285 Arcsight Jobs - Page 11

The Senior Analyst - Information Security role at IndusInd Bank involves overseeing key operations, ensuring compliance, and driving business growth. Responsibilities include managing customer interactions, improving service efficiency, and coordinating with various teams to achieve operational excellence. The ideal candidate should possess strong analytical skills, excellent communication, and a proactive approach to problem-solving. Prior experience in a similar role is preferred. Candidates must demonstrate leadership qualities and adaptability to dynamic banking environments. This position offers a great opportunity to grow within the banking sector.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Managed Services Cross Technology Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their IT infrastructure and systems remain operational through proactively identifying, investigating, and resolving technical incidents and problems and restoring service to clients by managing incidents to resolution. The primary objective of this role is to ensure zero missed service level agreement conditions. The Managed Services Cross Technology Engineer (L1) focuses on first-line support for standard and low complexity incidents and service requests. This role focusses across two or more technology domains such as (but not limited to) Cloud, Security, Networking, Applications and / or Collaboration. The Managed Services Cross Technology Engineer (L1) may also contribute to / support on project work as and when required. What you'll be doing Key Responsibilities: Monitors client infrastructure and solutions. Identifies problems and errors prior to or when they occur. Routinely identifies common incidents and opportunities for avoidance as well as general opportunities for incident reduction. Investigates first line incidents assigned and identifies the root cause of incidents and problems. Provides telephonic or chat support to clients when required. Schedules maintenance activity windows for patching and configuration changes. Follows the required handover procedures for shift changes to ensure service continuity. Reports and escalates incidents where necessary. Ensures the efficient and comprehensive resolutions of incidents and requests. Updates existing knowledge articles or create new ones. Identifies opportunities for work optimization including opportunities for automation of work, request fulfilment, incident resolution, and other general process improvement opportunities. May also contribute to / support on project work as and when required. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience) Certifications relevant to the services provided (certifications carry additional weightage on a candidate’s qualification for the role) Relevant certifications include which are considered desirable (but not limited to): CCNA or relevant level 1 Network Security Microsoft Certified, Azure Administrator Associate AWS Certified, Solutions Architect Associate Veeam Certified Engineer VMware certified Professional: Data Centre Virtualization Zerto, pure, vxrail Google Cloud Platform (gcp) Oracle Cloud Infrastructure (oci) Required Experience: Entry-level experience with troubleshooting and providing the support required in security / network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization. Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (i.e. Security, Network, Data Centre, Telephony, etc.). Basic knowledge of ITIL processes. Workplace type : On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Technical Services Implementation Engineer (L2) is a developing subject matter expert, responsible for ensuring that client solution requirements are resolved in line with Service Level Agreements (SLA). This role performs configurations, action installations and attend to break/fix events. What you'll be doing Key Responsibilities: B.E. /B. Tech in Computer Science/ Electronics /ECE / EE / ECS / IT Engineering/MCA/BCA At least one SIEM solution certifications with one or more SIEM/ Security solutions (i.e., RSA NetWitness, Splunk ES, Elastic ELK, HP ArcSight, IBM QRadar Log Rhythm). At least one L3 level security certifications viz. CCIE/CISSP/CISA/CCNP etc. Minimum 7 years of experience in handling security related products& services in an organization and out of total experience, 5 years of minimum experience should be as an L2 in SOC management. Person should have adequate knowledge of Check point firewall and IPS and Cisco firewall and IPS, McAfee IPS, Web Application Firewall, DDOS and other security devices Administration of SIEM environment (eg: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration management, change management, report management, manage backup and recovery etc) Construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables) Integration of customized threat intelligence content feeds provided by the Threat Intelligence & Analytics service Identifies possible sensor improvements to prevent incidents Collects/updates threat intelligence feeds from various sources Creates situational awareness briefings Co-ordinates with the different departments for incident analysis, containment and remediation Liaise with Security monitoring team to discover repeatable process that lead to new content development Provides engineering analysis and architectural design of technical solutions Device integration, Creation of Co relation rules and Parser development Sound analytical and troubleshooting skills Good Team Management and co-ordination skills Academic Qualifications and Certifications: Bachelor's degree or equivalent in Computer Science / Information Technology Degree or equivalent together with specialized training in new technologies and legacy systems or equivalent. Required Experience: Moderate level of experience in a technical implementation engineering or similar role. Demonstrated experience engaging with clients and conducting presentations. Demonstrated project administration and documentation experience. Workplace type : Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

${jobpostDetails.jobAd.sections.jobDescription.text } Qualification ${jobpostDetails.jobAd.sections.qualifications.text } Additional Information ${jobpostDetails.jobAd.sections.additionalInformation.text }

Role Overview: Position: L3 SOC Analyst Location: Mumbai, India Experience: 5-8 years in SOC roles, with a strong focus on Incident Response and Threat Hunting. Key Responsibilities: Incident Response: Deep expertise in handling end-to-end incident response detection, investigation, containment, eradication, and recovery. Attack Vectors: Solid understanding of phishing, malware, ransomware , and how to respond effectively to these threats. Cyber Kill Chain: Strong knowledge of the cyber kill chain framework, including how adversaries progress through the stages of an attack. Adversary Tactics: Familiarity with adversary techniques and tactics, particularly using frameworks such as MITRE ATT&CK to mitigate threats. SIEM & EDR Tools: Extensive experience with SIEM tools like Splunk and ArcSight , and EDR solutions like CrowdStrike or Microsoft Defender . Scenario Handling: Capable of tackling complex, scenario-based challenges with a strategic mindset. Preferred Qualifications: 3-7 years of experience working in a SOC or handling Incident Response . Expertise in detecting and analyzing indicators of compromise (IOCs). Strong L2 or L3 analyst experience is a must A candidate who has worked on critical incidents and has an in-depth knowledge about the same

Key Responsibilities: - Advanced Log Monitoring and Analysis: - Conduct deeper analysis of security events and alerts generated by LogRhythm, correlating data across various sources to identify potential security threats. - Perform advanced triage, classification, and root cause analysis of escalated security incidents. - Utilize the LogRhythm SIEM platform to investigate complex security events, identifying patterns and relationships in logs to identify potential malicious activities. - Incident Escalation and Resolution: - Take ownership of high-priority and complex security incidents, working closely with the Level 1 team to provide expertise and guidance. - Engage with incident response teams to perform deeper forensic analysis and assist with the containment, mitigation, and recovery phases of security incidents. - Document and communicate incident findings, ensuring a clear and concise record of the investigation and resolution process. - LogRhythm Platform Management: - Manage and optimize the LogRhythm SIEM platform to ensure data collection, parsing, and normalization are functioning effectively. - Develop and fine-tune correlation rules, detection use cases, and custom reports to improve detection capabilities and reduce false positives. - Provide recommendations for system enhancements and adjustments based on findings from incidents or emerging threats. - Threat Intelligence Integration: - Integrate and manage threat intelligence feeds within LogRhythm to enhance detection capabilities. - Analyze and correlate threat intelligence data with internal security logs to identify external and internal threats in real-time. - Security Tool Configuration and Tuning: - Configure and tune security tools (firewalls, endpoint detection and response (EDR), intrusion detection/prevention systems (IDS/IPS)) to optimize integration with the LogRhythm platform. - Work with the team to enhance detection rules and improve threat coverage based on new attack techniques and tactics (e.g., MITRE ATT&CK framework). - Collaboration and Knowledge Sharing: - Collaborate with the L1 team, senior engineers, and other stakeholders in the security operations lifecycle to ensure smooth and effective incident handling. - Provide mentoring and training to junior engineers and analysts in best practices for incident response and SIEM platform usage. - Participate in security operations meetings, helping to continuously refine and improve processes. - Reporting and Compliance: - Assist in generating reports for security incident analysis, compliance audits, and management reviews. - Support internal and external audits, providing data, logs, and documentation as needed. - Help track security metrics and performance indicators to support security operations reporting. - Continuous Improvement and Research: - Stay updated on the latest trends in cybersecurity threats, vulnerabilities, and defense mechanisms to enhance the teams capabilities. - Suggest improvements to the security monitoring processes and help implement new detection technologies and methodologies. Skills & Qualifications: - Technical Skills: - Advanced proficiency with LogRhythm SIEM platform (experience with other SIEM platforms like Splunk, QRadar, or ArcSight is a plus). - In-depth understanding of network protocols (TCP/IP, DNS, HTTP, etc.), security devices (firewalls, IDS/IPS, etc.), and endpoint security technologies (EDR, antivirus, etc.). - Hands-on experience with log analysis, data correlation, and incident investigation. - Familiarity with threat intelligence tools, data sources, and feeds. - Strong understanding of security frameworks, including MITRE ATT&CK, NIST, and OWASP. - Experience: - Minimum of 4–6 years of experience in cybersecurity, IT security operations, or incident response. - Prior experience in a Security Operations Center (SOC) or handling security incidents in an enterprise environment. - Experience with security monitoring, SIEM platform tuning, and threat detection engineering. - Soft Skills: - Strong analytical, problem-solving, and troubleshooting skills. - Excellent communication skills, with the ability to clearly explain complex technical concepts to both technical and non-technical stakeholders. - Ability to work well under pressure and in a fast-paced environment, managing multiple tasks effectively. - Certifications (Preferred but not required): - CompTIA Security+, CEH or similar certifications. - LogRhythm Certified Security Engineer or other relevant certifications. Education: - Bachelor’s of Technology in Computer Science, Information Security, or related field, or equivalent work experience.

Description Google Logging Engineer We are looking for a GCP Engineer who has specialist skills in Google nlogging to develop, test and implement data integration, alerting and logging with the Google Cloud platform. In addition, this role will be expected to develop reporting and dashboards that illustrate activity and performance of data being ingested by GCP looker. Specific tasks includeDesign and build dashboards, reports, and alerts using Google Cloud Logging, BigQuery, and Looker based upon customer requirements. Integrate log data from various sources into BigQuery via Google Logging and ensure data compatibility. Implement performance-optimized Looker models to enable real-time and historical data analysis. Recreate alerts and log-based metrics and triggers using Google Cloud Monitoring and Logging. Integrate alerts with notification systems (e.g., Pub/Sub, email, PagerDuty). Optimize BigQuery queries and Looker dashboards for performance and cost-efficiency. Monitor data ingestion and storage costs, implementing strategies to minimize expenditures. Document the migration process, dashboard configurations, and best practices for future reference. Train internal teams on using Google Logging, Looker, and BigQuery effectively. Qualifications Technical Expertise 3-5 years experience with Google Cloud Platform (GCP) servicesGoogle Logging BigQuery Looker (including LookML modeling) Proficiency in SQL for data querying, analysis, and transformation. Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills architecture;security;SIEM;threat analysis Languages RequiredENGLISH Role Rarity To Be Defined

Description 1.Manage and maintain the Claroty platform. 2.Performing the Compute Service Requirements in respect of the Clatory platform 3.Perform policy configuration and tuning as directed by the Customer 4.Configure Threat Detection rule and tune alerts as per Customer requirements. 5.Firmware updates and software patching Patch cycle monthly with additional patching as required, where security/vulnerability patches to be analysed and, all patching as approved by the Customer for deployment by the Service Provider during planned downtime 6.Create and maintain all relevant design and platform management documents 7.Report any critical anomaly to Customer SOC team if identified and provide necessary support during security incident analysis and investigation. 8.Provide support for Network Devices and Operational Technology component integration with Claroty platform. 9.Security alert monitoring and investigation Akash Saksena CV Recieved. Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility No Global Role Family To be defined Local Role Name To be defined Local Skills security;intrusion detection Languages RequiredENGLISH Role Rarity To Be Defined

Requirement / Qualification Resource with minimum 4 5 years of managing SIEM. Security events Monitoring and SIEM administration/Implementation support. Proven experience on handling security incident investigation / forensics Knowledge of security and compliance regulatory standards. Create dashboards on Alien Vault Console to visualize data and events which help identify trends, anomalies and monitor the general health or security status of the environment. Monitor multiple security alerts sources, eliminate false positive and based on impact and nature of security incident escalate according to established procedures. Knowledge of Alien Vault SIEM, its components, and associates Proactively monitoring vulnerabilities related to network security and upgraded the SIEM rules accordingly. Threat Research & Analysis during high severity Cyber Attacks impacting clients globally. Experience in handling Incident response, triaging and analyzing the incidents. Security threat identification (including malware), research, analysis and advisory capabilities. Some knowledge of hacking stages and techniques Excellent troubleshooting skills, with a creative approach to problem solving. Team player and collaborator with excellent follow up and documentation skills. Must be able to work and develop a positive relationship with customers of various sizes and complexity. Self driven engaging individual with a proven history of demonstrated technical skills. Ability to determine root cause of technical issues either on own or in a collaborative scenario.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Implement security measures to protect systems and data. Conduct security assessments and audits. Develop security policies and procedures. Stay updated on the latest security trends and technologies. Professional & Technical Skills: Must To Have Skills: Proficiency in Splunk. Strong understanding of network security principles. Experience with security tools such as SIEM, IDS/IPS. Knowledge of incident response and vulnerability management. Good To Have Skills: Experience with cloud security solutions. Additional Information: The candidate should have a minimum of 5 years of experience in Splunk. This position is based at our Bengaluru office. A 15 years full-time education is required. Qualifications 15 years full time education

Palo alto Job Description: The candidate should be well versed with following Palo alto firewalls features: Key projects delivered includes Palo Alto firewall installations in data center, and management support. Administration of Palo alto Security Gateways in multi site and clustered environments. Palo Alto Engineers install, configure, manage, and fix Palo Alto Firewalls. Operational task like policy push, group policy and template with Panorama management console. They support, monitor, and take care of existing configuration changes for Palo Alto Networks. The technicians are conversant with procedures, such as change management, automation, and revision control. They need proactive communication with client on service request and incidents handling. Zscaler job description Manage and monitor Zscalers comprehensive security solutions (ZIA, ZPA, ZDX). Configuration and Re categorization of URLs in URL categories. Provisioning of GRE tunnels and Location management. Configuring Firewall control Rules, Network service and modification in Proxy PAC, Managing URL filtering, SAML certificate and NSS. Coordination with requester, Zscaler TAC and client for any request or incident. Installing latest hotfix and upgrade version as and when required. Configuring App connectors, Application segments and policy on ZPA. Troubleshoot any issue related to internet browsing, S2S VPN, ZPA, Zscaler app SSL inspection for any internet browsing sites. Handling proxy issues/New request on Zscaler cloud proxy, troubleshooting, policy implementation. Strong knowledge on Zscaler whitelisting and blocking based on the environment. Familiarity with basic network architecture and cloud infrastructure. Extensive knowledge of Zscaler products and administration with ZCCA or ZCCP certification is highly desirable.

Resource with minimum 5 to 7 years of total IT Experience, with 3+ yrs. in SIEM Operations and BAU. Experience in handling L1 and L2 task related to Security Incident Handling across different SIEM Platform (Primary skill ArcSight, Secondary Splunk) Proven experience on handling security incident investigation / forensics Knowledge of security and compliance regulatory standards. Create dashboards on SIEM Console to visualize data and events which help identify trends, anomalies and monitor the general health or security status of the environment Knowledge of ArcSight SIEM, its components, and associates Experience in handling Incident response, triaging and analysing the incidents Security threat identification (including malware), research, analysis and advisory capabilities Some knowledge of hacking stages and techniques Excellent troubleshooting skills, with a creative approach to problem solving Team player and collaborator with excellent follow up and documentation skills. Must be able to work and develop a positive relationship with customers of various size and complexity Self driven engaging individual with a proven history of demonstrated technical skills. Ability to determine root cause of technical issues either on own or in a collaborative scenario. Strong problem solving skills are necessary. Ability to ramp up quickly on new features and technologies around threat protection Must be able to manage time effectively and accurately maintain the project and operational documentation Willing to work in 24*7*365 shifts (as per Business requirement).

Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering General Summary: Job Overview This role will be responsible for supporting 24x7 operations thus requires working night / weekend shifts on a rotational basis to support the business requirements of the organization Primary responsibilities include monitoring and triaging all security events coming into SOC / CDC from multiple sources. Security events include but not limited to; social engineering attacks, malware, DDoS, data exfiltration, ransomware etc.Triage for first 20 minutes as per standard operating procedure, and post which engage Tier2 for further assistanceIdentifying and Analyzing of security event and incident data by leveraging Orchestration tool workflows and knowledge baseUpdating the Ticketing system thoroughly and timelyCommunicating with stake holders for making sound recommendations on mitigation and or prevention techniquesFollow up and resolution of issues/tickets timely per SLA"™sFollow-up on pending tickets and issues ensuring SLA"™sWorking closely with Tier3 teamsEscalating security events in a timely mannerStaying current with new Use Cases and process changesActively participate in brown bag sessions Min. Qualifications The individual must also have a good awareness of current and developing security threats and technologiesStrong proficiency in security event investigations, also in written and spoken EnglishStrong interpersonal skills and a good team playerPrior professional services experience in 24x7 SOC or CDC operations is desiredBachelor"™s degree or Master"™s Degree in Computer Sciences or in Cyber Security Preferred Qualifications 3 - 5 years of experience working in a SIEM tool with strong background in security incident response and system operationsCEH, Security+, OSCP or other industry-relevant cyber-security certifications and ITIL V3.0 knowledge is a plus Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of cybersecurity-relevant work experience. OR High school diploma or equivalent and 4+ years of cybersecurity-relevant work experience. Physical Requirements: Frequently transports and installs equipment up to 40 lbs.

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NA Minimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Key Responsibilities Work as part of analysis team that works 24x7 on a rotational shift Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologies Timely response to customer requests like detection capabilities, tuning, etc. Research new threats and provide recommendations to enhance detection capabilities Strong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Response activities on EDR based on client requirementsTechnical Experience Experience in an SOC operations with customer-facing responsibilities Deep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscape Hands-on experience in SIEM, SOAR and threat hunting tools Desirable knowledge in any scripting language and EDR products Preferable GCIA, GCFA, CISSP Relevant experience required is 1 to 3 years.Professional Attributes Strong customer service and interpersonal skills Strong problem-solving skills Ability to communicate clearly at all levels, demonstrating strong verbal and written communication skills. Adaptability to accept changeEducational Qualification Minimum a bachelor's or a master's degree in addition to regular 15- year full time education Qualifications 15 years full time education

Mandatory Skill Must Have : - SOC Analyst + Cyber Security + SIEM Job Detail : - Resource with minimum 3 to 5 years of total IT Experience, with 2+ yrs. in SIEM Operations and BAU. Experience in handling L1 related to Security Incident Handling across different SIEM Platform (Primary skill ArcSight, Secondary Splunk) Experience with SIEM Alert and Dashboard monitoring Proven experience on handling security incident triage and investigation Create dashboards on SIEM Console to visualize data and events which help identify trends, anomalies and monitor the general health or security status of the environment Knowledge of ArcSight SIEM, its components, and associates Experience in handling Incident response, triaging and analysing the incidents Security threat identification (including malware), research, analysis and advisory capabilities Some knowledge of hacking stages and techniques Team player and collaborator with excellent follow up and documentation skills. Must be able to work and develop a positive relationship with customers of various size and complexity Self driven engaging individual with a proven history of demonstrated technical skills. Ability to ramp up quickly on new features and technologies around threat protection Must be able to manage time effectively and accurately maintain the project and operational documentation Willing to work in 24*7*365 shifts (as per Business requirement) Experience Range : - 2-5 Years

Mandatory Skill Must Have : - SOC Analyst + Cyber Security + SIEM Job Detail : - Resource with minimum 6 to 8 years of total IT Experience, with 5+ yrs. in SIEM Operations and BAU. Experience in handling L1 and L2 task related to Security Incident Handling across different SIEM Platform (Primary skill - ArcSight, Secondary - Splunk) Proven experience on handling security incident investigation / forensics Knowledge of security and compliance regulatory standards. Create dashboards on SIEM Console to visualize data and events which help identify trends, anomalies and monitor the general health or security status of the environment Knowledge of ArcSight SIEM, its components, and associates Experience in handling Incident response, triaging and analysing the incidents Security threat identification (including malware), research, analysis and advisory capabilities Knowledge of hacking stages and techniques Excellent troubleshooting skills, with a creative approach to problem solving Team Lead role play and collaborator with excellent follow up and documentation skills. Must be able to work and develop a positive relationship with customers of various size and complexity Self driven engaging individual with a proven history of demonstrated technical skills. Ability to determine root cause of technical issues either on own or in a collaborative scenario. Strong problem solving skills are necessary. Ability to ramp up quickly on new features and technologies around threat protection Must be able to manage time effectively and accurately maintain the project and operational documentation Responsible for effective CSAT Willing to work in 24*7*365 shifts (as per Business requirement) Experience Range : - 8-11 Years

Mandatory Skill Must Have : - SIEM + Arcsight Job Detail : - ArcSight SIEM platform management. Devices onboarding on ArcSight SIEM. Custom Parser development. EPS license (2.5K) assessment. Upgrade of ArcSight SIEM components. Architectural Assessment of ArcSight SIEM Experience Range : - 5-8 Years

So, what’s t he r ole all about? As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NICE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it to anyone who asks for it. Experience with Governance, Risk and Compliance (GRC) is a big plus! How will you make an impact? You will directly impact the success of the NICE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you got what it takes? 2-4 years of experience with Information Security & Compliance or GRC University-level degree in InfoSec, Computer Science or other related field. knowledge with major compliance frameworks such as PCI, ISO 27001/17, SOC 2, HITRUST, GDPR. A burning curiosity to learn as much as you can about the NICE cloud environment and the services and products we offer our customers as well as the existing security infrastructure we have in place today; Excellent communications skills along to work collaboratively with security team members and operations and development teams or independently to achieve tactical and strategic security goals; Strong organization and prioritization skills; Education, training or experience with security and compliance fundamentals; Experience working with work tracking tools such as JIRA, Service Now or others. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr! Enjoy NICE-FLEX! At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 6561 Reporting into: Director Role Type: Individual Contributor

Job Area: Information Technology Group, Information Technology Group > Cyber Security Engineering General Summary: This role will be responsible for supporting 24x7 operations thus requires working night / weekend shifts on a rotational basis to support the business requirements of the organizationPrimary responsibilities include monitoring and triaging all security events coming into SOC / CDC from multiple sources. Security events include but not limited to; social engineering attacks, malware, DDoS, data exfiltration, ransomware etc.Triage for first 20 minutes as per standard operating procedure, and post which engage Tier2 for further assistanceIdentifying and Analyzing of security event and incident data by leveraging Orchestration tool workflows and knowledge baseUpdating the Ticketing system thoroughly and timely Communicating with stake holders for making sound recommendations on mitigation and or prevention techniquesFollow up and resolution of issues/tickets timely per SLAs Follow-up on pending tickets and issues ensuring SLAsWorking closely with Tier2 and Tier3 teams Escalating security events in a timely mannerStaying current with new Use Cases and process changesActively participate in brown bag sessions 'The individual must also have a good awareness of current and developing security threats and technologiesStrong proficiency in security event investigations, also in written and spoken EnglishStrong interpersonal skills and a good team playerPrior professional services experience in 24x7 SOC or CDC operations is desiredBachelors degree or Masters Degree in Computer Sciences or in Cyber Security '3 - 5 years of experience working in a SIEM tool with strong background in security incident response and system operationsCEH, Security+, OSCP or other industry-relevant cyber-security certifications and ITIL V3.0 knowledge is a plus Minimum Qualifications: Bachelors degree in Engineering, Information Systems, Computer Science, or related field. OR High school diploma or equivalent and 2+ years of cybersecurity-relevant work experience. Physical Requirements: Frequently transports and installs equipment up to 40 lbs. Applicants :Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies :Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers.

Job Purpose We are seeking a skilled Endpoint Security Engineer to join our team. The ideal candidate will be responsible for safeguarding our endpoints, implementing security measures, and ensuring compliance with industry standards. Duties and Responsibilities A-Minimum required Accountabilities for this role ‚ Own the vendor assessment end to end from scoping till closure of all observations. ‚ Work closely with IT departments to ensure effective integration of endpoint security solutions with existing infrastructure and processes. ‚ Stay current with industry trends and emerging threats, continuously seeking opportunities to enhance the organization's endpoint security posture. ‚ Evaluate, select, and manage relationships with third-party vendors providing endpoint security solutions, ensuring alignment with organizational needs. ‚ Generate regular reports on the security posture of endpoints, including incident reports and compliance status, for senior management. ‚ Ensure that endpoint security measures comply with relevant regulations and standards, conducting regular risk assessments and audits. ‚ Establish, document, and enforce endpoint security policies and procedures to safeguard sensitive data and ensure compliance with industry standards. Key Decisions / Dimensions Identification of right contacts for get vendor assessments completed on time. Review and decide if the observations shared by auditors for vendor assessment are correct and complete. Review and decide if closure evidence shared by vendors are sufficient to close the audit observations. Decide if the policy and procedure documents need changes based on new regulations or audit outcomes. Major Challenges Handling of fast changing regulatory expectations Handling of compliance expectations in stringent timelines Handling multiple stakeholders at a time including vendor, BFL team who has outsourced work to the vendor, third party consultants who assist in assessing vendors etc. Required Qualifications and Experience A) Qualifications Minimum qualification required is computer graduate with minimum of 4 Years of experience in information security. B)Work Experience Design, implement, and manage endpoint security solutions, including antivirus software, firewalls, and intrusion detection/prevention systems. Monitor network and endpoint security systems to detect and respond to security incidents. Lead a project team for the DLP deployment Spearhead the Endpoint DLP implementation and make recommendations accordingly through project plans Deliver the implementation within approved budget and timeline with minimal issues Provide and communicate the regular project progress of the deployment to stakeholders Apply effective project management methodologies and ensure appropriate action applies in corrective needs Conduct regular security assessments and vulnerability scans to identify potential security weaknesses. Ensure that endpoint security systems are configured and maintained in accordance with security best practices and industry standards. Collaborate with network and systems administrators to ensure that endpoint security solutions are integrated into the organizations overall security posture. Research and evaluate new security technologies and make recommendations for implementation. Develop and implement security policies and procedures for end-users, including guidelines for password management, email security, and the use of portable devices. Provide training and support to end-users on how to use endpoint security solutions effectively. Respond to security incidents and participate in incident response efforts as required. Stay up-to-date on the latest security trends and developments and maintain a high level of technical expertise in the field of endpoint security.

The Cybersecurity Operations Manager will act as the primary point of contact and liaison for coordinating all cybersecurity-related operations within India. This role bridges the gap between local business partners, country-level stakeholders, and the broader security teams within the organization. The individual will ensure the effective implementation, monitoring, and enhancement of security measures, aligning local practices with the organizations overarching cybersecurity strategy. Is responsible for managing and optimizing the technology portfolio of enterprise data protection infrastructure, ensuring the reliability and efficiency of associated systems/services, and managing operations team. This role involves strategic planning, people management, project management, and collaboration with various departments to support business objectives. Is accountable for the performance and results of a team within own job family. Adapts business unit, department, site or sub-function plans and priorities to address resource and operational challenges. Decisions are guided by policies, procedures and business unit, department or sub-function plan; receives guidance from manager. Provides technical guidance to employees, colleagues, and/or customers Key Responsibilities: Stakeholder Coordination - Serve as the primary liaison between local business units, country leadership, and global security teams. - Facilitate communication and alignment of cybersecurity initiatives across various stakeholders. - Represent the organization in local and regional cybersecurity forums, meetings, and engagements. Operational Oversight - Manage and maintain the technology portfolio of enterprise data protection services. - Ensure regular maintenance and timely upgrades of systems & services to prevent downtime and enhance performance. - Lead and mentor the IT operations team, providing guidance and support to ensure high performance. - Plan and execute IT projects, ensuring they are completed on time and within budget. - Implement and monitor security measures to protect data and ensure compliance - Monitor system performance and troubleshoot issues to maintain optimal operation. - Manage relationships with IT vendors and service providers to ensure quality and cost-effective services. - Develop and manage the IT operations budget, ensuring efficient allocation of resources. - Total experience 10 to 15 Years. Reporting and Metrics - Provide regular reports & metrics on service operations The Enterprise Data Protection Operations Manager is responsible for managing and optimizing the technology portfolio of enterprise data protection infrastructure, ensuring the reliability and efficiency of associated systems/services, and managing operations team. This role involves strategic planning, people management, project management, and collaboration with various departments to support business objectives. Education: Bachelor's Degree

Roles & Responsibilities: Experience in Splunk implementations and use case creation. Experience with Splunk ES, Splunk ITSI, Splunk UBA, Splunk SOAR Experience in any other SIEM along with Splunk is an advantage. Splunk Certification (Splunk Power User, Splunk Admin, Splunk Cloud Admin etc) Should be ready for travelling wherever projects demand

Roles & Responsibilities: Experience in Splunk implementations and use case creation. Experience with Splunk ES, Splunk ITSI, Splunk UBA, Splunk SOAR Experience in any other SIEM along with Splunk is an advantage. Splunk Certification (Splunk Power User, Splunk Admin, Splunk Cloud Admin etc) Should be ready for travelling wherever projects demand

XDR and SIEM alerts analysis. (Worked on multiple SIEMs - good to have ) Good Understanding of Attacks and its patterns, IOA Good understanding of Security devices logs and its analysis Good in Email communication and proactive in work. Good analytical skills with capability to perform detailed analysis for security events/incidents. Deep dive analysis on EDR platform and well versed with Multiple EDR/XDR platform

Responsible for SIEM and SOAR platform (On-prem/SaaS) in terms of administration and management ( should be currently performing this role). Ensuring SOC platform and service uptime. Efficient management of the SOC platform to ensure proper performance. Log Source Integration to include development of custom parsers for non-supported log sources. Integration with other platforms like Threat Intelligence. Configuration of SOAR plugins, SOAR integration and SOAR Playbooks. Troubleshooting of the SIEM and SOAR platform. Coordinating with OEM TAC for Open issues for Platform and timely getting it resolved. Configuration of rules reports and dashboards based on inputs from monitoring team. Documentation of RCAs for major incidents Other skills required Ability to interact and manage customer stakeholders in the context of platform management. Good team working skills and communication. Technology and skills: SIEM: IBM QRadar OR LogRhythm OR Microsoft Sentinel OR Splunk OR other industry leading SIEM platforms SOAR: Paloalto Cortex XSOAR is preferred or any other industry leading product. Threat Intelligence and Brand Monitoring (Cyble, MISP, etc.) ISTM tools - Freshservice is preferred or any other industry leading product. Scripting: Regex is mandatory, Python (intermediate). OS: Windows and Linux (intermediate skills) Basic working knowledge of industry leading cloud service providers like Microsoft Azure, AWS, GCP, etc. Good knowledge of security domain is mandatory.