421 Arcsight Jobs - Page 11

Knowledge and application: Seasoned, experienced professional; has complete knowledge and understanding of area of specialization. Uses evaluation, judgment, and interpretation to select right course of action. Problem solving: Works on problems of diverse scope where analysis of information requires evaluation of identifiable factors. Resolves and assesses a wide range of issues in creative ways and suggests variations in approach. Interaction: Enhances relationships and networks with senior internal/external partners who are not familiar with the subject matter often requiring persuasion. Works with others outside of own area of expertise, with the ability to adapt style to differing audiences and often advises others on difficult matters. Impact: Impacts short to medium term goals through personal effort or influence over team members. Accountability: Accountable for own targets with work reviewed at critical points. Work is done independently and is reviewed at critical points. Workplace type : Hybrid Working

Additional Career Level Description: Knowledge and application: Seasoned, experienced professional; has complete knowledge and understanding of area of specialization. Uses evaluation, judgment, and interpretation to select right course of action. Problem solving: Works on problems of diverse scope where analysis of information requires evaluation of identifiable factors. Resolves and assesses a wide range of issues in creative ways and suggests variations in approach. Interaction: Enhances relationships and networks with senior internal/external partners who are not familiar with the subject matter often requiring persuasion. Works with others outside of own area of expertise, with the ability to adapt style to differing audiences and often advises others on difficult matters. Impact: Impacts short to medium term goals through personal effort or influence over team members. Accountability: Accountable for own targets with work reviewed at critical points. Work is done independently and is reviewed at critical points.

Hi Everyone, We are looking Sr. SOC Analyst for one of our MNC client Role: Sr. SOC Analyst (Cybersecurity) Experience: 4-8 Years Location: Navi Mumbai Notice Period: Immediate to 15 Days JD : Reporting Structure Program Lead – Cyber Defence center Education • University degree in the field of computer Science or IT or EXTC Experience/ Qualifications 1. 4 to 8 years’ experience in SOC with good Admin and SOC analysis knowledge • Ready to work in 24X7 shift Industry • Hands on experience in SIEM (ArcSight, IBM QRADAR) admin activity • Perform troubleshooting part in SIEM • Analyst would be part of 24x7 Cyber Security Operations function to perform security monitoring and incident response, data loss prevention, vulnerability management, threat intelligence and threat hunting. • Perform monitoring, research, assessment, and analysis on alerts from various security tools, including IDPS tools, SIEM, Anomaly detection systems, firewalls, antivirus systems, user behaviour analytics tools, endpoint inspection, and proxy devices. • Follow pre-defined actions to investigate possible security incidents or perform incident response actions, including escalating to other support groups. • Maintains standard operating procedures (SOP), processes and guidelines. • Manage threat intelligence function encompassing threat intelligence feeds data collection, adversary analysis, cyber attribution capabilities and disseminating threat intelligence. • Ensure proper functioning of systems in the Security Operations Centre. • Enhance and Build Cyber threat detection use cases and assist in analysing & reducing false positive. • Work with internal experts/external vendors to - resolve technical issues. • Prepare Incident Reports on high severity incidents. • Support the development and enhancement of SOC incident response capabilities. • Execute daily ad hoc tasks or lead projects as needed. Preferred Certifications (Added Advantage) • Preferred Cyber Security certifications (CTIA CISM, CEH, CCNA) or • Certified Network Defender from EC Council. Show more Show less

? Identify gaps and weaknesses on current alerting platforms and recommend improvements to ensure evolving capabilities. Identify gaps and weaknesses on Data Loss Prevention platforms. Continually review existing risk scoring models and adjust accordingly to ensure proper focus on significant security events and business needs. Administrate of DLP solution and liaising with GRC & CISO function to configure policies and work on reporting, monitor and respond to different alerts generated from the DLP solution. Demonstrate a good understanding of incident response process and event escalations, repone to DLPs escalations reported by incident response team. Share recommendations to further identify sensitive data and strengthen security controls. Collaborate & partner with legal, compliance team to support customer privacy initiative and continue compliance with different regulations, to mature company data life cycle management with focus on data security. Ability to independently research and solve technical issues and Demonstrated integrity in a professional environment.

About The Role Primary Skill (Technical Skill) Application Packaging Secondary Skill Windows, MECM, Intune ? Experience Level 6 –8 Years (B3) 3 - 5 Years (B2) Location of Posting Chennai Rates Including Mark up - 80 K/M - 90K/M ? Candidate should have the experience of customer facing role Primary Knowledge- Hands-on experience in Creation of MSI, MSIX, Intunewin packages using Flexera Admin Studio/ Install-shield, Microsoft Tools like Win32 Content Prep & MSIX Packaging tool Experience in creating Connection groups and Runvirtual keys Basic to Intermediate know-how and experience towards Scripting – VB script / PowerShell scripting Knowledge of Operating Systems – Win 10, Win11 Experience with SCCM (Microsoft Endpoint Configuration Manager) ? Support the Service & Product Manager across several technical domains Contribute expertise to the management of existing and new IT products and services Define workarounds for known errors and initiate process improvements Strong understanding of performance analysis for Applications packaging process Experience in Testing and implementing Application Packages Establish and implement policies, procedures, and technologies. Familiarity with support processes, including Incident, Problem, Request, Event, and Change Management. ? Mandatory Skills: Application Packaging - Windows. Experience3-5 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Job Duties (Summary): Senior Security SOC Analyst works in 24/7 team and in shifts which include nights and rotational weekends. The role is a key part of our Security Monitoring Incident Response team, involving in investigating alerts/events that trigger from MS Sentinel / SIEM and EDR Tools and other end point tools. Senior Analyst will be the internal escalation point for the Security analysts within the shift/team and will assist Security Analysts in responding to Security Incidents. This role also needs exceptional communication skills (verbal and written), and an ability quickly understand complex information while recognizing familiar elements within complex situations. Required Skills & Experience: Responsible for 24/7 monitor, triage, analysing security events and alerts. Including Malware analysis. Should have good hands-on in Microsoft Sentinel and should have ability to query using KQL [Mandatory] Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc... Strong knowledge of email security threats and security controls, including experience analysing email headers. Analysing Phishing emails and associated Threats and to remediate them by blocking the Urls analysing the malware(s),link(s),IOCs. Good understanding of Threat Intel and Hunting. Good hands on experience in investigating EDR alerts (Tanium, CrowdStrike, etc..) Good hands on experience in using XSOAR Platforms (Demisto, Phantom, etc..) Strong technical understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP. Experience analysing network traffic using tools such as Wireshark, to investigate either security issues or complex operational issues. Experience reviewing system and application logs (e.g., web or mail server logs), either to investigate security issues or complex operational issues. Knowledge in investigating security issues within Cloud infrastructure such as AWS, GCP, Azure (Preferred not mandatory) Good knowledge and hands-on experience with SIEM systems such as SentinelOne/RSA Netwitness/Splunk/AlienVault/QRadar, ArcSight or similar in understanding/creating new detection rules, correlation rules etc... Experience In defining use cases for playbooks and runbooks (Preferred) Experience in understanding log types and log parsing Strong passion in information security, including awareness of current threats and security best practices. Basic Qualifications (Preferred not mandatory ? if Candidate has equivalent knowledge) Bachelors Degree in Computer Sciences or equivalent (Preferred not mandatory) Minimum of 3 years of experience in a Security Operations Centre (SOC) or incident response team (CSIRT Team member). Overall 3+ experience in Information Security/IT Security/Network Security. CEH, CISSP, OSCP, CHFI, ECSA, GCIH, GCIA, GSEC, GCFA certification (minimum One certification - Preferred not mandatory) A relevant specialist degree (e.g., information security or digital forensics). Knowledge in NIST CSF, MiTRE & ATTACK Framework. Active involvement in the Information Security community. Certified in Azure Security [SC-200, AZ-500, AZ-900] ? Either one or more [Mandatory]

The Group Security (GS) Cybersecurity Defense Center (CDC) team is looking for a Security Operations Center (SOC) Analyst, responsible for execution of incident response, investigative analysis of security incidents, reporting, continuous improvement, and post-incident activities. Will work closely with the CDC Engineering Team, internal Nokia teams, external Security Suppliers, and various technology vendors. Group Security (GS) is part of Strategy & Technology and Nokias central knowledge center for Nokias cybersecurity policies and standards, the cybersecurity architecture and roadmap, and the monitoring and alerting of security incidents. You have: 5+ years of experience in a Security Operations Center (SOC) or similar role 2+ years of experience working with one or more of following systemsMicrosoft Sentinel, Microsoft Defender for Endpoint (MDE), Microsoft Defender for Identity (MDI), SentinelOne or Rapid7 Deep knowledge of incident response methodologies and forensic analysis techniques Strong understanding of cloud security principles and experience with major cloud platforms (AWS, Azure, GCP) Expertise in leveraging automation tools for enhancing security operations It would be nice if you also had: Certifications such as CompTIA Cybersecurity Analyst (CySA+), GIAC Certified Incident Handler (GCIH), or Certified SOC Analyst (CSA) Mentoring experience with junior analysts Execute complex security investigations using log analysis and threat intelligence across all Nokia assets Collaborate with SOC Engineers to drive automation and implement AI-powered security solutions Apply cloud security best practices and zero-trust architecture principles in security operations Engage with senior stakeholders to communicate security risks and improve incident response efforts Lead advanced threat hunting initiatives leveraging expertise in security tools and techniques Contribute to the continuous development of SOC processes, technologies, and techniques for enhanced security Mentor and guide junior analysts to foster a culture of learning and professional growth Facilitate post-incident activities, ensuring comprehensive reporting and continuous improvement of security measures

Job Title: SIEM Engineer Experience: 5 - 15 Years Location: Bengaluru / Noida Employment Type: Full-time About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation

3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Understanding of MITRE ATT&CK framework. Location: Pan India

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a safer digital environment for the organization. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills. Additional Information:Work as part of analysis team that works 24x7 on a rotational shift The candidate should have minimum 2 years of experience This position is based at our Chennai office.Minimum a bachelors or a masters degree in addition to regular 15- year full time educationAdaptability to accept change Qualification 15 years full time education

Should have done SIEM Engineeringactivities for more than 2 years. Hands on Experience to Configure,manage, and maintain the Microsoft Sentinel SIEM platform including logmanagement, retention configurations, maintenance of logs at low cost. Monitor, analyze, investigate andrespond to security incidents in MS Sentinel by collaborating with the SOC teamand Customers. Should be able to Integrate/onboarddevices (Linux, Palo Alto, Fortinet, windows and other devices etc.) to Azuresentinel Should have expertise in integratingdata sources which are not supported by Sentinel tool OOB. Custom parserdevelopment and ability to solve technical issues in Sentinel. Troubleshoot and resolve issuesrelated to SIEM (Sentinel) infrastructure and integrations like logs notreporting to Sentinel. Creation of integration documentsand sending them to customers as per requirement. Strong Knowledge of different MicrosoftDefender products Generate and reviewWeekly/Monthly reports to provide insights on security posture and SIEMeffectiveness to Customers Regularly review use caseperformance and keep track of any fine tuning done to use cases includingidentifying scenarios where fine tuning can be done and effectively communicateto customer/internal for fine tuning. Act as single point of contact forthe client during any issues of Integration or Incidents. What you ll do: Creation and Fine Tuning inCustom KQL queries and functions for complex detection and monitoring Requirements. Knowledge of Workbooks creation, Building Playbooks (Enrichment andResponse) in Sentinel automation through logic apps. Preference should be given to candidateswho have completed expert training and certifications in Sentinel and Defender productsof Microsoft. Strong communication, collaborationand multi-tasking skills to work effectively with cross-functional teams andstakeholders. Relevant professionalcertifications such as: AZ-900, SC-900, SC-200, Certified Ethical Hacker (CEH)or any other SIEM Engineering certification. Stay updated with the latesttrends and developments in SIEM technologies and cybersecurity threats andutilize it in System if required. What we offer: Insurance Group Medical Coverage, Group Personal Accident, Group Term Life Insurance Rewards and Recognition Program,Employee Referral Program, Wellness Program and CSR Initiatives Maternity and Paternity Leaves Company Sponsored CertificationProgram

The primary responsibility of this role is to provide advanced incident analysis and management within our SOC environment, while also leading the development and training of the L1 SOC team in incident analysis, parsers creation, rule views, and report management. The ideal candidate will have a strong background in cybersecurity, incident response, and leadership skills. Responsibilities: Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered. Minimum of 3 years of experience in a SOC environment, with a focus on incident analysis and response. Strong understanding of cybersecurity principles, including threat detection, malware analysis, and vulnerability management. Experience with SIEM platforms (e.g., Securonix, QRadar) and familiarity with creating and managing parsers and rule views. Leadership experience, with the ability to mentor and motivate team members effectively. Excellent communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders.

Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities.

The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Requirements Must-haves: 2-3 Year Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Knowledge of creating and modifying the dashboards. Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows Deep Knowledge in SIEM, Ticketing tool, EDR, Vulnerability Management, MimeCast, DMARC tool. Excellent written and verbal communication skills. Good to have: · Good to have industry certifications on any SIEM Platform, CEH, C|SA, CompTIA Security+ & Others Main Responsibilities Tier 1 SOC analysts are incident responders, remediating serious attacks escalated from junior analyst, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments(CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Leading efforts to counter SLA breaches and anticipating the likelihood of future security alerts,incidents. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone),based on the security event severity and suspicious activities, escalate to managed service support teams, tier 2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when newthreats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. · Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Keep updated with the likes of OWASP Top 10 vulnerabilities, Bleeping Computer articles etc., for acquiring the knowledge over current threats in security perspective. Other responsibilities and additional duties as assigned by the security management team or service delivery manager. Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting Job Types: Full-time, Permanent Pay: Up to ₹70,000.00 per month Benefits: Internet reimbursement Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): Do you have any experience in SIEM Tools? Experience: minimum: 2 years (Required) Language: English (Required) Location: Kochi, Kerala (Required) Work Location: In person

Role Description L1 SOC Lead Experience : 7 to 9 years Location : Hyderabad/Trivandrum/Kochi Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence Job Description SOC Lead Position Overview: We are seeking an experienced and technically proficient SOC Lead to manage a medium-sized SOC team. The ideal candidate will provide technical mentorship, effectively manage security incidents, and ensure efficient project management within the SOC environment. This role requires a strategic leader with strong technical expertise and excellent management skills to oversee daily SOC operations and support team development. Under leadership's guidance, responsibilities include P&L, delivery, compliance, and other operational goals. Key Responsibilities Effectively lead a medium-sized cybersecurity SOC team accountable for delivering cybersecurity services to global customers. Effectively manage the deliverables for SOC for an MSSP team Manage resources, headcount, and profitability objectives under leadership guidance. Ensure the team's quality of deliverables aligns with organizational standards. Manage stakeholder relationships and ensure effective communication. Drive initiatives to promote continuous improvement, innovation, and customer satisfaction under leadership's guidance. Job Requirements Required Skills: Previous operational experience in cybersecurity incident management and response teams like CSIRT, CIRT, SOC, or CERT. Experience with MSSP teams. Proven experience in leading/managing a team size of 10 or more. Proficiency with SIEM tools such as ArcSight, Splunk, QRadar, etc. Strong ability to write technical documentation and present technical briefings to varying audiences. Desired Skills Cybersecurity Fundamentals: In-depth understanding of cybersecurity concepts, threats, vulnerabilities, and attack vectors. Knowledge of security technologies, including SIEM, EDR, firewalls, IDS/IPS, and vulnerability scanners. o Familiarity with network protocols, operating systems, and cloud environments. Incident Response Expertise in incident handling, investigation, and remediation. Knowledge of forensic analysis techniques. Ability to develop and implement incident response plans. Experience Atleast 3 years of experience managing a team of SOC Analysts 5+ years of information security experience is required. At least 3 years of experience in security monitoring, digital forensic analysis, or incident response is preferred. Show more Show less

Assist in defining security Policies Standards and reference Architecture for Network design and deployment related to above technologies. Proactive analysis of Network for secure deployments, secure configurations against Global Security Best Practices. Assisting network design team with security inputs while designing an architecture for new offices/ branches/ data centres etc. for Security by Design. Developing network security standards and guiding network design to meet corporate requirements. Strategize and formulate high and low-level monitoring mechanism for security posture of network deployments and advise measures to improve them. Possess and maintain technical knowledge of aspects of DDoS mitigation, NAC, Internet Proxy, DNS etc. Conducting analysis of network security and Strategize and formulate high and low-level monitoring mechanism for DDoS mitigation, NAC, Internet Proxy, DNS. Taking proactive measures for enhancing the security posture of the Bank's network by studying the vulnerabilities issued/ published by various OEMs, internal and external agencies such as CERTetc. Working with internal and external business stakeholders on ensuring that IT infrastructure meet global network security standards. Produce and track metrics for the effectiveness and maturity of Secure network deployments.

Dedicated lead to work with the Happiest Minds Shared SOC team and ITteam to enhance the overall Incident response processes Run any critical incident response along with SOC and IT team Review and update the use caserepository as applicable to Happiest Minds Environment Work on root causeanalysis and remediations for alerts/incidents raised by customers Review andupdate existing automation playbooks Continuous updates of detectiontechniques Periodic threat hunting Use cases to prioritize based on thefindings from the threat and vulnerability management program

Implementation and Deployment: - Design and deploy IDS (ARMIS)solutions tailored to OT environments. - Develop comprehensive deploymentarchitectures, ensuring seamless integration with existing systems. - Configure and optimize network andfirewall settings to support IDS deployments. Data Network Security - IDS, Cybersecurity.

Senior Cybersecurity Analyst with a minimum of 6+ years of experience in thefield of Operation technology, particularly focusing on Endpoint Detection andResponse (EDR) and Intrusion Detection System #40;IDS#41; monitoringtools. The ideal candidate will have demonstrated expertise in Carbon Black AppControl. Carbon Black, MS Defender for Endpoints (EDR/ATP),Data Network Security - IDS, Unix Administration, Windows, Carbon Black, MS Defender for Endpoints (EDR/ATP), Data Network Security - IDS, Unix Administration, Windows. Senior Cybersecurity Analyst with a minimum of 6+ years of experience in the field of Operation technology, particularly focusing on Endpoint Detection and Response (EDR) and Intrusion Detection System (IDS) monitoring tools. The ideal candidate will have demonstrated expertise in Carbon Black App Control.

Cybersecurity, Azure Sentinel SIEM,MS Defender for Endpoints (EDR/ATP),AWS IAM,SOAR Concept, Fortinet FortiSOAR, Palo Alto Networks - Firewalls, Cortex XSOAR, Python We are seeking a Cybersecurity Analyst with 1-6years of experience in fundamental cybersecurity concepts, including SIEM, EDR, IAM, and SOAR platforms The ideal candidate should have a basic understanding of security automation and orchestration using platforms like FortiSOAR, Palo Alto XSOAR, and ThreatConnect (preferred) Experience with SOAR play book creation , integration etc Additionally, knowledge of Python scripting for automation and security tasks will be an added advantage

Hi, Exp: 5-10 Years Minimum of 4+ years’ experience with Microsoft DLP (Microsoft Defender /MS Purview & Compliance) and Microsoft Sentinel tool equivalent with other similar data leakage tool etc.) · Must have hands on experience for data loss product evaluations, building and implementing it, operationalize and integrating with existing systems for effective and efficient use and providing technical support and stakeholder management experience. · Must have hands-on experience with rule creation and maintenance, antispam and anti-phishing administration, report analysis and providing recommendations of future configurations and rules · Exposure/ knowledge of Data Loss Prevention integration with SIEM technologies (i.e.: Splunk, HP ArcSight, etc.) · Knowledge of programming languages a plus (i.e.: Java, .NET, Python, etc.) Top 3 Skills Required MS Purview & Compliance (MS DLP) MS Sentinel Basic scripting for automation If interested please share resume at deepika.eaga@quesscorp.com Show more Show less

The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Requirements Must-haves: 2-3 Year Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Knowledge of creating and modifying the dashboards. Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows Deep Knowledge in SIEM, Ticketing tool, EDR, Vulnerability Management, MimeCast, DMARC tool. Excellent written and verbal communication skills. Good to have: · Good to have industry certifications on any SIEM Platform, CEH, C|SA, CompTIA Security+ & Others Main Responsibilities Tier 1 SOC analysts are incident responders, remediating serious attacks escalated from junior analyst, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments(CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Leading efforts to counter SLA breaches and anticipating the likelihood of future security alerts,incidents. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone),based on the security event severity and suspicious activities, escalate to managed service support teams, tier 2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when newthreats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. · Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Keep updated with the likes of OWASP Top 10 vulnerabilities, Bleeping Computer articles etc., for acquiring the knowledge over current threats in security perspective. Other responsibilities and additional duties as assigned by the security management team or service delivery manager. Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting Job Types: Full-time, Permanent Pay: Up to ₹70,000.00 per month Benefits: Internet reimbursement Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): Do you have any experience in SIEM Tools? Experience: minimum: 2 years (Required) Language: English (Required) Location: Kochi, Kerala (Required) Work Location: In person

Overview Role description Seasoned SOC Manager with over 13 years of experience in cybersecurity, including 8+ years of specialized expertise and more than 3 years in leadership roles within Security Operations Centers. Proven ability to lead high-performing SOC teams (L1–L3), drive operational excellence, and strengthen organizational security posture through strategic threat detection and incident response initiatives. Key Responsibilities Led 24x7 SOC operations, managing day-to-day activities and incident response efforts. Directed a multidisciplinary team of L1, L2, and L3 analysts to ensure effective threat monitoring and rapid response. Developed, implemented, and maintained SOC policies, playbooks, standard operating procedures (SOPs), and escalation workflows. Oversaw the end-to-end lifecycle of security incidents, including detection, triage, analysis, containment, eradication, and recovery. Acted as a key liaison between security teams, IT, application stakeholders, and executive leadership during incidents and investigations. Administered and optimized security technologies such as SIEM (Splunk, QRadar, ArcSight), SOAR platforms, EDR, IDS/IPS, and threat intelligence tools. Generated and presented regular reports on SOC performance metrics, threat trends, and incident outcomes to senior leadership. Led continuous improvement initiatives, including analyst training programs, process automation, and tool enhancements. Ensured SOC compliance with industry standards, security frameworks (MITRE ATT&CK, NIST, ISO 27001), and regulatory requirements (GDPR, HIPAA, PCI-DSS). Managed SOC staffing activities, including recruitment, onboarding, shift scheduling, and performance evaluations. Skills SOC, SIEM, Threat Monitoring Show more Show less

Introduction A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Responsible for implementation partner to see project on track along with providing required reports to management and client Handle the project as well as BAU operations while ensuring high level of systems security compliance Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. Ready to support for 24/7 environment. Preferred Education Master's Degree Required Technical And Professional Expertise 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. B.E./ B. Tech/ MCA/ M.Sc. Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. Working knowledge of industry standard risk, governance and security standard methodologies Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. Ability to multitask and work independently with minimal direction and maximum accountability. Preferred Technical And Professional Experience Preferred OEM Certified SOAR specialist + CEH Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work Intuitive individual with an ability to manage change and proven time management Proven interpersonal skills while contributing to team effort by accomplishing related results as needed Up-to-date technical knowledge by attending educational workshops, reviewing publications Show more Show less

Company Description Strategy (Nasdaq: MSTR) is at the forefront of transforming organizations into intelligent enterprises through data-driven innovation. We don't just follow trends—we set them and drive change. As a market leader in enterprise analytics and mobility software, we've pioneered BI and analytics space, empowering people to make better decisions and revolutionizing how businesses operate. But that's not all. Strategy is also leading to a groundbreaking shift in how companies approach their treasury reserve strategy, boldly adopting Bitcoin as a key asset. This visionary move is reshaping the financial landscape and solidifying our position as a forward-thinking, innovative force in the market. Four years after adopting the Bitcoin Standard, Strategy's stock has outperformed every company in S&P 500. Our people are the core of our success. At Strategy, you'll join a team of smart, creative minds working on dynamic projects with cutting-edge technologies. We thrive on curiosity, innovation, and a relentless pursuit of excellence. Our corporate values—bold, agile, engaged, impactful, and united—are the foundation of our culture. As we lead the charge into the new era of AI and financial innovation, we foster an environment where every employee's contributions are recognized and valued. Join us and be part of an organization that lives and breathes innovation every day. At Strategy, you're not just another employee; you're a crucial part of a mission to push the boundaries of analytics and redefine financial investment. Job Description Support the detection, monitoring and tracking of security vulnerabilities at the application, database, server, workstation and OS levels Tune-in and configure SIEM performance and events data quality to maximize log correlation efficiency Work closely with the network team to implement and maintain network access control technologies Configure Security Orchestration, Automation, and Response (SOAR) tools, scripts, events, and playbooks Expertise in shell scripting and other programming languages, such as Python and/or Power Shell Proficiency in understanding and using regular expressions (regex) Solid understanding of REST/SOAP/WSDL/XML (Web Services), HTTP Request Methods. Work closely with the compliance team to identify, document and implement various security controls related to NIST, FedRAMP, HiTRUST, and ISO 27001 Guide the network and operations teams in implementing security best practices Work with network, and systems engineering teams to promote automation, automated monitoring and administration functionality Implement, and support security solutions including but not limited to Intrusion Detection, Log Management, Data Loss Prevention, Vulnerability Management, Web Content Filtering, and Configuration Management Support the efforts to develop operational best practice procedural documentation for operations staff Assist in the development and documentation of various systems, policies, procedures, and customer deliverables Research new products and make appropriate recommendations Develop and design project plans, tasks and timelines and then provide verbal and written status reports as directed Conduct on-going security assessments, document and track findings and remediation activities Provide on-call support as needed Ideal candidates should be able to work 9am – 6pm ET (US Hours) Qualifications BS in Computer Science, Engineering or related field desired Minimum 3 years of experience supporting enterprise level environment Must have a good understanding of the following: Log correlation, SIEM technologies (AlertLogic, ArcSight, Q1 Radar, Log Rhythm, Splunk, etc.), IDS/IPS technologies, Vulnerability Scanners (Nessus, Qualys, etc.) and other related technologies Understanding of common web application vulnerabilities and familiarity with using web application scanning tools such as Burp Suite, ZAP Proxy, Acunetix, etc. Understanding of cloud solutions and cloud security best practices in environments such as AWS, Azure and Google Cloud Solid understanding of compliance requirements and standards such as PCI-DSS, HIPAA, HiTRUST, ISO 27001, SOX. etc. Demonstrated knowledge of one or more of the following systems: Linux, Windows, or Mac OS Working knowledge of firewall and web filtering technologies Experiences practicing ITIL framework-based processes such as Change, Problem, and Incident management in an enterprise environment Excellent verbal and written communication, presentation, and interpersonal skills Able to define, document and support systems, policies, and procedures Excellent analytic, problem solving and troubleshooting skills Good knowledge and experience designing network, system and application security architectures Ability to efficiently handle multiple projects with shifting priorities Able to anticipate and mitigate risks as well as define architectural solutions Additional Information The recruitment process includes online assessments as a first step. We send them via e-mail, please check also your SPAM folder. We work from Pune office. Show more Show less