422 Arcsight Jobs - Page 13

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Wells Fargo is seeking a Senior Information Security Engineer. In this role, you will: Lead or participate in computer security incident response activities for moderately complex events Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security Review and correlate security logs Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Required Qualifications: 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: 4+ years of demonstrated information security applications and systems experience 4+ years of demonstrated experience leveraging security technologies such as SIEM for security incident analysis 2+ years of demonstrated experience with at least one scripting language (preferably JavaScript and its frameworks / Python) working on automation and engineering projects Proficiency in detection engineering developing and maintaining effective detection rules and correlation logic. Correlation searches, rules, alerts. Behavioral detections (e.g., brute-force, privilege escalation). Anomaly detections (e.g., unusual logon patterns, entropy-based detections). Hands-on experience with parsing configurations (props, transforms, regex, normalization techniques). Expertise in log source onboarding , source categorization, and enrichment. Strong understanding of security event types (firewall, endpoint, identity, cloud, SaaS logs). Familiarity with common attack vectors (credential abuse, privilege escalation, lateral movement). Knowledge of threat detection frameworks like MITRE ATT&CK, NIST, CIS . Ability to work with threat intelligence feeds to build contextual detections. Experience with log analysis , anomaly detection , and statistical detection methods. Proficient in developing content for SIEMs such as Splunk, Sentinel, QRadar, ArcSight, Elastic, etc. Optimize search performance and false positive tuning of existing detection rules. Maintain deployment workflows for apps, configurations, and detection packages across the SIEM infrastructure. Work with security analytics teams to develop data models or normalized schemas (CIM or equivalent). Job Expectations: Knowledge and understanding of banking or financial services industry Should possess understanding of security and threat landscape relevant to cloud technologies Excellent verbal, written, and interpersonal communication skills Strong ability to identify anomalous behavior on endpoint devices and/or network communications Advanced problem solving skills, ability to develop effective long-term solutions to complex problems Relevant certifications such as Splunk Certified Admin, Splunk Enterprise Security Certified Admin.

Understanding of network defence principles, common attack vectors, and attacker techniques. Technical baseline skills and the ability to acquire in-depth knowledge of network and host security technologies Basic Linux/Windows OS knowledge, firewall rules and policy fundamentals. Excellent analytical and problem-solving skills. Strong work ethic and commitment to accomplish assigned tasks with a sense of urgency. Windows, Linux, Network Security, Phishing, Splunk, Malware

Provide L3 support for applications written in GoLang, ensuring high availability and reliability. Analyze application behavior, parse system/application logs, and troubleshoot issues to identify and resolve root causes. Collaborate with development teams to resolve bugs and implement fixes or workarounds where needed. Enhance support scripts to automate and streamline log analysis and issue detection. Maintain knowledge base articles and documentation for known issues, fixes, and standard operating procedures. Support deployment and release activities, ensuring smooth transition of code to production environments. Engage with stakeholders to gather issue details, communicate resolutions, and set proper expectations. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Strong hands-on experience in GoLang, particularly in understanding and debugging Go applications. Solid understanding of log structures, log parsing, and log management tools. Strong debugging and problem-solving abilities in complex environments. Familiarity with microservices, REST APIs Ability to work in a fast-paced environment and handle critical production issues with urgency. Excellent communication and collaboration skills

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Infrastructure Specialists at Kyndryl are project-based subject matter experts in all things infrastructure – good at providing analysis, documenting and diagraming work for hand-off, offering timely solutions, and generally “figuring it out.” This is a hands-on role where your feel for the interaction between a system and its environment will be invaluable to every one of your clients. There are two halves to this role: First, contributing to current projects where you analyze problems and tech issues, offer solutions, and test, modify, automate, and integrate systems. And second, long-range strategic planning of IT infrastructure and operational execution. This role isn’t specific to any one platform, so you’ll need a good feel for all of them. And because of this, you’ll experience variety and growth at Kyndryl that you won’t find anywhere else. You’ll be involved early to offer solutions, help decide whether something can be done, and identify the technical and timeline risks up front. This means dealing with both client expectations and internal challenges – in other words, there are plenty of opportunities to make a difference, and a lot of people will witness your contributions. In fact, a frequent sign of success for our Infrastructure Specialists is when clients come back to us and ask for the same person by name. That’s the kind of impact you can have! This is a project-based role where you’ll enjoy deep involvement throughout the lifespan of a project, as well as the chance to work closely with Architects, Technicians, and PMs. Whatever your current level of tech savvy or where you want your career to lead, you’ll find the right opportunities and a buddy to support your growth. Boredom? Trust us, that won’t be an issue. Roles & Responsibilities include: Router & Switch Management. Patch and Upgrade Switch & Router with recommended version. Troubleshoot and resolve network/routing issues. Perform and maintain backup of all the Network Devices & Ensure Log Capturing of all the Network Devices. Monitor bandwidth utilization and recommend upgrade whenever needed. Maintain inventory of Network Devices and all links. Perform Basic Hygiene & Health Check for all the Network Devices as per customer defined schedule. Ensure monitoring is enabled for all Network Devices and Interface. Ensure Network Redundancy at every layer and highlight gaps (if found). Resolving Incidents/Service Requests with respect to Routing & Switching. Coordination with OEM for advanced troubleshooting. Firewall/NIPS Management. Patch and Upgrade Firewalls/NIPS with recommended version Implement Client approved Firewall Rules & Perform Firewall Rules Review as per agreed schedule Monitor & Manage Firewalls & NIPS & Ensure log capturing is enabled and is being performed for all the Firewalls/NIPS Perform and maintain backup of all the Firewall/NIPS Resolving Incidents/Service Requests with respect to Firewalls/NIPS Managing & tracking license and signatures on Firewall/NIPS & Coordination with OEM for advanced troubleshooting. Monitor health for Access Points installed through Central Wireless Controller Coordination with OEM for advanced troubleshooting Cisco Meraki Manage Wireless Reporting Prepare and submit Network Device related reports as and when asked. Physical Support & Wireless Network Management Mount/Unmount Network Devices, as and when required Replace faulty network devices in case of hardware failure Providing cabling support, as and when required Your future at Kyndryl There are lots of opportunities to gain certification and qualifications on the job, and you’ll continuously grow as a Cloud Hyperscaler. Many of our Infrastructure Specialists are on a path toward becoming either an Architect or Distinguished Engineer, and there are opportunities at every skill level to grow in either of these directions. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Experience Total exp of 6 to 8 years. Must have cleared associate level certification like CCNA, JNCIA,CCNP Routing & Switching – Cisco, Juniper, Arista, Brocade, Huawei, HP, KYNDRYL PureFlex Excellent Firewall, VPN & NIPS Understanding – Cisco ASA, FortiGate. Good troubleshooting skills on Routing Protocol (BGP, OSPF, Static Route). Should have understanding about network technologies like SDN (Cloud Vision), L3 Fabric, VxLAN, NSX. Good understanding and troubleshooting skills for Switching/Redundancy Protocol (HSRP, Spanning Tree, VLANs, EtherChannel) Good troubleshooting skills for User Network Issues including WiFi Support. Logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems Strong analytical and problem-solving skills with high attention to detail. Bachelor's Degree. Preferred Technical and Professional Experience : Sound knowledge about various Network Monitoring and management tools (like SolarWinds, Infoblox) Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

L1/L2 Security Incident Analyst Experience - 3+ years Location - Delhi Shifts - Rotational Shifts Budget - 6-8 LPA Position Overview The L1 Security Incident Analyst is responsible for the initial monitoring, detection, and reporting of security incidents. This role is crucial for ensuring the timely identification and escalation of potential threats. Key Responsibilities (ArcSight-Focused) Perform 24x7 Eye-on-Glass monitoring using ArcSight ESM and Logger as part of a rotating shift schedule. Monitor, analyze, and triage security alerts and events generated by ArcSight SIEM to identify potential threats. Conduct initial incident analysis by reviewing correlated events, logs, and active channels in ArcSight ESM . Escalate incidents to L2 analysts based on ArcSight correlation rule triggers, event severity, and impact assessment. Document incident details , investigation steps, and response actions within the incident management platform , referencing event data from ArcSight. Assist in maintaining and tuning ArcSight SmartConnectors , filters, and active channels for effective data ingestion and visibility. Support the continuous optimization of ArcSight content (e.g., rules, dashboards, use cases) to improve threat detection capabilities. Contribute to security awareness initiatives by providing inputs on observed trends or recurring issues from ArcSight alerts. Participate in a 24x7 shift roster ensuring consistent monitoring and timely response to security incidents across all time zones. Regards Kirti Rustagi hr1@raspl.com Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Skills: SIEM Tools, Intrusion Detection Systems, Incident Response, Threat Intelligence Platforms, Endpoint Detection and Response, Network Traffic Analysis, Log Analysis, Vulnerability Assessment Tools, Qualifications BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. Security certifications like CEH or equivalent preferred. Experience And Skillset Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. Proficient in Incident Management and Response. Basic knowledge of Windows and Unix environments. Knowledge of OSI Model, TCP/IP Protocols, network security. Knowledge about other security tools like Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities Responsible for working in a 24x7 Security Operation center (SOC) environment. Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. Monitor various dash boards from different security solutions on shift basis. Work with the engineering team for Sensor and SIEM rules fine-tuning. Prepare various management reports from SIEM and other security solutions. Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Location Navi Mumbai (On-Site) Show more Show less

Skills: SIEM Tools, Intrusion Detection Systems, Incident Response, Threat Intelligence Platforms, Endpoint Detection and Response, Network Traffic Analysis, Log Analysis, Vulnerability Assessment Tools, Qualifications BE/ B.Tech/ M.Tech/ MCA with 60%+ throughout the academics. Security certifications like CEH or equivalent preferred. Experience And Skillset Minimum 2 +years hands-on experience with one or more SIEM tools (Log Logic, LogRhythm, Splunk, QRadar, ArcSight etc.). In-depth understanding of security threats (preferably OWASP Top 10 vulnerabilities), threat attack methods and the current threat environment. Proficient in Incident Management and Response. Basic knowledge of Windows and Unix environments. Knowledge of OSI Model, TCP/IP Protocols, network security. Knowledge about other security tools like Packet Analyzers, HIPS/NIPS, Network Monitoring tools, Cloud Security, AV, EDR, WAF etc. Responsibilities Responsible for working in a 24x7 Security Operation center (SOC) environment. Carry out investigation and correlation and work with the stakeholders towards mitigation and closure of security incidents. Monitor various dash boards from different security solutions on shift basis. Work with the engineering team for Sensor and SIEM rules fine-tuning. Prepare various management reports from SIEM and other security solutions. Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Seamlessly integrate with the team work culture, ensure proper information flow across shifts, prepare/take part in shift handovers. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Location Navi Mumbai (On-Site) Show more Show less

Client Server Tech is looking for System Security / Engineer to join our dynamic team and embark on a rewarding career journey. Develop and implement system security strategies and solutions. Monitor and analyze security incidents and threats. Conduct incident response and investigation. Collaborate with cross-functional teams on security projects. Ensure compliance with security standards and regulations. Provide training and support on security best practices.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Oracle HCM Cloud Core HR Good to have skills : Oracle Applications Development, Security GovernanceMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will engage in proactive monitoring of systems to identify vulnerabilities and respond to potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security audits and assessments to identify areas for improvement.- Develop and implement security policies and procedures to enhance overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Oracle HCM Cloud Core HR.- Good To Have Skills: Experience with Oracle Applications Development, Security Governance.- Strong understanding of security frameworks and compliance standards.- Experience with risk assessment and management methodologies.- Familiarity with incident response and threat detection tools. Additional Information:- The candidate should have minimum 5 years of experience in Oracle HCM Cloud Core HR.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Quality Engineer (Tester) Project Role Description : Enables full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Performs continuous testing for security, API, and regression suite. Creates automation strategy, automated scripts and supports data and environment configuration. Participates in code reviews, monitors, and reports defects to support continuous improvement activities for the end-to-end testing process. Must have skills : Security Information and Event Management (SIEM) Good to have skills : Cloud Security PlanningMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Quality Engineer (Tester), you will enable full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. You will perform continuous testing for security, API, and regression suite, create automation strategy, automated scripts, and support data and environment configuration. You will also participate in code reviews, monitor, and report defects to support continuous improvement activities for the end-to-end testing process. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Implement innovative testing strategies to enhance product quality.- Conduct thorough security testing to identify vulnerabilities and risks.- Develop and execute test plans, test cases, and test scripts.- Collaborate with cross-functional teams to ensure quality standards are met.- A security architect creates and designs security for a system or service, maintains security documentation and develops architecture patterns and security approaches for Cloud Native platforms.- Recommend security controls and identify solutions that support a business objective- Conduct Threat Model Assessment leveraging STRIDE Model- Help review Application & Infrastructure components to operation Mission Critical Cloud Platform- Provide specialist advice and recommend approaches across teams and various stakeholders- Communicate widely with other CISO stakeholders- Advise on important security-related technologies and assess the risk associated with proposed changes- Inspire and influence others to execute security principles across the engineering platforms Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Good To Have Skills: Experience with Cloud Security Planning.- Strong understanding of security testing methodologies.- Knowledge of security tools and technologies.- Experience in conducting vulnerability assessments and penetration testing.- Ability to analyze and interpret security data for actionable insights. Additional Information:- The candidate should have a minimum of 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Job Title: Senior Manager – Cybersecurity and Cyber Defense Center Location: Bengaluru,KA 📍 Department: Information Security Group (ISG) 👤 Reporting To: VP – Cybersecurity and Cyber Defense Center 📝 Job Purpose: We are seeking a seasoned Senior Manager to lead the strategic operations of our Cyber Defense Center (CDC) . This role is critical to strengthening our cybersecurity posture through advanced threat monitoring, incident response, SIEM management (Azure Sentinel and ArcSight), policy development, and regulatory compliance. You will collaborate with internal stakeholders and leadership teams to mitigate risks, enhance detection capabilities, and lead a high-performance security operations team in alignment with our overall cybersecurity strategy. 🎯 Key Responsibilities: Strategic Security Management Define and implement strategies for monitoring and responding to threats via SIEM platforms (Azure Sentinel & ArcSight preferred). Oversee analysis of data from various sources: firewalls, IDS/IPS, antivirus, DAM systems, proxies, and banking applications. Advanced Threat & Incident Management Create and fine-tune alert rules to improve detection accuracy and reduce false positives. Lead real-time log/alert analysis, ensuring swift and effective incident response aligned with defined policies and procedures. Leadership & Process Enhancement Improve response times and optimize security incident management processes. Lead updates to SOPs, playbooks, and runbooks; champion best practices in cybersecurity operations. Drive execution of security awareness programs and risk-based controls. Cross-Functional Collaboration Liaise with audit, compliance, and regulatory teams to provide logs, evidence, and technical documentation. Engage with leadership to influence strategic cybersecurity decisions. 🔑 Key Principles: Strategic Leadership: Direct the CDC's vision and strategy aligned with organizational goals. Threat Detection & Response: Elevate incident detection, investigation, and mitigation capabilities. Process Optimization: Drive continual improvement of security processes and tools. Collaboration & Communication: Facilitate effective communication across business and technical units. Governance & Compliance: Uphold integrity, ethics, and regulatory alignment in all security operations. 🌐 Operating Environment & Relationships: Operates within frameworks of international cybersecurity regulations and industry standards . Engages across business units (LOD1 to LOD3), including: LOD1: Business, Tech GRC, Technology LOD2: Compliance, Fraud, Risk LOD3: Internal Audit Coordinates with internal/external regulators and auditors. 🧩 Problem Solving & Analysis: Lead strategic problem solving for complex incidents, including root cause and threat impact assessments. Oversee log source onboarding and ensure optimization of data for effective threat detection. 🛡️ Decision-Making Authority: Innovation & PoC: Lead evaluations and PoCs of emerging security technologies. Metrics & Architecture: Analyze and report key security KPIs; contribute to the development of security reference architectures. Policy & Control Design: Drive policy formulation and improvement aligned with business and regulatory needs. Cross-Functional Leadership: Collaborate with senior leaders and vendor partners to deliver security objectives with minimal supervision. 📚 Qualifications & Experience: Education: Graduate/Postgraduate in Science, Engineering, Information Technology , or related disciplines. Certifications (minimum two required): CISSP, CISM, CRISC, CISA, or equivalent. Experience: 12+ years of experience in SOC/CDC leadership roles with demonstrated success in managing complex cyber defense initiatives. Strong expertise in SIEM platforms (Azure Sentinel, ArcSight) and security analytics. Previous exposure to the banking or financial services sector is highly desirable. Technical & Soft Skills: Expert in SIEM management, incident response, threat detection. Strong documentation, policy drafting, and communication skills. Analytical mindset with the ability to guide strategic decisions. Show more Show less

Job Title: Assistant Manager – Microsoft Sentinel Administration 📍 Location: [Remote] 🧭 Department: Information Security Group (ISG) 👤 Reports To: VP – Head of Cyber Defense Center Duration: 6 months 🔎 Job Purpose: The Assistant Manager – Sentinel Administration will be responsible for the end-to-end management of Microsoft Sentinel , a cloud-native SIEM and SOAR platform. This includes configuring data connectors, developing analytics rules, building dashboards and reports, managing playbooks for automated incident response, and collaborating with cross-functional teams to ensure effective threat monitoring, detection, and response across the organization’s IT landscape. 🎯 Key Responsibilities: Security Event Monitoring & Analytics: Ensure continuous monitoring of integrated systems using Sentinel Develop and tune analytics rules to enhance threat detection and reduce false positives Connect and manage diverse data sources (Azure, Microsoft 365, on-prem systems) Dashboards & Reporting: Design workbooks and dashboards for real-time visibility Generate periodic reports and provide insights to stakeholders on security posture Automation & Response: Develop playbooks using Azure Logic Apps Automate incident response workflows to reduce MTTD and MTTR System Maintenance & Optimization: Monitor system performance and apply patches/updates as needed Optimize data ingestion, retention policies, and ensure platform scalability Compliance & Documentation: Maintain up-to-date documentation of configurations and procedures Support audits and align operations with industry standards and organizational policies Collaboration & Support: Work closely with SOC, IT, and other business units Train Sentinel users and participate in incident investigations and post-mortems 🌐 Key Working Relationships: Internal: Local CISOs, ISG team, SOC, Business Units (LOD1-3), Risk, Compliance, Fraud, Internal Audit External: Regulators, Industry Supervisors ⚙️ Key Skills and Competencies: Technical Expertise: 7+ years in Information Security, with at least 4–5 years in Microsoft Sentinel and SIEM tools like ArcSight Strong understanding of SIEM/SOAR operations, threat detection, and incident response Experience in PowerShell, Azure Logic Apps, and automation tooling Hands-on experience in building dashboards, custom visualizations, and configuring data connectors Industry Knowledge: Familiarity with security frameworks and standards: NIST 800-61, ISO 27035, CERT/CC, PCI-DSS Exposure to BFSI sector and experience supporting SOC functions Soft Skills: Strong analytical, communication, and stakeholder management skills Ability to solve complex security challenges with creative and technical solutions Effective cross-team collaboration during incidents and investigations 🎓 Qualifications & Certifications: Bachelor’s degree in Computer Science, Information Technology, or a related field Preferred Certifications: Microsoft Certified: Security Operations Analyst Associate (SC-200) Microsoft Certified: Azure Security Engineer Associate (AZ-500) 🧠 Key Attributes: Proactive and detail-oriented approach to threat detection Committed to upholding confidentiality, integrity, and availability of data Adaptable to evolving technologies and security threat landscapes Passionate about automation and continuous improvement in security operations 📈 Decision Making & Authority: Acts as a Subject Matter Expert (SME) for Microsoft Sentinel within the Cyber Defense Center Responsible for ensuring compliance with security incident response policies and regulatory requirements Supports the Head of Cyber Defense Center in achieving the organization’s InfoSec goals Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less