421 Arcsight Jobs - Page 10

Bangalore,Karnataka,India Job ID 768423 Join our Team About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

About VOIS: VO IS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value and enhancing quality and efficiency across 28 countries, and operating from 7 locations: Albania, Egypt, Hungary, India, Romania, Spain and the UK.Over 29,000 highly skilled individuals are dedicated to being Vodafone Group’s partner of choice for talent, technology, and transformation. We deliver the best services across IT, Business Intelligence Services, Customer Operations, Business Operations, HR, Finance, Supply Chain, HR Operations, and many more.#VOIS About VOIS India: In 2009, VO IS started operating in India and now has established global delivery centres in Pune, Bangalore and Ahmedabad. With more than 14,500 employees, VO IS India supports global markets and group functions of Vodafone, and delivers best-in-class customer experience through multi-functional services in the areas of Information Technology, Networks, Business Intelligence and Analytics, Digital Business Solutions (Robotics & AI), Commercial Operations (Consumer & Business), Intelligent Operations, Finance Operations, Supply Chain Operations and HR Operations and more. Role Purpose: The purpose of this role (CDA- Cyber Defence Analyst) is to provide security analyst expertise and contribute to the success of the Cyber Security Operations Center (‘SOC’). The role reports into the AM & T Team Lead and is responsible to identify and validate threats by data analysis (e.g. log file information, consolidated event / alert data, firewall data) with the wide range of security tools and cyber Defence products. The role will deliver qualified analysis about actual threats and indications / recommendations how the associated risk can be investigated and responded The position works closely together with the Senior Cyber Defense Analysts / security incident manager and provide the technical security expertise in order to provide professional security analysis reports for further corrective actions and security measures. Core competencies, knowledge and experience: 3+ year’s relevant experience in Cyber Security- SOC , SIEM, Event /Alert Analysis, Security Incident investigation and management. Must have an understanding about network and security concepts, SIEM technologies (ArcSight / Splunk / QRadar, Logrhythm, etc.) Must have Industry recognized security certifications like CEH, CCNA Cyber Ops, Security + , Must have excellent analytical skills and communication skills Should be able to follow defined triage playbooks. Aspire to learn about new threats in Cyber Security apply the skills on daily investigation and protect Vodafone against new threats. Must have technical / professional qualifications: Degree in Computer Science/ Information Technology/ Engineering or similar Prior experience in Cyber Security SOC. Prior experience in event analysis and triage. Good knowledge in Networking and security concepts Experience of global customer handling A reputation for self-motivation, integrity, cultural sensitivity and strong interpersonal skills VOIS Equal Opportunity Employer Commitment VO IS is proud to be an Equal Employment Opportunity Employer. We celebrate differences and we welcome and value diverse people and insights. We believe that being authentically human and inclusive powers our employees’ growth and enables them to create a positive impact on themselves and society. We do not discriminate based on age, colour, gender (including pregnancy, childbirth, or related medical conditions), gender identity, gender expression, national origin, race, religion, sexual orientation, status as an individual with a disability, or other applicable legally protected characteristics.As a result of living and breathing our commitment, our employees have helped us get certified as a Great Place to Work in India for four years running. We have been also highlighted among the Top 10 Best Workplaces for Millennials, Equity, and Inclusion , Top 50 Best Workplaces for Women , Top 25 Best Workplaces in IT & IT-BPM and 10th Overall Best Workplaces in India by the Great Place to Work Institute in 2024. These achievements position us among a select group of trustworthy and high-performing companies which put their employees at the heart of everything they do.By joining us, you are part of our commitment. We look forward to welcoming you into our family which represents a variety of cultures, backgrounds, perspectives, and skills! Apply now, and we’ll be in touch!

Must have hands-on working on SIEM Implementation Projects(any two of the below in order of preference) • LogRhythm • FortiSIEM • ArcSight • Splunk/Securonix/Azure Sentinel 3. Experience in Installation, Configuration and Troubleshooting of various SIEM Components. 4. Experience in Supported and Non-Supported Devices Integration with SIEM. 5. Experience in Custom parser Development(Regex based and SQL based) 6. Experience in SIEM Architecture design and distributed Architecture Implementation. 7. Experience in design, Implement, Finetune SIEM Usecases(Cross Corelated Usecases, Threat Based Usecases and Mitre based Usecases) 8. Experience in UEBA – Integrations and Usecases 9. Experience working in a large team and customer facing role. 10. Experience deploying standard SOAR playbooks deployment. 11. Knowledge on Python or PowerShell scripting and APIs. 12. Knowledge on various Cloud Components and relevant functionality and logging(Ex: S3 Bucket, Event Hub, Cloudtrail, Cloudwatch etc.) 13. Should have OEM Certifications in SIEM 14. Security Certifications – CEH, Comptia Security+ or Similar. Roles and Responsibilities: 1. Engage with Customers during the project lifecycle as Technical SPOC and ensure the Implementation is done smoothly. 2. Coordinate internally and customer teams for technical requirements and issues resolutions. 3. Work on device onboarding, Usecases creation, Parser development which are part of project scope and success criteria 4. Technical SPOC for customer meetings, BRM sessions and other workshops held during the project lifecycle. 5. Work on Internal SOC team for successful handover of the projects for SOC monitoring Go-live 6. Engage with Cross Functional teams for Cloud Logsources integration with SIEM. 7. Build project technical documentations including HLD, LLD and other technical documents. 8. Adhere to project delivery processes and Tata Communications internal processes for successful project delivery. 9. Publish weekly and daily status updates to Customer and work support TPM to send the weekly status reports. 10. Contribute to Threat Management practice development - SOPs, Developments, Automations etc. 11. Effectively collaborate with internal and external teams. 12. Support pre-sales for technical pointers and inputs. Show more Show less

Greetings From TCS !! Position : SOC Analyst Experience : 5+ years Location : Walkin Interview on 21st June (saturday) at below locations : Hyderabad TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description : Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Oversight of facilitates for other offices in the UK and provide support and guidance where required. Ability to translate event analysis findings into new monitoring proposals. Remain flexible with 24/7 shift and task assignments Interested Candidates can share their CV to divya.jillidimudi1@tcs.com Regards, Divya Jillidimudi Show more Show less

About VOIS VO IS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value and enhancing quality and efficiency across 28 countries, and operating from 7 locations: Albania, Egypt, Hungary, India, Romania, Spain and the UK.Over 29,000 highly skilled individuals are dedicated to being Vodafone Group’s partner of choice for talent, technology, and transformation. We deliver the best services across IT, Business Intelligence Services, Customer Operations, Business Operations, HR, Finance, Supply Chain, HR Operations, and many more.#VOIS About VOIS India In 2009, VO IS started operating in India and now has established global delivery centres in Pune, Bangalore and Ahmedabad. With more than 14,500 employees, VO IS India supports global markets and group functions of Vodafone, and delivers best-in-class customer experience through multi-functional services in the areas of Information Technology, Networks, Business Intelligence and Analytics, Digital Business Solutions (Robotics & AI), Commercial Operations (Consumer & Business), Intelligent Operations, Finance Operations, Supply Chain Operations and HR Operations and more. Role Purpose The purpose of this role (CDA- Cyber Defence Analyst) is to provide security analyst expertise and contribute to the success of the Cyber Security Operations Center (‘SOC’). The role reports into the AM & T Team Lead and is responsible to identify and validate threats by data analysis (e.g. log file information, consolidated event / alert data, firewall data) with the wide range of security tools and cyber Defence products. The role will deliver qualified analysis about actual threats and indications / recommendations how the associated risk can be investigated and responded The position works closely together with the Senior Cyber Defense Analysts / security incident manager and provide the technical security expertise in order to provide professional security analysis reports for further corrective actions and security measures. Core Competencies, Knowledge And Experience 3+ year’s relevant experience in Cyber Security- SOC , SIEM, Event /Alert Analysis, Security Incident investigation and management. Must have an understanding about network and security concepts, SIEM technologies (ArcSight / Splunk / QRadar, Logrhythm, etc.) Must have Industry recognized security certifications like CEH, CCNA Cyber Ops, Security + , Must have excellent analytical skills and communication skills Should be able to follow defined triage playbooks. Aspire to learn about new threats in Cyber Security apply the skills on daily investigation and protect Vodafone against new threats. Must Have Technical / Professional Qualifications Degree in Computer Science/ Information Technology/ Engineering or similar Prior experience in Cyber Security SOC. Prior experience in event analysis and triage. Good knowledge in Networking and security concepts Experience of global customer handling A reputation for self-motivation, integrity, cultural sensitivity and strong interpersonal skills VOIS Equal Opportunity Employer Commitment VO IS is proud to be an Equal Employment Opportunity Employer. We celebrate differences and we welcome and value diverse people and insights. We believe that being authentically human and inclusive powers our employees’ growth and enables them to create a positive impact on themselves and society. We do not discriminate based on age, colour, gender (including pregnancy, childbirth, or related medical conditions), gender identity, gender expression, national origin, race, religion, sexual orientation, status as an individual with a disability, or other applicable legally protected characteristics.As a result of living and breathing our commitment, our employees have helped us get certified as a Great Place to Work in India for four years running. We have been also highlighted among the Top 10 Best Workplaces for Millennials, Equity, and Inclusion , Top 50 Best Workplaces for Women , Top 25 Best Workplaces in IT & IT-BPM and 10th Overall Best Workplaces in India by the Great Place to Work Institute in 2024. These achievements position us among a select group of trustworthy and high-performing companies which put their employees at the heart of everything they do.By joining us, you are part of our commitment. We look forward to welcoming you into our family which represents a variety of cultures, backgrounds, perspectives, and skills! Apply now, and we’ll be in touch! Show more Show less

Responsibilities Participate or Lead engagements for ICS/OT Cyber Security Maturity Assessments, Transformations, Strategy Development, and Target Operating Model design Controls mapping between clients internal frameworks with an industry recognized framework Design solutions and corresponding Roadmap of activities for ICS/OT clients Prepare or support Business Proposals for various KPMG service offerings Understand clients requirements and identify relevant opportunities to better serve the client Present engagement case studies and KPMG approach in internal and external Qualifications : A minimum of five years of experience in cyber security for Operational Technology environment Bachelor`s degree from an accredited college/university or equivalent experience Good understanding of general OT network topologies, Purdue Model, PLCs, SCADA systems, DCS, and OT specific communication protocols such as OPC, Modbus, IEC 60870, DNP3, etc. Working knowledge and deployment of IEC 62443, NIST 800-82, NIST CSF, and familiarity with NIS CAF and NERC CIP Hands-on experience in OT specific cyber security solutions such as Nozomi, Claroty, Splunk, etc. Strong oral and written communication skills. Solid understanding of the relevant industries production processes and operational procedures Cyber OT endpoint OS, Server OS, and embedded systems knowledge Knowledge of OT Capable SIEM, IPS/IDS, Patch Management, Asset Management, security events logging and monitoring technologies and platforms such as Nozomi, Claroty, Nextnine, Industrial defender, Splunk, ArcSight, QRadar, etc. Experience in deploying of unidirectional firewalls, host-based firewalls, Anti-Malware, HIDS in plant and operational environments Strong oral and written communication Characteristics : Certifications in good standing such as : IEC 62443, CISSP, CISM, CISA, CEH, etc. Experience working in a consulting environment or with Big4 firms Demonstrated analytical and complex problem-solving skills Ability to work effectively in a team and across functions, partnering with other teams globally Very strong work ethic and ability to deal with confidential information Develop people through effective coaching and mentoring. Strong interpersonal skills. (ref:hirist.tech) Show more Show less

Relevant Experience: 5-7 Years on SOC Operation Education: BE/BTECH/MCA/BCA/MSC/BSC in Computer Science Certification: CISA/CISSP/CISM/Any OEM Certification in the field of IT Security Skills – Security Tools : Ø ArcSight (SIEM) Ø DLP Ø WAF Ø DAM Ø NBA Ø PIM Ø AlgoSec Ø Anti Malware Ø Cisco HCI Ø Tenable Job Types: Full-time, Permanent Pay: ₹800,000.00 - ₹1,400,000.00 per year Benefits: Health insurance Schedule: Rotational shift Application Question(s): What is your notice period? What is your current CTC? What is your total relevant experience? Location: Kolkata, West Bengal (Required) Work Location: In person

Relevant Experience: 5-7 Years on SOC Operation Education: BE/BTECH/MCA/BCA/MSC/BSC in Computer Science Certification: CISA/CISSP/CISM/Any OEM Certification in the field of IT Security Skills – Security Tools : Ø ArcSight (SIEM) Ø DLP Ø WAF Ø DAM Ø NBA Ø PIM Ø AlgoSec Ø Anti Malware Ø Cisco HCI Ø Tenable Job Types: Full-time, Permanent Pay: ₹800,000.00 - ₹1,400,000.00 per year Benefits: Health insurance Schedule: Rotational shift Application Question(s): What is your notice period? What is your current CTC? What is your total relevant experience? Location: Kolkata, West Bengal (Required) Work Location: In person

Bangalore,Karnataka,India Job ID 768423 Join our Team About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

SIEM Implementation Lead Experience: 7-9 years Location: Pune Employment Type: Full-time Job Overview We are looking for an experienced SIEM Implementation Lead to manage and drive end-to-end SIEM deployments across enterprise environments. The ideal candidate will have deep technical expertise in security monitoring, incident detection, and security architecture using SIEM platforms. Key Responsibilities (KRAs) Lead the design, implementation, and configuration of SIEM platforms (e.g., Splunk, QRadar, ArcSight, LogRhythm) Integrate security data sources and ensure effective log management across all layers Define and tune use cases, correlation rules, and alerting mechanisms Work with SOC and IT teams to refine alert triaging and incident escalation workflows Perform SIEM health checks, capacity planning, and optimization Document SIEM architecture, configurations, and operational procedures Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, ISO 27001) Required Skillsets Hands-on experience with leading SIEM tools (e.g., Splunk, IBM QRadar, ArcSight) Deep understanding of log parsing, normalization, and data ingestion techniques Strong knowledge of cybersecurity frameworks (e.g., MITRE ATT&CK, NIST) Experience in scripting languages (e.g., Python, Bash) for automation Familiarity with firewall, IDS/IPS, antivirus, endpoint security solutions Strong leadership and project management skills Certifications like SIEM Engineer, CISSP, or GCIA preferred (ref:hirist.tech) Show more Show less

The SIEM Administrator will be responsible for administering the deployed SIEM service. The candidate is also expected to have hands on experience of deploying a SIEM solution from scratch, where the candidate should have the skills and knowledge to gather all the required information to build the SIEM solution. In-depth knowledge of technical approaches in security analytics, monitoring and alerting. Maintains technical knowledge within areas of expertise. This role is also responsible for identifying, analyzing, developing new or tuning & Refinement of the content or use cases. Strong problem solving and troubleshooting skills including the ability to perform root cause analysis for preventative investigation Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Should have experience in any of the query language i.eAQL ,KQL, SPL, LEQL etc for writing the complex queries & saved search creation. Should have strong knowledge of different cybersecurity frameworks i.e.MITRE, NIST and Cyber kill chain model. Should have understanding of regular expression writing and custom parsing Preferred technical and professional experience Collaborate with key stakeholders within technology, application and cyber security to develop use cases to address specific business needs. Create technical documentation around the content deployed to the SIEM. Creates and develops correlation and detection rules with SIEM solution, reports & dashboards to detect emerging threats

As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. * Responsible for security researcher to provide insight and understanding of new and existing information security threats * Responsible to participate in recommending improvements to SOC security process, procedures, policies, security incident management and vulnerability management processes * You will be involved in evaluating, recommending, implementing, and solving problems related to security solutions and evaluating IT security of the new IT Infrastructure systems * Keep yourself up-to-date with emerging security threats including applicable regulatory security requirements * Work in a 24x7 Security Operation Centre (SOC) environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * Minimum 2+ years’ experience in SIEM. * Proven expertise in handling the daily monitoring of Information Security events on the QRadar / ArcSight / Splunk console platform * Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists * Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Managed Cloud Security Services Good to have skills : Security Information and Event Management (SIEM), Incident Management, Delivery & Service ManagemMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). A typical day involves overseeing project implementation and ensuring successful delivery of security services. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead the implementation and delivery of Security Services projects- Leverage global delivery capability for successful project execution- Ensure adherence to project timelines and quality standards Professional & Technical Skills: - Must To Have Skills: Proficiency in Managed Cloud Security Services- Good To Have Skills: Experience with Incident Management- Strong understanding of security protocols and best practices- Knowledge of Security Information and Event Management (SIEM) systems- Experience in managing security incidents and response procedures Additional Information:- The candidate should have a minimum of 7.5 years of experience in Managed Cloud Security Services- This position is based at our Bengaluru office- A 15 years full-time education is required Qualification 15 years full time education

Roles and Responsibilities Conduct threat hunting activities to identify potential security threats and vulnerabilities. Analyze malware samples using various tools such as QRadar, Splunk, and ArcSight. Perform incident response duties including handling incidents, conducting root cause analysis, and implementing remediation measures. Monitor security event logs from multiple sources to detect anomalies and potential security breaches. Collaborate with other teams to develop threat intelligence reports and improve overall security posture. Desired Candidate Profile 7-12 years of experience in Security Operations Center (SOC) or related field. Strong understanding of incident response, threat analysis, threat intelligence gathering, log analysis, and security monitoring concepts. Proficiency in tools like QRadar, Splunk, ArcSight for malware analysis and incident response tasks.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Work with asset owners to ensure the timely and efficient collection of computer security events and logs for the purpose of detecting and responding to information security incidents. Roles & Responsibilities:- Lead the implementation and delivery of Security Services projects- Leverage global delivery capability for successful project execution- Ensure adherence to project timelines and quality standards Professional & Technical Skills- Proficiency in any Security Information and Event Management (SIEM)- Experience with Security Risk Assessment, Google SecOps- Strong understanding of security principles and practices- Experience in implementing security solutions- Knowledge of threat detection and incident response- Ability to analyze and interpret security data- Engage with multiple teams and contribute on key decisions- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Provide solutions to problems for their immediate team and across multiple teams- Verify custom reports, manage log source groups, and validate log sources with client- Maintain a close partnership with SIEM on feature requests, upgrade planning, and product roadmap alignment- Focus on content creation regarding advanced threat analysis (rules, variables, trending, watch lists, etc.) of incoming data and for self-monitoring of the solution itself.- Perform supporting tasks such as system hardening, high availability configurations, and developing backup strategies.- Identify and implement Automation opportunities in project- Troubleshoot issues with log sources or systems with vendor, and report system defects as needed- Coordinate & lead the technical discussions with Client/vendors.- Identify root cause of security incidents.- Implement SOC best practices to deliver business outcomes Professional & Technical Skills: -Experience in Information Security, Risk Management, Infrastructure Security and Compliance- Experience on SOC Operation-Experience in working UBA and Advanced Threat Detection- Any Security device Installations, Configuration, and troubleshooting (e.g., firewall, IDS, etc.)- Hands on experience in any SIEM tool- Mid-level expertise in UNIX, Linux, and Windows- Experience working in a diversified, virtual environment.-Scripting experience in any language- Experience in data manipulation and regular expressions- Experience with Database installation & configuration- Certifications such as CISSP, ITIL, CISA, CISM, GIAC-GCIA, AWS/Azure/Cloud based Certifications- Advanced Certification from any SIEM vendor on products such as ArcSight, QRadar, McAfee Nitro, RSA SA, SPLUNK, Google SecOps etc. Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM)- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 1 SOC analysts are incident responders, remediating serious attacks escalated, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 3 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 2 Years’ Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting Show more Show less

Job Title: L3 SOC Lead Location: Kolkata Job Description We are urgently looking for an experienced L3 SOC Lead to join the Security Operations Center (SOC) team at UCO Bank. The ideal candidate will have extensive experience in SOC operations and security management tools, and will be responsible for leading the SOC team to monitor, detect, analyze, and respond to cybersecurity threats and incidents effectively. Key Responsibilities Lead and manage the SOC team for continuous monitoring, detection, and response of security incidents. Oversee SOC operations to ensure timely and effective incident management. Perform advanced analysis and investigation of security events and incidents. Develop and implement SOC processes, procedures, and escalation mechanisms. Collaborate with cross-functional teams for threat intelligence sharing and incident remediation. Manage and optimize security tools including SIEM, DLP, WAF, DAM, and others. Conduct periodic security assessments and audits to ensure compliance. Provide technical guidance and mentorship to SOC analysts. Prepare reports and communicate SOC metrics, incident trends, and risk posture to management. Required Skills and Expertise Strong hands-on experience with the following Security Tools: ArcSight (SIEM) Data Loss Prevention (DLP) Web Application Firewall (WAF) Database Activity Monitoring (DAM) Network Behavior Analysis (NBA) Privileged Identity Management (PIM) AlgoSec (Security Policy Management) Anti-Malware Solutions Cisco HyperFlex Infrastructure (HCI) Tenable (Vulnerability Management) Expertise in analyzing and responding to cybersecurity threats and incidents. In-depth knowledge of security frameworks, threat intelligence, and incident response. Proven experience in leading SOC operations and teams. Strong understanding of networking, system security, and endpoint protection. Education & Certifications Bachelor’s or Master’s degree in Computer Science or related field (BE/B.Tech/MCA/BCA/MSc/BSc). Relevant professional certifications (mandatory): CISA / CISSP / CISM or Any OEM certification in IT Security (e.g., Certified Ethical Hacker, GIAC, etc.) Experience 5-7 years of relevant experience in SOC operations. Prior experience leading a SOC or security team will be preferred. Show more Show less

Responsibilities Work in a 24x7 Security Operation Centre (SOC) environment. Provide analysis and trending of security log data from various security devices. Coordinate incident response on a daily basis. Perform threat analysis to improve detection capabilities. Conduct forensic investigations and develop recovery plans. Develop and implement advanced defensive strategies and countermeasures. Engage in threat hunting to identify potential threats that may have bypassed defenses. Communicate effectively through written and visual documents for diverse audiences. Requirements Minimum of 8 - 10 years of experience in Cybersecurity. At least 6 years of working in a Security Operations Center (SOC). Proficient in Incident Management and Response, handling escalations. In-depth knowledge of security concepts such as cyber-attacks, threat vectors, and risk management. Knowledge of various operating system flavors including Windows, Linux, and Unix. Knowledge of TCP/IP protocols and network analysis. Experience with SIEM, SSL, Packet Analysis, HIPS/NIPS, and network monitoring tools. Nice-to-haves Hands-on experience with Splunk. Experience with Proofpoint and Azure security. Ability to suggest fine-tuning of existing security use cases.

Job Area: Engineering Group, Engineering Group > Systems Engineering General Summary: In this position you will join the team responsible for the security architecture of Qualcomm Snapdragon processors. The team works at a system level spanning across hardware, software and infrastructure while striving for industry-leading solutions. This team interacts with product management, customers (e.g., OEMs), partners, HW/SW engineering, and Services engineering teams to find the optimal Security solution. Snapdragon processors are utilized in a variety of devices, including mobile phones, laptops, automotive systems, and data centers, each with distinct security needs. These processors are engineered to address most of these requirements, encompassing a wide range of security technologies found in consumer electronics, such as Root of Trust, Integrated Secure Element, Virtualization, and Confidential Compute. Minimum Qualifications 10+ years industry experience in SoC Security encompassing both architecture and design 5+ years industry experience in Compute and/or Data Centre SoC Architecture Demonstrated expertise in Security Technologies (Root of Trust, TEE, Access Control, I/O Security) Proficient in Confidential Compute Architecture (RME, TDX, SEV-SNP, TDISP) Strong understanding of Security Software Architecture for Compute and Data Centers, with a focus on Secure Boot. Skilled in HW/SW threat analysis Strong capabilities in creating and presenting architecture-level documentation. Preferred Qualifications Proficient in isolation-related extensions, including TrustZone, Virtualization, and RME. Extensive knowledge of Server Platform security architecture covering lifecycle/debug management, provisioning, attestation/measurement. Expertise in Applied Cryptography and Protocols. Knowledgeable about Security Certification Processes and (such as OCP) Excellent communication and teamwork skills. Leadership and management experience at the project level Key Responsibilities Establish system security requirements (both hardware and software) for Server SoC focusing on functionality, performance, and security levels. Specify and review the architecture and implementation of System/SoC level security mechanisms. Conduct platform security threat analysis. Perform competitive analysis of security systems and features Explore future and roadmap server security-related technologies. Serve as the technical interface to product management and standards teams. Minimum Qualifications: Bachelors degree in engineering, Computer Science, or related field and 8+ years of Security Engineering or related work experience. ORMasters degree in engineering, Computer Science, or related field and 7+ years of Security Engineering or related work experience.ORPhD in Engineering, Computer Science, or related field and 6+ years of Security Engineering or related work experience. Note References to a particular number of years experience are for indicative purposes only. Applications from candidates with equivalent experience will be considered, provided that the candidate can demonstrate an ability to fulfill the principal duties of the role and possesses the required competencies. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 4+ years of Systems Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 3+ years of Systems Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 2+ years of Systems Engineering or related work experience.

Job Title: L3 SOAR Administrator – ArcSight SOAR Expert Location: Gurgaon Experience: 5+ years (Minimum 2+ years in SOAR administration) Position Type: Full-Time Department: Cybersecurity / Security Operations Centre (SOC) Budget: 18-20 LPA Role Overview: We are seeking an experienced and skilled L3 SOAR Administrator with hands-on expertise in ArcSight SOAR to lead the administration and enhancement of our SOAR platform. The candidate will be responsible for ensuring platform stability, developing advanced playbooks, integrating threat intelligence feeds, and enabling seamless automation across SOC tools and processes. Key Responsibilities: SOAR Platform Administration: Manage and maintain the ArcSight SOAR platform, ensuring high availability and performance. Oversee upgrades, patching, and system optimization. Playbook Creation & Management: Design, develop, and maintain complex automated playbooks for incident response and security operations. Optimize existing playbooks based on evolving threat scenarios and feedback from L1/L2 teams. Automation Development: Develop automation scripts and workflows to enhance SOC efficiency. Utilize Python, REST APIs, and built-in SOAR capabilities to build scalable automations. Integration Management: Integrate ArcSight SOAR with various security technologies including SIEMs, EDRs, firewalls, threat intel platforms, ticketing systems, and email gateways. Ensure seamless bi-directional communication across platforms. Threat Intelligence Integration: Configure and maintain ingestion of external and internal threat intelligence feeds into SOAR. Automate enrichment and correlation of indicators of compromise (IOCs). Required Skills & Qualifications: Minimum 5-8 years of experience in a security operations center (SOC) or incident response role.. Proven expertise in ArcSight SOAR (formerly Micro Focus SOAR). Strong knowledge of security operations processes , incident response lifecycle, and threat hunting techniques. Good understanding of SIEM (ArcSight, Splunk, etc.), EDR (CrowdStrike, SentinelOne), and other security tools. Familiarity with MITRE ATT&CK framework and threat intel feeds. Good written & verbal communication & presentation skills Bachelor’s degree in computer science, Information Security, or related field (or equivalent work experience). Intermediate to advanced certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or equivalent preferred. Strong leadership and communication skills. Regards Kirti Rustagi hr1@raspl.com Show more Show less

Relevant Experience: 5-7 Years on SOC Operation Education: BE/BTECH/MCA/BCA/MSC/BSC in Computer Science Certification: CISA/CISSP/CISM/Any OEM Certification in the field of IT Security Skills – Security Tools : Ø ArcSight (SIEM) Ø DLP Ø WAF Ø DAM Ø NBA Ø PIM Ø AlgoSec Ø Anti Malware Ø Cisco HCI Ø Tenable Job Type: Full-time Pay: ₹800,000.00 - ₹1,400,000.00 per year Schedule: Rotational shift Ability to commute/relocate: Kolkata, West Bengal: Reliably commute or planning to relocate before starting work (Required) Application Question(s): What is your current CTC? What is your expected CTC? What is your notice period? What is your current location? In which of the following tools do you have hands-on experience? (ArcSight, DLP, WAF, DAM, NBA, PIM, AlgoSec, Anti Malware, Cisco HCI, Tenable) Which level are you supporting? Experience: total work: 5 years (Required) SOC Operation: 5 years (Required) Work Location: In person

Relevant Experience: 5-7 Years on SOC Operation Education: BE/BTECH/MCA/BCA/MSC/BSC in Computer Science Certification: CISA/CISSP/CISM/Any OEM Certification in the field of IT Security Skills – Security Tools : Ø ArcSight (SIEM) Ø DLP Ø WAF Ø DAM Ø NBA Ø PIM Ø AlgoSec Ø Anti Malware Ø Cisco HCI Ø Tenable Job Type: Full-time Pay: ₹800,000.00 - ₹1,400,000.00 per year Schedule: Rotational shift Ability to commute/relocate: Kolkata, West Bengal: Reliably commute or planning to relocate before starting work (Required) Application Question(s): What is your current CTC? What is your expected CTC? What is your notice period? What is your current location? In which of the following tools do you have hands-on experience? (ArcSight, DLP, WAF, DAM, NBA, PIM, AlgoSec, Anti Malware, Cisco HCI, Tenable) Which level are you supporting? Experience: total work: 5 years (Required) SOC Operation: 5 years (Required) Work Location: In person

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources.Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD,PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis.Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities.Identify log sources and examine system logs to reconstruct event histories using forensic techniques.Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging.Maintain and support the operational integrity of SOC toolsets.Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans.Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively.Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive.Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Workplace type : On-site Working