone from AWS, Azure, GCP, and OCI)-Minimum 10 years of experience in design and deployment of cyber security in on-premises infrastructure (SIEM, SOAR, UEBA, and cyber security operations)- This position is based at our Mumbai office.- A Minimum BE BTech from a reputed university is required. Qualification Minimum BE BTech from a reputed university

Person should be responsible for administration & management of three or more technologies listed Firewall, F5 WAF, F5 SSLO, Ant-DDoS, Packet Broker, Anti-Apt, IPS, etc. Managing complete administration including but not limited of creation, modification of rules and configuration, system upgrades. Handling escalated calls and providing SME support on above technologies. On-boarding of new applications in F5 SSLO, F5 WAF, Packet Broker and handle critical issues for the same. Single point of contact for above mentioned technologies. Incident management & timely escalation of incident. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Overall 4+ years of experience in the field of network security Person should be able to manage the team. Person should have good understanding on SIEM IR & should be able to guide the team. Require advance level of network security devices troubleshooting knowledge, tcpdump, log analysis etc. B. E. / B.Tech in Computer Science or Electronics & Telecommunications Preferred technical and professional experience Person should have good understanding on SIEM IR & should be able to guide the team. Require advance level of network security devices troubleshooting knowledge, tcpdump, log analysis etc.

TCS is conducting in-person interview drive for Hyderabad & Chennai location NOTE: Candidate interested in WALK-IN DRIVE in Hyderabad & Chennai must apply TCS is hosting an In-Person Interview Drive on Saturday, 21st June , we’d like to invite you to join us! This is a great opportunity to explore exciting career opportunities with us and meet our hiring team face-to-face. Role **: SOC Analyst / Consultant Desired Skill Set: Cyber security, SIEM, A ntivirus, Vulnerability management, Web Proxy, Security Patch management. Experience Range: 4-10yrs & 10+yrs Joining Location: PAN India Venue : Hyderabad : TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai : TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description: Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Oversight of facilitates for other offices in the UK and provide support and guidance where required. Ability to translate event analysis findings into new monitoring proposals. Remain flexible with 24/7 shift and task assignments. Show more Show less

L3 Security Incident Analyst Position Overview The L3 Security Incident Analyst is responsible for handling complex security incidents and leading incident response efforts. This role involves advanced threat analysis and strategy development to improve the organization’s security posture. Key Responsibilities - Lead investigations of complex security incidents and advanced persistent threats. - Develop and implement advanced threat detection and response strategies. - Collaborate with cross-functional teams to address vulnerabilities and improve security measures. - Perform forensics and malware analysis to understand and counter threats. - Develop and refine incident response plans and playbooks. - Provide expert guidance and training to L1 and L2 analysts. - Stay updated on emerging threats and technologies to enhance security defenses. Skill Required: Education: Bachelor’s degree in computer science, Information Security, or related field (or equivalent work experience). Certifications: Intermediate to advanced certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or equivalent preferred. Experience: years of experience in a security operations center (SOC) or incident response role. Technical Skills: Strong expertise in analyzing security events and incident response processes. Extensive experience in cybersecurity and incident response. Proficiency in using SIEM platforms and security monitoring tools. Proficiency in advanced security tools and technologies (firewalls, IDS/IPS, antivirus, CASB, EDR. SIEM, SOAR, TI etc.). Strong understanding of network protocols, operating systems, and common attack vectors. Understanding of enterprise IT Systems, applications and databases, cloud infrastructure and security principles, solutions, and technologies Expertise in threat analysis, forensics, and malware analysis, reverse engineering, and vulnerability assessment. E- Good written & verbal communication & presentation skills Strong leadership and communication skills. Regards Kirti Rustagi kirti.rustagi@raspl.com Show more Show less

Job Summary As a Cyber Security Specialist you will play a crucial role in safeguarding our organizations digital assets. With a focus on LDAP Ping Directory and a hybrid work model you will ensure the integrity and confidentiality of sensitive information. Your expertise will contribute to maintaining a secure environment supporting our mission to protect data and enhance trust in our services. Responsibilities Develop and implement security measures to protect the organizations digital infrastructure. Monitor and analyze security alerts to identify potential threats and vulnerabilities. Collaborate with IT teams to integrate security protocols into existing systems. Conduct regular security audits and assessments to ensure compliance with industry standards. Provide guidance and support to staff on security best practices and protocols. Investigate security breaches and incidents to determine root causes and implement corrective actions. Maintain and update security policies and procedures to reflect current threats and technologies. Utilize LDAP expertise to manage and secure directory services effectively. Work closely with stakeholders to address security concerns and implement solutions. Ensure the confidentiality integrity and availability of sensitive information. Stay informed about the latest cybersecurity trends and technologies to enhance security measures. Contribute to the development of security awareness programs for employees. Support the organizations mission by ensuring a secure and trustworthy digital environment. Qualifications Possess strong experience in LDAP and its application in cybersecurity. Have a solid understanding of cybersecurity principles and practices. Demonstrate proficiency in conducting security audits and assessments. Exhibit excellent problem-solving skills to address security challenges. Show ability to work collaboratively with cross-functional teams. Display knowledge of industry standards and compliance requirements. Have experience in developing and implementing security policies. Be familiar with security incident response and investigation techniques. Possess strong communication skills to convey security concepts effectively. Have a proactive approach to identifying and mitigating security risks. Show commitment to continuous learning and staying updated on cybersecurity trends. Demonstrate ability to manage and secure directory services using LDAP.

TCS has been a great pioneer in feeding the fire of Young Techies like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role**: SOC/SIEM Admin Experience Range: 5+ years We are currently planning to do a Walk-In Interview at below locations : Date – 21st June 2025 (Saturday) Hyderabad - TCS Synergy Park Phase1, Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai - TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description Role & Responsibilities: Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Show more Show less

Saint-Gobain group through its group company Grindwell Norton Limited has established INDEC - an International Delivery Center in Mumbai to provide IT solutions and services to the groups’ businesses Globally. INDEC is currently organized into INDEC Application Development, INDEC Infrastructure Management and Cyber Security Management. While INDEC Apps specializes in Software application development and maintenance services (ADM), INDEC Infra specializes in monitoring and managing the key IT infrastructure assets of the group deployed globally across 70 countries worldwide. INDEC provides IT Services and Solutions to the Saint-Gobain group through its state-of-the-art delivery centers based at Andheri – East in Mumbai. There are approximately 1200+ associates working in INDEC currently. INDEC Apps provides software application development and maintenance services across a wide spectrum covering SAP, Java, PHP, .Net, CRM, Mobility, Digital, Artificial Intelligence (AI), and Robotic Automation. INDEC Infra on the other hand operates the following service lines: Network Coordination Center (NCC/NOC), Data Center Infrastructure Support, IT Standards, Tools Engineering and Reporting Automation. INDEC Cybersecurity provides 24/7 Security monitoring to detect & react on any suspicious activity in Saint- Gobain. It provides services on vulnerability scanning, web application firewall, endpoint protection, strong authentication, digital certificate, Win 10 MBAM and SFTS support . Key Responsibiitie s:• Evaluate and enhance the performance of SIEM/SOAR systems to ensure optimal threat detection and incident respons e.• Develop and maintain automation scripts and playbooks to streamline incident detection, analysis, and response processes. Leverage SOAR capabilities to reduce manual intervention and improve response time s.• Oversee the day-to-day administration of SIEM/SOAR platforms, ensuring their availability, reliability, and security. Perform regular updates, patches, and configuration change s.• Collaborate with the Incident Response team to ensure seamless integration of detection and response functions. Provide support during security incidents to ensure timely and effective remediatio n.• Work closely with other IT and security teams to develop specific use cases and to enhance the overall security posture of the organization. Share insights and recommendations to improve overall cybersecurity postur e.• Maintain detailed documentation of automation, scripts, and improvemen t.• Manage execution of standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/SOAR platform s.• Manage technical documentation around the content deployed to the SIEM/SOA R.• Manage reports, dashboards, metrics for CyberSOC KPIs and presentation to senior management & other stakeholde rs Qualificat on:• Bachelor's degree in Computer Science, Information Security, EXTC or related fie ld.• Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirab le.• Proven experience (3+ years) working within the Cybersecurity field, with a focus on security platform implementation & administrati on.• Experience with deploying and managing a large SIEM/SOAR environme nt.• Experience with Palo Alto XDR and/or other SIEM platforms like Sentinel, Qradar, Splunk, ArcSight, e tc.• Experience with Palo Alto XSOAR and/or equivalent SOAR Platforms like Resilient, Phantom, e tc.• Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is highly desirab le. Functional Skills/Competenc ies:• Has a systematic, disciplined, and analytical approach to problem solv ing.• Excellent ability to think critically under press ure.• Strong communication skills to convey technical concepts clearly to both technical and non- technical stakehold ers.• Willingness to stay updated with evolving cyber threats, technologies, and industry tre nds.• Capacity to work collaboratively with cross-functional teams, developers, and management to implement robust security measu res. SELECTION PRO CESS:Interested Candidates are mandatorily required to apply through this listing on Jigya. Only applications received through Jigya will be evaluated fur ther.Shortlisted candidates may be required to appear in an Online Assessment administered by Jigya on behalf of Saint-Gobain INDECCandidates selected after the screening test will be interviewed by Saint-Gobain INDEC Show more Show less

Bangalore,Karnataka,India Job ID 768423 Join our Team About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

About VOIS: VO IS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value and enhancing quality and efficiency across 28 countries, and operating from 7 locations: Albania, Egypt, Hungary, India, Romania, Spain and the UK.Over 29,000 highly skilled individuals are dedicated to being Vodafone Group’s partner of choice for talent, technology, and transformation. We deliver the best services across IT, Business Intelligence Services, Customer Operations, Business Operations, HR, Finance, Supply Chain, HR Operations, and many more.#VOIS About VOIS India: In 2009, VO IS started operating in India and now has established global delivery centres in Pune, Bangalore and Ahmedabad. With more than 14,500 employees, VO IS India supports global markets and group functions of Vodafone, and delivers best-in-class customer experience through multi-functional services in the areas of Information Technology, Networks, Business Intelligence and Analytics, Digital Business Solutions (Robotics & AI), Commercial Operations (Consumer & Business), Intelligent Operations, Finance Operations, Supply Chain Operations and HR Operations and more. Role Purpose: The purpose of this role (CDA- Cyber Defence Analyst) is to provide security analyst expertise and contribute to the success of the Cyber Security Operations Center (‘SOC’). The role reports into the AM & T Team Lead and is responsible to identify and validate threats by data analysis (e.g. log file information, consolidated event / alert data, firewall data) with the wide range of security tools and cyber Defence products. The role will deliver qualified analysis about actual threats and indications / recommendations how the associated risk can be investigated and responded The position works closely together with the Senior Cyber Defense Analysts / security incident manager and provide the technical security expertise in order to provide professional security analysis reports for further corrective actions and security measures. Core competencies, knowledge and experience: 3+ year’s relevant experience in Cyber Security- SOC , SIEM, Event /Alert Analysis, Security Incident investigation and management. Must have an understanding about network and security concepts, SIEM technologies (ArcSight / Splunk / QRadar, Logrhythm, etc.) Must have Industry recognized security certifications like CEH, CCNA Cyber Ops, Security + , Must have excellent analytical skills and communication skills Should be able to follow defined triage playbooks. Aspire to learn about new threats in Cyber Security apply the skills on daily investigation and protect Vodafone against new threats. Must have technical / professional qualifications: Degree in Computer Science/ Information Technology/ Engineering or similar Prior experience in Cyber Security SOC. Prior experience in event analysis and triage. Good knowledge in Networking and security concepts Experience of global customer handling A reputation for self-motivation, integrity, cultural sensitivity and strong interpersonal skills VOIS Equal Opportunity Employer Commitment VO IS is proud to be an Equal Employment Opportunity Employer. We celebrate differences and we welcome and value diverse people and insights. We believe that being authentically human and inclusive powers our employees’ growth and enables them to create a positive impact on themselves and society. We do not discriminate based on age, colour, gender (including pregnancy, childbirth, or related medical conditions), gender identity, gender expression, national origin, race, religion, sexual orientation, status as an individual with a disability, or other applicable legally protected characteristics.As a result of living and breathing our commitment, our employees have helped us get certified as a Great Place to Work in India for four years running. We have been also highlighted among the Top 10 Best Workplaces for Millennials, Equity, and Inclusion , Top 50 Best Workplaces for Women , Top 25 Best Workplaces in IT & IT-BPM and 10th Overall Best Workplaces in India by the Great Place to Work Institute in 2024. These achievements position us among a select group of trustworthy and high-performing companies which put their employees at the heart of everything they do.By joining us, you are part of our commitment. We look forward to welcoming you into our family which represents a variety of cultures, backgrounds, perspectives, and skills! Apply now, and we’ll be in touch!

Must have hands-on working on SIEM Implementation Projects(any two of the below in order of preference) • LogRhythm • FortiSIEM • ArcSight • Splunk/Securonix/Azure Sentinel 3. Experience in Installation, Configuration and Troubleshooting of various SIEM Components. 4. Experience in Supported and Non-Supported Devices Integration with SIEM. 5. Experience in Custom parser Development(Regex based and SQL based) 6. Experience in SIEM Architecture design and distributed Architecture Implementation. 7. Experience in design, Implement, Finetune SIEM Usecases(Cross Corelated Usecases, Threat Based Usecases and Mitre based Usecases) 8. Experience in UEBA – Integrations and Usecases 9. Experience working in a large team and customer facing role. 10. Experience deploying standard SOAR playbooks deployment. 11. Knowledge on Python or PowerShell scripting and APIs. 12. Knowledge on various Cloud Components and relevant functionality and logging(Ex: S3 Bucket, Event Hub, Cloudtrail, Cloudwatch etc.) 13. Should have OEM Certifications in SIEM 14. Security Certifications – CEH, Comptia Security+ or Similar. Roles and Responsibilities: 1. Engage with Customers during the project lifecycle as Technical SPOC and ensure the Implementation is done smoothly. 2. Coordinate internally and customer teams for technical requirements and issues resolutions. 3. Work on device onboarding, Usecases creation, Parser development which are part of project scope and success criteria 4. Technical SPOC for customer meetings, BRM sessions and other workshops held during the project lifecycle. 5. Work on Internal SOC team for successful handover of the projects for SOC monitoring Go-live 6. Engage with Cross Functional teams for Cloud Logsources integration with SIEM. 7. Build project technical documentations including HLD, LLD and other technical documents. 8. Adhere to project delivery processes and Tata Communications internal processes for successful project delivery. 9. Publish weekly and daily status updates to Customer and work support TPM to send the weekly status reports. 10. Contribute to Threat Management practice development - SOPs, Developments, Automations etc. 11. Effectively collaborate with internal and external teams. 12. Support pre-sales for technical pointers and inputs. Show more Show less

Greetings From TCS !! Position : SOC Analyst Experience : 5+ years Location : Walkin Interview on 21st June (saturday) at below locations : Hyderabad TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description : Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Oversight of facilitates for other offices in the UK and provide support and guidance where required. Ability to translate event analysis findings into new monitoring proposals. Remain flexible with 24/7 shift and task assignments Interested Candidates can share their CV to divya.jillidimudi1@tcs.com Regards, Divya Jillidimudi Show more Show less

About VOIS VO IS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value and enhancing quality and efficiency across 28 countries, and operating from 7 locations: Albania, Egypt, Hungary, India, Romania, Spain and the UK.Over 29,000 highly skilled individuals are dedicated to being Vodafone Group’s partner of choice for talent, technology, and transformation. We deliver the best services across IT, Business Intelligence Services, Customer Operations, Business Operations, HR, Finance, Supply Chain, HR Operations, and many more.#VOIS About VOIS India In 2009, VO IS started operating in India and now has established global delivery centres in Pune, Bangalore and Ahmedabad. With more than 14,500 employees, VO IS India supports global markets and group functions of Vodafone, and delivers best-in-class customer experience through multi-functional services in the areas of Information Technology, Networks, Business Intelligence and Analytics, Digital Business Solutions (Robotics & AI), Commercial Operations (Consumer & Business), Intelligent Operations, Finance Operations, Supply Chain Operations and HR Operations and more. Role Purpose The purpose of this role (CDA- Cyber Defence Analyst) is to provide security analyst expertise and contribute to the success of the Cyber Security Operations Center (‘SOC’). The role reports into the AM & T Team Lead and is responsible to identify and validate threats by data analysis (e.g. log file information, consolidated event / alert data, firewall data) with the wide range of security tools and cyber Defence products. The role will deliver qualified analysis about actual threats and indications / recommendations how the associated risk can be investigated and responded The position works closely together with the Senior Cyber Defense Analysts / security incident manager and provide the technical security expertise in order to provide professional security analysis reports for further corrective actions and security measures. Core Competencies, Knowledge And Experience 3+ year’s relevant experience in Cyber Security- SOC , SIEM, Event /Alert Analysis, Security Incident investigation and management. Must have an understanding about network and security concepts, SIEM technologies (ArcSight / Splunk / QRadar, Logrhythm, etc.) Must have Industry recognized security certifications like CEH, CCNA Cyber Ops, Security + , Must have excellent analytical skills and communication skills Should be able to follow defined triage playbooks. Aspire to learn about new threats in Cyber Security apply the skills on daily investigation and protect Vodafone against new threats. Must Have Technical / Professional Qualifications Degree in Computer Science/ Information Technology/ Engineering or similar Prior experience in Cyber Security SOC. Prior experience in event analysis and triage. Good knowledge in Networking and security concepts Experience of global customer handling A reputation for self-motivation, integrity, cultural sensitivity and strong interpersonal skills VOIS Equal Opportunity Employer Commitment VO IS is proud to be an Equal Employment Opportunity Employer. We celebrate differences and we welcome and value diverse people and insights. We believe that being authentically human and inclusive powers our employees’ growth and enables them to create a positive impact on themselves and society. We do not discriminate based on age, colour, gender (including pregnancy, childbirth, or related medical conditions), gender identity, gender expression, national origin, race, religion, sexual orientation, status as an individual with a disability, or other applicable legally protected characteristics.As a result of living and breathing our commitment, our employees have helped us get certified as a Great Place to Work in India for four years running. We have been also highlighted among the Top 10 Best Workplaces for Millennials, Equity, and Inclusion , Top 50 Best Workplaces for Women , Top 25 Best Workplaces in IT & IT-BPM and 10th Overall Best Workplaces in India by the Great Place to Work Institute in 2024. These achievements position us among a select group of trustworthy and high-performing companies which put their employees at the heart of everything they do.By joining us, you are part of our commitment. We look forward to welcoming you into our family which represents a variety of cultures, backgrounds, perspectives, and skills! Apply now, and we’ll be in touch! Show more Show less

Responsibilities Participate or Lead engagements for ICS/OT Cyber Security Maturity Assessments, Transformations, Strategy Development, and Target Operating Model design Controls mapping between clients internal frameworks with an industry recognized framework Design solutions and corresponding Roadmap of activities for ICS/OT clients Prepare or support Business Proposals for various KPMG service offerings Understand clients requirements and identify relevant opportunities to better serve the client Present engagement case studies and KPMG approach in internal and external Qualifications : A minimum of five years of experience in cyber security for Operational Technology environment Bachelor`s degree from an accredited college/university or equivalent experience Good understanding of general OT network topologies, Purdue Model, PLCs, SCADA systems, DCS, and OT specific communication protocols such as OPC, Modbus, IEC 60870, DNP3, etc. Working knowledge and deployment of IEC 62443, NIST 800-82, NIST CSF, and familiarity with NIS CAF and NERC CIP Hands-on experience in OT specific cyber security solutions such as Nozomi, Claroty, Splunk, etc. Strong oral and written communication skills. Solid understanding of the relevant industries production processes and operational procedures Cyber OT endpoint OS, Server OS, and embedded systems knowledge Knowledge of OT Capable SIEM, IPS/IDS, Patch Management, Asset Management, security events logging and monitoring technologies and platforms such as Nozomi, Claroty, Nextnine, Industrial defender, Splunk, ArcSight, QRadar, etc. Experience in deploying of unidirectional firewalls, host-based firewalls, Anti-Malware, HIDS in plant and operational environments Strong oral and written communication Characteristics : Certifications in good standing such as : IEC 62443, CISSP, CISM, CISA, CEH, etc. Experience working in a consulting environment or with Big4 firms Demonstrated analytical and complex problem-solving skills Ability to work effectively in a team and across functions, partnering with other teams globally Very strong work ethic and ability to deal with confidential information Develop people through effective coaching and mentoring. Strong interpersonal skills. (ref:hirist.tech) Show more Show less

Relevant Experience: 5-7 Years on SOC Operation Education: BE/BTECH/MCA/BCA/MSC/BSC in Computer Science Certification: CISA/CISSP/CISM/Any OEM Certification in the field of IT Security Skills – Security Tools : Ø ArcSight (SIEM) Ø DLP Ø WAF Ø DAM Ø NBA Ø PIM Ø AlgoSec Ø Anti Malware Ø Cisco HCI Ø Tenable Job Types: Full-time, Permanent Pay: ₹800,000.00 - ₹1,400,000.00 per year Benefits: Health insurance Schedule: Rotational shift Application Question(s): What is your notice period? What is your current CTC? What is your total relevant experience? Location: Kolkata, West Bengal (Required) Work Location: In person

Relevant Experience: 5-7 Years on SOC Operation Education: BE/BTECH/MCA/BCA/MSC/BSC in Computer Science Certification: CISA/CISSP/CISM/Any OEM Certification in the field of IT Security Skills – Security Tools : Ø ArcSight (SIEM) Ø DLP Ø WAF Ø DAM Ø NBA Ø PIM Ø AlgoSec Ø Anti Malware Ø Cisco HCI Ø Tenable Job Types: Full-time, Permanent Pay: ₹800,000.00 - ₹1,400,000.00 per year Benefits: Health insurance Schedule: Rotational shift Application Question(s): What is your notice period? What is your current CTC? What is your total relevant experience? Location: Kolkata, West Bengal (Required) Work Location: In person

Bangalore,Karnataka,India Job ID 768423 Join our Team About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

SIEM Implementation Lead Experience: 7-9 years Location: Pune Employment Type: Full-time Job Overview We are looking for an experienced SIEM Implementation Lead to manage and drive end-to-end SIEM deployments across enterprise environments. The ideal candidate will have deep technical expertise in security monitoring, incident detection, and security architecture using SIEM platforms. Key Responsibilities (KRAs) Lead the design, implementation, and configuration of SIEM platforms (e.g., Splunk, QRadar, ArcSight, LogRhythm) Integrate security data sources and ensure effective log management across all layers Define and tune use cases, correlation rules, and alerting mechanisms Work with SOC and IT teams to refine alert triaging and incident escalation workflows Perform SIEM health checks, capacity planning, and optimization Document SIEM architecture, configurations, and operational procedures Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, ISO 27001) Required Skillsets Hands-on experience with leading SIEM tools (e.g., Splunk, IBM QRadar, ArcSight) Deep understanding of log parsing, normalization, and data ingestion techniques Strong knowledge of cybersecurity frameworks (e.g., MITRE ATT&CK, NIST) Experience in scripting languages (e.g., Python, Bash) for automation Familiarity with firewall, IDS/IPS, antivirus, endpoint security solutions Strong leadership and project management skills Certifications like SIEM Engineer, CISSP, or GCIA preferred (ref:hirist.tech) Show more Show less

The SIEM Administrator will be responsible for administering the deployed SIEM service. The candidate is also expected to have hands on experience of deploying a SIEM solution from scratch, where the candidate should have the skills and knowledge to gather all the required information to build the SIEM solution. In-depth knowledge of technical approaches in security analytics, monitoring and alerting. Maintains technical knowledge within areas of expertise. This role is also responsible for identifying, analyzing, developing new or tuning & Refinement of the content or use cases. Strong problem solving and troubleshooting skills including the ability to perform root cause analysis for preventative investigation Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Should have experience in any of the query language i.eAQL ,KQL, SPL, LEQL etc for writing the complex queries & saved search creation. Should have strong knowledge of different cybersecurity frameworks i.e.MITRE, NIST and Cyber kill chain model. Should have understanding of regular expression writing and custom parsing Preferred technical and professional experience Collaborate with key stakeholders within technology, application and cyber security to develop use cases to address specific business needs. Create technical documentation around the content deployed to the SIEM. Creates and develops correlation and detection rules with SIEM solution, reports & dashboards to detect emerging threats

As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. * Responsible for security researcher to provide insight and understanding of new and existing information security threats * Responsible to participate in recommending improvements to SOC security process, procedures, policies, security incident management and vulnerability management processes * You will be involved in evaluating, recommending, implementing, and solving problems related to security solutions and evaluating IT security of the new IT Infrastructure systems * Keep yourself up-to-date with emerging security threats including applicable regulatory security requirements * Work in a 24x7 Security Operation Centre (SOC) environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * Minimum 2+ years’ experience in SIEM. * Proven expertise in handling the daily monitoring of Information Security events on the QRadar / ArcSight / Splunk console platform * Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists * Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications