285 Arcsight Jobs - Page 10

We are seeking a highly experienced and motivated Senior SOC Manager to lead our Security Operations Center (SOC) team. The Senior SOC Manager will be responsible for managing the day-to-day operations of the SOC, overseeing security monitoring, incident response, threat intelligence activities, and ensuring the organisation's information assets are protected. The ideal candidate will have a strong background in cybersecurity operations, team leadership, and incident management, with a strategic mindset and the ability to drive continuous improvement. Role & responsibilities 1. Leadership and Management: Team Leadership : Lead, mentor, Build and manage a team of SOC analysts, incident responders, and threat hunters. Foster a culture of continuous improvement, accountability, and professional development within the SOC team. Conduct regular performance reviews and provide constructive feedback to team members. Operational Management : Develop and maintain SOC processes, procedures, and documentation to ensure efficient and effective operations. Ensure the SOC team operates 24/7, providing continuous coverage for security monitoring and incident response. Coordinate shift schedules, resource allocation, and ensure adequate staffing levels. Monitoring and Detection : Oversee the monitoring of security events and alerts generated by various security tools and technologies. Ensure the timely identification, analysis, and escalation of potential security incidents. Develop and fine-tune detection rules, signatures, and use cases to enhance threat detection capabilities. Incident Response : Coordinate and manage the end-to-end incident response process, including detection, analysis, containment, eradication, and recovery. Develop, implement, and maintain incident response playbooks, runbooks, and standard operating procedures (SOPs). Lead post-incident reviews, including root cause analysis and lessons learned, to improve incident response processes. Threat Intelligence Integration : Ensure the SOC team stays up-to-date with the latest threat intelligence and cyber threat landscape. Integrate threat intelligence into SOC operations to enhance detection and response capabilities. Collaborate with threat intelligence analysts to gather, analyse, and disseminate actionable intelligence. Threat Hunting : Develop and lead proactive threat hunting activities to identify and mitigate potential threats before they impact the organisation. Utilise advanced analytical and forensic tools to uncover hidden threats and malicious activities. Internal Collaboration : Work closely with other IT and security teams to ensure seamless integration of security operations. Collaborate with the IT infrastructure team to ensure security controls are properly implemented and maintained. Engage with application development teams to ensure secure coding practices and application security measures. Stakeholder Communication : Communicate effectively with senior management, providing regular updates on SOC activities, incidents, and overall security posture. Develop and deliver regular SOC performance and incident reports to leadership. Serve as the primary point of contact for escalated security incidents and external communications. Process Enhancement : Identify areas for improvement within the SOC and implement enhancements to processes, tools, and technologies. Conduct regular SOC assessments and readiness exercises to ensure operational effectiveness. Stay informed about the latest security trends, technologies, and best practices. Metrics and Reporting : Develop and track key performance indicators (KPIs) and metrics to measure the effectiveness and efficiency of SOC operations. Provide detailed reporting on SOC activities, incidents, and trends to senior management and other stakeholders. Monthly CISO reports Regulatory Compliance : Ensure SOC operations comply with relevant regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Support audit activities and provide necessary documentation and evidence for compliance audits. Collaborate with the compliance team to address regulatory changes and ensure ongoing compliance. Employee Training : Develop and deliver regular cybersecurity training programs for SOC staff to enhance their skills and knowledge. Promote security awareness and best practices across the organisation through training and awareness programs. Conduct phishing simulations and other awareness activities to test and improve employee readiness. Professional Development : Encourage SOC team members to pursue relevant certifications and professional development opportunities. Provide guidance and support for career development and advancement within the SOC team. Education and Experience: Education : Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred. Relevant certifications such as CISSP, CISM, GIAC, or equivalent are highly desirable. Experience : A minimum of 10-12 years of experience in cybersecurity, with at least 7-8 years in a SOC management or leadership role. Proven track record of managing and leading high-performing security teams in a dynamic and fast-paced environment. Security Operations : Strong understanding of security monitoring and incident response processes and technologies. Experience with SIEM platforms (e.g., Splunk, ArcSight, QRadar) and other security tools. Knowledge of threat intelligence and analysis methodologies. Technical Expertise : Familiarity with regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Proficiency in using advanced analytical and forensic tools for threat detection and incident analysis. Understanding of network security, endpoint security, application security, and cloud security principles. Leadership and Management : Excellent leadership, team management, and mentoring skills. Strong analytical and problem-solving abilities. Effective communication and interpersonal skills, with the ability to interact with technical and non-technical stakeholders. Strategic Thinking : Ability to think strategically and develop long-term plans for improving SOC operations and overall security posture. Demonstrated ability to drive continuous improvement and foster a culture of innovation. This position may require occasional on-call support and the ability to respond to security incidents outside of regular business hours. Hybrid work environment with a combination of on-site and remote work. Perks and Benefits Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. The successful applicant will enjoy working in a collaborative environment in Chandigarh, India with a friendly and highly driven people (the Oreos), where ideas are always welcome and ongoing training and development is strongly encouraged. The renumeration will be negotiated and based on the relevant skills and experience of the successful applicant. If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you.

Job description We are seeking a highly experienced and motivated Senior SOC Manager to lead our Security Operations Center (SOC) team. The Senior SOC Manager will be responsible for managing the day-to-day operations of the SOC, overseeing security monitoring, incident response, threat intelligence activities, and ensuring the organisation's information assets are protected. The ideal candidate will have a strong background in cybersecurity operations, team leadership, and incident management, with a strategic mindset and the ability to drive continuous improvement. Role & responsibilities Lead the analysis and investigation of information security events (IDS/DLP/SIEM/etc.) in a 24x7 SOC environment to immediately detect, verify, and respond swiftly to cyber threats, and remove false positive. Serve as a technical point of escalation. Responsible for investigating incidents, analysing attack methods, researching new defence techniques and tools, developing security policy, and documenting procedures for SOC. Maintain baselines for secure configuration and operations. Malware analysis and other attack analysis to extract indicators of compromise. Perform data security event correlation between various systems. Prepare reports, summaries, and other forms of communication that may be both internal and client facing. Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives. Develop and deploy processes to ensure efficient and effective security operations. Provide guidance and mentorship to other security analysts and junior members of the security team. Keep up-to-date with the latest trends and best practice developments in the field of cybersecurity and SIEM tools Values And Behaiviours Have Fun We take time and effort to make the workplace more enjoyable, we reward and celebrate success, our customers and partners see us as human. Move with Velocity We evolve and grow to stay ahead of the curve, we make decisions quickly and often, we are decisive and show initiative, we are outcome oriented and we question everything to determine what speeds or impedes the desired outcome. Go Further We go beyond delivering what works, we discover delights and help customers transform their business, we have a passion for learning, we have a desire to question the norms, and we are curious to step out of our comfort zones. Thrive Together We are high functioning, supportive and inclusive, collaboration is in our DNA, we step up to assist our team members, and we work as a team to achieve the right outcome. Skills and Capabilities At least 7 years of experience working in a SOC environment, with a focus on using multiple SIEM tools. Strong understanding of security operations and incident response processes Hands-on experience with at least two major SIEM tools (e.g., MS Sentinel Rapid7, Exabeam Splunk, ArcSight, QRadar,) Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work in a fast-paced, dynamic environment Qualifications B-Tech

Job Title: Cybersecurity Leader Location: India Onsite, (Remote/Hybrid is also available) Experience: 8+ Years Employment Type: Full-time About Simple Solution At Simple Solution , we empower professionals to thrive at the intersection of innovation and impact. As India continues to shape the global digital economy, we offer a dynamic platform where your cybersecurity expertise can grow alongside forward-thinking organizations and visionary leaders. Bring your authentic self to work. Collaborate, innovate, and lead with purpose all while making a meaningful impact on our clients, our industry, and the communities we serve. Simple Solution enables organizations to proactively defend against cyber threats while managing risks and protecting critical assets. We go beyond just responding to incidents we embed cybersecurity into the foundation of strategy and operations. Our mission is to ensure our clients are secure, vigilant, and resilient in todays evolving digital landscape. Work You’ll Do Lead client engagements focused on cybersecurity strategy, architecture, and implementation. Manage incident response efforts — investigation, analysis, containment, and mitigation. Oversee threat detection and monitoring, ensuring swift and effective responses. Act as a trusted advisor to key stakeholders, including executive leadership and security teams. Mentor and guide cybersecurity professionals, fostering a culture of learning and growth. Conduct risk assessments, audits, and gap analyses across security domains. Execute vulnerability testing and provide strategic remediation recommendations. Contribute to the development of cybersecurity methodologies, tools, and service offerings. Stay up to date with market trends, regulatory changes, and emerging security technologies. Lead go-to-market strategies, proposal development, and client presentations. Deliver cybersecurity projects from initiation through successful completion. Develop and implement governance frameworks, security controls, and policies. Provide training and workshops on cybersecurity best practices. Ensure compliance with relevant security standards and frameworks (e.g., NIST, ISO 27001). Key Skills Required 8+ years of experience leading cybersecurity teams, analysts, and engineers. Strong knowledge of threat intelligence, malware, and advanced persistent threats. Expertise in security platforms and tools — SIEM, IDS/IPS, firewalls, endpoint protection, etc. Hands-on experience with tools such as Claroty, Tenable, and Nozomi (or similar). Familiarity with frameworks such as NIST, ISO 27001, CIS Controls, and risk management principles. Strong grasp of security architecture and design for enterprise systems. Excellent communication and interpersonal skills, with the ability to simplify complex technical topics. Qualifications B.Tech / B.E. / M.Tech . 8+ years of relevant cybersecurity experience. Preferred Certifications: GISCP, CISSP, CISM, or similar.

We are looking for a highly skilled and experienced Senior Security Operations Centre (SOC) Manager with a focus on SIEM tools to join our security team. As a SIEM Tools Specialist, you will be responsible for monitoring and analysing security events for multiple clients utilising our SIEM tool. You will undertake timely and accurate detection, investigation, and response to security incidents. In this role, you will collaborate closely with other security professionals, including threat hunters, incident responders, and forensic analysts, to ensure that the security operations centre (SOC) is always operational and that all security incidents are handled in a timely and effective manner to meet SLAs. You will also be responsible for ensuring that the SIEM tool is properly configured, managed, and optimised to meet the clients security requirements. Key Responsibilities: Security Event Analysis: Lead the analysis and investigation of information security events (IDS/DLP/SIEM/etc.) in a 24x7 SOC environment to swiftly detect, verify, and respond to cyber threats, while eliminating false positives. Technical Escalation: Serve as a technical point of escalation for complex security issues. Incident Investigation: Investigate incidents, analyze attack methods, research new defense techniques and tools, develop security policies, and document SOC procedures. Configuration Management: Maintain baselines for secure configuration and operations. Malware & Attack Analysis: Conduct malware analysis and other attack analyses to extract indicators of compromise and perform data security event correlation across various systems. Reporting: Prepare reports, summaries, and other forms of communication for both internal and client-facing purposes. SLA Compliance: Ensure compliance with SLAs, process adherence, and process improvement to achieve operational objectives. Process Development: Develop and deploy processes to ensure efficient and effective security operations. Mentorship: Provide guidance and mentorship to other security analysts and junior members of the security team. Continuous Learning: Stay up-to-date with the latest trends and best practices in cybersecurity and SIEM tools. Qualifications: Proven experience in a similar role within a SOC environment. Strong analytical and problem-solving skills. Proficiency with IDS, DLP, SIEM, and other security tools. Excellent communication skills, both written and verbal. Ability to work in a fast-paced, 24x7 environment. Strong understanding of security policies and procedures.

Join Us At Vodafone, we’re not just shaping the future of connectivity for our customers – we’re shaping the future for everyone who joins our team. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact. What you’ll do Lead the onboarding process of new data sources into the SIEM platform, ensuring proper data normalization and correlation. Continuously improve SIEM performance, efficiency, and scalability. Maintain detailed documentation of SIEM configurations, onboarding procedures, and incident response playbooks. Collaborate with cross-functional teams to identify security requirements and integrate new security technologies into the SIEM. Stay informed about emerging threats, vulnerabilities, and security best practices, and incorporate this knowledge into SIEM operations. Ensure that SIEM configurations and operations comply with relevant industry regulations and standards. Who you are A bachelor's degree in computer science, Information Technology, or a related field is preferred. Total experience of 7-8 years with a minimum of 3 years of hands-on experience in SIEM implementation, management, and onboarding of security data sources. Must have experience of working in large organizations or global service providers across any industry having large/complex infrastructure. Proficiency in deploying, configuring, and managing Security Information and Event Management (SIEM) solutions, such as Splunk, ArcSight, Chronicle (Google Security Operations), ELK Stack. Familiarity with Cribl and regex Experience integrating SIEM with various data sources, including firewalls, IDS/IPS, antivirus, and endpoints. Proficiency in log management solutions, log parsing, and normalization techniques. Demonstrated experience in scripting languages (e.g., Python, PowerShell) for automating SIEM tasks and data analysis. Understanding of Cloud platforms e.g., GCP, AWS, Azure and cloud databases is desirable. Understanding of cybersecurity principles, including threat detection, incident response, and vulnerability assessment is preferable. Strong knowledge of networking protocols, firewall rules, & network security practices to onboard & monitor network traffic. Strong verbal and written communication skills to collaborate with cross-functional teams and onboarding procedures. Outstanding problem-solving skills and a strategic, analytical mindset, and be able to decipher the complex cybersecurity landscapes Not a perfect fit? Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about empowering people and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to still apply as you may be the right candidate for this role or another opportunity. What's in it for you The role of a SIEM Onboarding Engineer, Cyber Security at Vodafone offers several benefits and opportunities for a candidate: Professional Growth : The role provides an opportunity to work with advanced technologies like SIEM and SOAR, and to be part of a multi-year program aimed at modernizing Vodafone's SOC capabilities. This experience can significantly enhance your skills and knowledge in cybersecurity. Global Exposure : As part of Vodafone's global team, you will collaborate with professionals from different regions and departments, gaining valuable international experience. Impactful Work : You will contribute to enhancing Vodafone's security operations, making a real impact on the company's ability to detect and respond to threats. Learning Opportunities : The role involves working with various data sources, including firewalls, IDS/IPS, antivirus, and endpoints, and using scripting languages like Python and PowerShell for automating SIEM tasks and data analysis. This provides ample learning opportunities. Work Environment : The position is based in India (Pune) and offers a hybrid work persona, allowing for a balance between remote and on-site work. Collaboration : You will work closely with cross-functional teams, enhancing your collaboration and communication skills. Who we are We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same. Belonging at Vodafone isn't a concept; it's lived, breathed, and cultivated through everything we do. You'll be part of a global and diverse community, with many different minds, abilities, backgrounds and cultures. ;We're committed to increase diversity, ensure equal representation, and make Vodafone a place everyone feels safe, valued and included. If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, please refer to https://careers.vodafone.com/application-adjustments/ for guidance. Together we can.

L1 - Cyber Defense Center (CDC) Required Skills

Managed Services SOC Manager Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

Dear Candidate, We are looking for a skilled Cybersecurity Analyst to monitor, detect, and respond to security threats. If you have expertise in threat intelligence, SIEM tools, and incident response, wed love to hear from you! Key Responsibilities: Monitor network traffic and systems for potential security threats. Investigate and analyze security incidents to prevent breaches. Implement security controls and best practices for data protection. Manage security tools such as SIEM, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and recommend mitigation strategies. Ensure compliance with security standards like ISO 27001, NIST, and GDPR. Required Skills & Qualifications: Strong knowledge of security frameworks and incident response. Experience with SIEM tools (Splunk, QRadar, ArcSight). Proficiency in scripting (Python, Bash, PowerShell) for security automation. Understanding of network protocols, firewalls, and VPN security. Knowledge of penetration testing and ethical hacking techniques. Soft Skills: Strong analytical and problem-solving skills. Excellent attention to detail and ability to work under pressure. Good communication and teamwork skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Responsibilities Design and deploy secure network architectures. Monitor and respond to security incidents and threats. Implement firewalls, IDS/IPS systems, and VPNs. Perform regular security audits and vulnerability assessmen Job Description Design and implement network security solutions to protect organizational assets. The role focuses on securing network infrastructure, monitoring security threats, and ensuring compliance with security standards. Qualifications Design and deploy secure network architectures. Monitor and respond to security incidents and threats. Implement firewalls, IDS/IPS systems, and VPNs. Perform regular security audits and vulnerability assessmen Skills Expertise in network security tools and protocols. Experience with SIEM platforms like Splunk or ArcSight. Strong knowledge of network architecture and protocols (TCP/IP, DNS). Ability to perform penetration testing and threat analysis.

ArcSight SIEM platform management. Devices onboarding on ArcSight SIEM. Custom Parser development. EPS license (2.5K) assessment. Upgrade of ArcSight SIEM components. Architectural Assessment of ArcSight SIEM

Dear Candidate, We are looking for a skilled SOC Analyst to monitor and analyze security alerts in a Security Operations Center (SOC). You will be responsible for detecting, investigating, and responding to cyber threats. Key Responsibilities: Monitor security alerts, logs, and network traffic for signs of suspicious activity. Investigate security incidents and escalate critical threats. Work with SIEM tools to analyze security events and generate threat reports. Conduct log correlation and threat hunting activities. Respond to malware infections, phishing attacks, and unauthorized access incidents. Assist in developing SOC playbooks and incident response procedures. Conduct regular security drills and tabletop exercises for incident preparedness. Required Skills & Qualifications: Hands-on experience with SIEM platforms (Splunk, QRadar, ArcSight, ELK Stack). Strong understanding of intrusion detection and security event monitoring. Familiarity with cyber kill chain, MITRE ATT&CK, and threat hunting methodologies. Ability to analyze network packets, logs, and forensic data for threat identification. Security certifications such as CEH, GCIH, or CompTIA Security+ are preferred. Soft Skills: Strong problem-solving and analytical skills. Excellent communication skills to work with cross-functional teams. Ability to work independently and as part of a team. Detail-oriented with a focus on delivering high-quality solutions. Note: If you are interested, please share your updated resume and suggest the best number & time to connect with you. If your resume is shortlisted, one of the HR from my team will contact you as soon as possible. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Notice Period : Immediate 15 Days only Job Description Cybersecurity Experience: Proven experience in a cybersecurity or IT security role with a strong focus on security operations. SIEM Tools: Hands-on experience with SIEM tools like Splunk, ArcSight, or QRadar for threat monitoring, incident detection, and log analysis. Network Security: Expertise in network security technologies, including firewalls, IDS/IPS, and VPNs. Endpoint Protection: Strong knowledge of endpoint protection solutions for detecting and responding to cyber threats at the device level. Incident Response: Experience in incident response activities, including malware infections, data breaches, and denial-of-service (DoS) attacks. Threat Detection: Familiarity with threat detection software and methodologies to safeguard systems from internal and external attacks. Networking Knowledge: Solid understanding of networking protocols (TCP/IP, HTTP, DNS, etc.) and network architecture. Troubleshooting & Analysis: Strong analytical and troubleshooting skills for identifying and resolving complex security issues. Scripting & Automation: Proficiency in scripting (Python, Bash, etc.) for automating security tasks and responses. Communication: Excellent written and verbal communication skills to document incidents and collaborate with cross-functional teams. Required Skills Cybersecurity Engineer with Experience with SIEM platforms such as Splunk, ArcSight, or QRadar, along with strong expertise in firewalls, IDS/IPS, VPNs, endpoint protection, and incident response methodologies. Preferred Skills Certifications such as CISSP, CEH, CISM, or similar. Experience with cloud security and securing cloud infrastructure (AWS, Azure, Google Cloud). Familiarity with security frameworks such as NIST, ISO 27001, or CIS Controls.

Ensure effective implementation and operation of the SIEM system (Splunk), protect the organization's network and systems from security threats and incidents, collect and analyze security event data, provide timely and accurate information to incident response teams, support the investigation and remediation of security incidents. Roles and Responsibilities SIEM Deployment & Configuration Use Case Development & Correlation Rules Threat Detection & Incident Response Performance Optimization & Health Monitoring Compliance & Security Best Practices Collaboration & Documentation

? Identify gaps and weaknesses on current alerting platforms and recommend improvements to ensure evolving capabilities. Identify gaps and weaknesses on Data Loss Prevention platforms. Continually review existing risk scoring models and adjust accordingly to ensure proper focus on significant security events and business needs. Administrate of DLP solution and liaising with GRC & CISO function to configure policies and work on reporting, monitor and respond to different alerts generated from the DLP solution. Demonstrate a good understanding of incident response process and event escalations, repone to DLPs escalations reported by incident response team. Share recommendations to further identify sensitive data and strengthen security controls. Collaborate & partner with legal, compliance team to support customer privacy initiative and continue compliance with different regulations, to mature company data life cycle management with focus on data security. Ability to independently research and solve technical issues and Demonstrated integrity in a professional environment.

L3 analysts reviews incident management, tracking notable events and make sure Security operations are running properly . Handle service requests for remediation and information gathering, notify advisories, and update SIEM watchlists with IOCs. They prepare and review weekly/monthly reports, participate in incident review calls, and present updates in team meetings. L3 analysts also manage adhoc tasks like offline tickets, audit log verification, and use case tracker preparation, ensuring proactive security operations. L2 analysts review and analyze tickets, validate logs, fine tune and create use cases, and automate workflows. They ensure accuracy in weekly and monthly reports, participate in incident review calls, and parse log fields for use case configuration. Collaboration with teams and customers is key for efficient monitoring and incident resolution.Also takes part in audit requirement and ad hoc tasks.

Resource with minimum 5 to 7 years of total IT Experience, with 3+ yrs. in SIEM Operations and BAU. Experience in handling L1 and L2 task related to Security Incident Handling across different SIEM Platform (Primary skill ArcSight, Secondary Splunk) Proven experience on handling security incident investigation / forensics Knowledge of security and compliance regulatory standards. Create dashboards on SIEM Console to visualize data and events which help identify trends, anomalies and monitor the general health or security status of the environment Knowledge of ArcSight SIEM, its components, and associates Experience in handling Incident response, triaging and analysing the incidents Security threat identification (including malware), research, analysis and advisory capabilities Some knowledge of hacking stages and techniques Excellent troubleshooting skills, with a creative approach to problem solving Team player and collaborator with excellent follow up and documentation skills. Must be able to work and develop a positive relationship with customers of various size and complexity Self driven engaging individual with a proven history of demonstrated technical skills. Ability to determine root cause of technical issues either on own or in a collaborative scenario. Strong problem solving skills are necessary. Ability to ramp up quickly on new features and technologies around threat protection Must be able to manage time effectively and accurately maintain the project and operational documentation Willing to work in 24*7*365 shifts (as per Business requirement)

SIAM IM ExpectedITIL Certified, Helix ITSM tool hands on and Good to Have Telecom Industry Experience. Sanity checks on overall INCs across the program to make sure IM process is being adhered. Incidents are being taken care/updated/resolution details updated on timely basis. Provide leadership and direction during incidents, maintaining an overall incident perspective and ensure the Incident Management processes are followed. Deliver results and achieve SLA/KPI performance by focusing on effective cross functional team working Coordinate/facilitate the communication process as well as the escalation process during the course of a high priority incident. Proactively monitor incident resolution, analyse and highlight trends and root causes to the Service Desk Manager/Problem Manager and/or relevant support teams. Produce clearly written post incident documentation within the agreed timescales, assisting with Problem Management initiated review sessions where possible. Compile and publish weekly / monthly operational reports detailing high profile outages. Contribute to Continuous Service Improvement in Incident management process, Problem management and Change management process through incident analysis Govern and Audit Incident management process on monthly basis and report on gaps/issues. Come up with mitigation plan to address these gaps. Assist the queue managers with the correct rerouting of the misrouted tickets. Ensure partner organizations are aware of current incident process and adhere to it. Act as Escalation point for Service Delivery Managers and Service Provider Incident Managers Contact Service Delivery Manager to discuss details of the rejected Escalation Monitor service levels of Incident management function Validate use of Knowledge Base on Escalations Owner of the Incident Management process.

Role 1SOC Engineer (L1 / L2) About The Role Identifying, monitoring and responding to events and incidents that occur in the network Monitoring alerts from SIEM Creating and handling ticket related in security Ensuring SLAs are met; escalate the incident when SLAs are not met Investigating and analyzing network threats, and performing root cause analysis of incidents that occur in the network; Identifying and collecting data associated with initial security investigation finding. Collects data and context necessary to be relayed later to IR team. Hands on experience triaging security alerts, events, logs and artifacts Creates and maintains standard operating procedures and other similar documentation. Work in a team of 24/7 members 2 4 years experience as SOC Analyst At least 1 year hands on experience with SOAR platform, SIEM tools and log management tool In depth knowledge of security concepts such as security operations center (SOC), cyber attacks and techniques, threat vectors Hands on experience triaging security alerts, events, logs and artifacts Excellent analytical and problem solving skills as well as interpersonal skills to interact with team members, vendors and upper management Familiarity in malware and attack techniques Forensics experience is advantage Knowledge in Basic Linux is advantage Qualifications Experience of working within medium to large scale complex IT environments in telecommunication industry Strong oral and written communication skills Forensics experience is advantage Excellent attention to detail Resilient and approachable with the ability to work successfully in a dynamic, fast paced environment Ability to operate as a team player, with a flexible and positive attitude Strong analytical and problem solving skills Ability to work under pressure A self starter able to work independently but comfortable and effective working in a team environment. Commitment to accuracy and precision with all outcomes At least Bachelors degree in Network Engineering, Computer Science, Computer Information System or any equivalent degree/experiences. Ability to communicate written and verbally in English and Japanese (preferred). CertificationsPreferred Splunk, CEH, CompTIA+, Analyst Fundamentals Training, Security Analytics Training Acceptance Criteria for SelectionWith due selection process of Customer

Job TitleIntune Management and Email Security Specialist LocationHyderabad/Pune Job TypeFull Time About UsTechM is a leading organization dedicated to providing top notch IT solutions. We are seeking a skilled Intune Management and Email Security Specialist to join our dynamic team. This role is crucial in ensuring the security and efficiency of our IT infrastructure. About The Role ResponsibilitiesIntune Management Configure, deploy, and manage Microsoft Intune for mobile device management (MDM) and mobile application management (MAM). Develop and implement policies for device compliance, application deployment, and security. Monitor and troubleshoot Intune related issues, ensuring optimal performance and security. Provide support for device enrollment, configuration, and lifecycle management. Collaborate with IT teams to integrate Intune with other Microsoft services like Azure AD and Office 365. Email Security (Proofpoint or Mail Marshal) Configure, deploy, and maintain Proofpoint or Mail Marshal email security solutions. Monitor email security systems to detect and block threats such as phishing, spam, malware, and impersonation attempts. Conduct regular security assessments and audits to ensure email security policies are effective. Respond to and mitigate email security incidents, providing detailed reports and recommendations. Stay updated with the latest email security trends and threats to proactively protect the organization. Qualifications Bachelor's degree in Computer Science, Information Technology, or a related field. Proven experience with Microsoft Intune, including device and application management. Strong knowledge of email security solutions, preferably Proofpoint or Mail Marshal. Familiarity with security best practices and compliance standards. Excellent problem solving skills and attention to detail. Strong communication skills, both written and verbal. Relevant certifications (e.g., Microsoft CertifiedSecurity, Compliance, and Identity Fundamentals) are a plus.

"LDAP Web SEAL JD(U3 Band Web SEAL support resource) Installing, configuring, and managing Web SEAL instances on servers, including setting up junctions, defining security policies, and managing user access controls. Integrating web SEAL with various authentication mechanisms like LDAP, Active Directory, and other identity providers to verify user credentials. Defining granular access control policies within web SEAL, determining which users can access specific web resources based on their roles and permissions. Creating and maintaining web SEAL policies for different applications, including URL based access controls, form based authentication, and advanced authorization rules. Configuring web SEAL to provide single sign on functionality across multiple web applications, allowing users to log in once and access all protected resources without re authenticating. Identifying and resolving issues related to web SEAL functionality, user access problems, and security vulnerabilities. Monitoring web SEAL performance metrics to ensure optimal system responsiveness and identify potential bottlenecks. Creating comprehensive documentation for web SEAL configurations, policies, and procedures to facilitate maintenance and support."

Description Primary Skills: Threat Detection and Analysis Log and SIEM Analysis Digital Forensics Secondary Skills: Malware Analysis and Reverse Engineering Network and Endpoint Security Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Threat Detection and Analysis;digital forensics Languages RequiredENGLISH Role Rarity To Be Defined

Description Primary Skills: Incident Management and Response System and Network Knowledge Post-Incident Analysis and Improvement Secondary Skills: Automation and Scripting Communication and Coordination Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Incident Management and Response Languages RequiredENGLISH Role Rarity To Be Defined

Description Primary Skills: Incident Management and Response System and Network Knowledge Post-Incident Analysis and Improvement Secondary Skills: Automation and Scripting Communication and Coordination Knowledge of Standards and Best Practices Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Incident Management and Response Languages RequiredENGLISH Role Rarity To Be Defined

Description Primary Skills: Threat Detection and Analysis Log and SIEM Analysis Digital Forensics Secondary Skills: Malware Analysis and Reverse Engineering Network and Endpoint Security Scripting and Automation Certifications:NA Location:Bangalore/Gurgaon Responsibilities Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Threat Detection and Analysis;digital forensics Languages RequiredENGLISH Role Rarity To Be Defined

Description Primary Skills: Scripting and Automation Threat Detection and Analysis Log Analysis and Monitoring Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Scripting and Automation Languages RequiredENGLISH Role Rarity To Be Defined