421 Arcsight Jobs - Page 15

The Imperva DB security Engineer role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Imperva DB security Engineer domain.

Role & responsibilities Security Architecture & Engineering Design and deploy secure network, infrastructure, and Azure cloud architectures using Defender for Cloud, Sentinel, Entra ID, and Purview. Select, integrate, and optimize security tools (SIEM/SOAR, firewalls, EDR, DLP). Embed security into DevOps/CI-CD pipelines via automation (Logic Apps, PowerShell, KQL). Security Operations & Incident Response Configure and tune detection rules and workbooks in Sentinel; build automated playbooks for common incidents. Lead triage, investigation, and root-cause analysis of alerts from Defender and Sentinel. Conduct proactive threat hunting, log review, and vulnerability assessments. Identity & Access Management Implement and manage Conditional Access, MFA, Privileged Identity Management, and RBAC in Entra ID. Enforce least-privilege principles and lifecycle policies across users, groups, and service identities. Governance, Risk & Compliance Maintain alignment with ISO 27001, NIST, CIS, PCI-DSS, and GDPR using Secure Score and Compliance Manager. Develop and enforce security policies, standards, and audit controls. Team Leadership & Collaboration Mentor SOC analysts and engineers, driving continuous improvement and knowledge sharing. Collaborate closely with IT, DevOps, and business units to integrate security into all projects.

The Firewall,WAF role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Firewall,WAF domain.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a secure environment for all stakeholders. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Engineering Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your role involves ensuring the security of critical assets and data. Roles & Responsibilities:Work as part of Security Engineering handling tunings, customer requests, escalations, reporting, trainings, etc.Administration of the Accenture proprietary SIEM (Log Collection Platform) to gather security logs from customer environment.Life cycle management of the SIEM (Onboarding, Break-fix, Patching, Live update )Adhering to SOPs and notify customers on log flow/log format issuesDocument best practices and writing KB articlesIdentify opportunities for process improvements Professional & Technical Skills: Experience in SOC OperationsKnowledge on networking, Linux and security concepts Experience in configuring/managing security controls such as Firewall, DS/IPS,EDR,UTM,ProxyKnowledge on log collection mechanism such as Syslog, Log file, DB & API and build collector Knowledge in device onboarding and integrationPassion for cyber security, learning, and knowledge sharing Strong Verbal & written communication skills Proven customer service skills, problem solving and interpersonal skills Ability to handle high pressure situationsConsistently exhibit high levels of teamworkFollowing certifications is added advantage:Network+,Linux+, Security and CCNAPrior experience in information security or SOC operations Additional Information:Work as part of a global technical services team that works 24/7 on rotational shiftBachelors degree in computer science, The candidate should have minimum 2 years of experience This position is based at our Chennai office. A 15 years full time education is required. Qualification 15 years full time education

The Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty domain.

A career in our Advisory Acceleration Centre is the natural extension of PwC’s leading class global delivery capabilities. We provide premium, cost effective, high quality services that support process quality and delivery capability in support for client engagements. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Use feedback and reflection to develop self awareness, personal strengths and address development areas. Delegate to others to provide stretch opportunities, coaching them to deliver results. Demonstrate critical thinking and the ability to bring order to unstructured problems. Use a broad range of tools and techniques to extract insights from current industry or sector trends. Review your work and that of others for quality, accuracy and relevance. Know how and when to use tools available for a given situation and can explain the reasons for this choice. Seek and embrace opportunities which give exposure to different situations, environments and perspectives. Use straightforward communication, in a structured way, when influencing and connecting with others. Able to read situations and modify behavior to build quality relationships. Uphold the firm's code of ethics and business conduct. ,Quality Assurance SOC Analyst - CaaS As a Quality Assurance SOC Analyst (Senior Associate) within the Cyber as a Service (CaaS) practice, you’ll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. You will play a pivotal role in ensuring the quality and effectiveness of our SOC operations. You will be responsible for reviewing and enhancing our security incident response processes and procedures, evaluating the performance of SOC analysts, and implementing best practices to maintain the highest standards of security. This role is critical in maintaining the integrity of our clients' systems and Required Qualifications data. Responsibilities include but are not limited to: 3+ years of experience in a technical role in the areas of Security Operations, Quality Assurance in a SOC setting, Threat Intelligence, Incident Response, or Penetration Testing/Red Team. At a minimum, a Bachelor's Degree in a relevant area of study with a preference for Computer Science, Computer Engineering, Cybersecurity, or Information Security. Knowledge and experience working with various SIEM, EDR, NDR and Ticketing tools. Knowledge of Security Operations Centre (SOC) processes and procedures. Effective communication skills, both written and verbal. Strong attention to detail and commitment to quality. Advanced knowledge and experience analyzing attacker techniques at all stages of a breach. Knowledge of MITRE ATT&CK and Cyber Kill-Chain is a must Be available to work on a 24/7 basis (Mon-Sun) on a shift based schedule to continuously assure quality within SOC. Roles & Responsibilities Conduct regular quality assessments of security incident handling processes within the SOC for both L1 and L2 functions. Review and evaluate the effectiveness of SOC analyst activities, including incident detection, analysis, investigation and response. Identify areas for improvement and provide recommendations to enhance SOC operations and incident response capabilities. Collaborate with SOC management and leads to develop and implement quality assurance strategies and initiatives. Create and maintain comprehensive quality assurance documentation, reports, and metrics. Mentor and provide guidance to junior SOC analysts to improve their performance and investigation skills. Stay up-to-date with the latest threat landscape, attack vectors, and cybersecurity technologies through ongoing research and professional development. Assist in incident response activities as needed, including during high-priority security incidents. Participate in the development and delivery of training programs for SOC staff. Collaborate with the L2 analyst team to develop robust quality assurance practices, documentation, reports and metrics. Collaborate with L1 and L2 SOC analysts to provide training and knowledge sharing on quality assurance best practices. Communicate findings and recommendations effectively to technical and non-technical stakeholders internally and externally. Maintain detailed records of quality assurance activity, including findings, actions taken, and outcomes. Participate in knowledge-sharing initiatives with the L1 and L2 team to enhance collective expertise and investigation skills. Ensure adherence to established quality assurance processes and procedures. Identify opportunities for process improvement and contribute to the enhancement of quality assurance methodologies. Maintain composure and efficiency in high-pressure situations. Willing to work in US day shift (9AM EST - 5PM EST) / India night Shift (7 PM IST to 3 AM IST) and weekend support / on call support Experience & Skills 3+ years of experience in a technical role in the areas of Security Operations, Quality Assurance in a SOC setting, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team. Experience in SOC L1, SOC L2 is a must. Experience in SOC Quality Assurance is a must Experience in SIEM technologies such as Azure Sentinel, Splunk, ArcSight, QRadar, Exabeam, LogRhythm Experience and knowledge of EDR and NDR technologies such as Cortex XDR, CrowdStrike, Carbon Black, Cylance, Defender, DarkTrace Experience with ticketing system such as ServiceNow, JIRA is considered a strong asset Experience and Knowledge working with Cyber Kill-Chain model and MITRE ATT&CK framework Ability to use data to 'tell a story'; ability to communicate findings and recommendations effectively to technical and non-technical stakeholders. Proficient in preparation of reports, dashboards and documentation Excellent communication and leadership skills Ability to handle high pressure situations with key stakeholders Good Analytical skills, Problem solving and Interpersonal skills A demonstrated commitment to valuing differences and working alongside diverse people and perspectives Show more Show less

Key Responsibilities: Incident Detection & Response: Monitor security alerts and events through SIEM tools to identify potential threats. Investigate security incidents and respond in a timely and effective manner. Leverage EDR (Endpoint Detection and Response) solutions for threat detection and incident analysis. Threat Analysis & Mitigation: Conduct thorough threat and malware analysis to identify and mitigate risks. Work closely with internal teams to investigate malware, viruses, and ransomware threats. Use CrowdStrike , Defender , and other endpoint security tools to prevent attacks. Email Security Management: Monitor and manage email security systems to prevent phishing, spam, and other malicious email threats. Respond to suspicious email alerts and work with other teams to resolve them. Continuous Monitoring & Alerting: Actively monitor systems, networks, and applications for any signs of suspicious activities. Utilize Endpoint Security solutions to continuously track and protect endpoints across the network. Collaboration & Reporting: Work closely with the IT and security teams to assess, analyze, and resolve security incidents. Maintain detailed documentation of incidents, findings, and responses for future reference. Regularly report on the status of ongoing security incidents and trends to senior management. Research & Knowledge Enhancement: Stay updated with the latest security threats, vulnerabilities, and trends. Participate in security training and development to improve skills in SIEM , EDR , and other security tools. Required Skills and Qualifications: Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills. Preferred Qualifications: Security certifications like CompTIA Security+ , CISSP , CEH , or GIAC are a plus. Experience with incident response and forensic investigation. Familiarity with cloud security in AWS, Azure, or Google Cloud. Show more Show less

SOC ENGINEER (ENGINEER R&D / DEV) We are looking for a candidate who have experience in as DevOps engineer to creating systems software and analyzing data to improve existing systems or New innovation, along with develop and maintain scalable applications Monitor, troubleshoot, and resolve issues including deployments in multiple environments. Candidate must be well-versed in computer systems and network functions. They should be able to work diligently and accurately and should have great problem-solving ability in order to fix issues and ensure client’s business functionalities. REQUIREMENTS: ELK development experience Dev or DevOps experience on AWS cloud, containers, serverless code Development stack of Wazuh and ELK. Implement best DevOps practice Tool set knowledge required for parser/ use case development, plugin customisation – Regex, python, yaml, xml . Hands-on experience in DevOps . Experience with Linux and monitoring, logging tools such as Splunk ,Strong scripting skills Researching and designing new software systems, websites, programs, and applications. Writing and implementing, clean, scalable code. Troubleshooting and debugging code. Verifying and deploying software systems. Evaluating user feedback. Recommending and executing program improvements. Maintaining software code and security systems. Knowledge of cloud system(AWS, Azure). Excellent communication skills. GOOD TO HAVE: SOC, security domain experience is desirable. Knowledge of Docker, Machine Learning, BigData, Data Analysis, Web-Scrapping.ata Analysis, Web-Scrapping. Resourcefulness and problem-solving aptitude Good understanding of SIEM solutions like ELK, Splunk, ArcSight etc. Understanding of cloud platforms like Amazon AWS, Microsoft Azure and Google Cloud. Experience in managing firewall / UTM solutions from Sophos, Fortigate, Palo Alto, Cisco FirePower Professional certification (e.g. Linux Foundation Certified System Administrator, Linux+ CompTIA,RHCSA – Red Hat Certified System Administrator) QUALIFICATION: 2-3 years of experience in Product //DevOps//SecOps//development. SKILLS: Experience in software design and development using API infrastructure. Profound knowledge in various scripting languages, system, and server administration Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting Job Types: Full-time, Permanent Pay: ₹25,000.00 - ₹66,000.00 per month Benefits: Internet reimbursement Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): Do you have experience in SIEM Tool, Scripting, Backend or Front end development? Experience: minimum: 1 year (Required) Language: English (Required) Location: Kochi, Kerala (Required) Work Location: In person

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 2 SOC analysts are incident responders, remediating serious attacks escalated from Tier 1, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 3 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 3 Years’ Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting Show more Show less

We are seeking a skilled and proactive Cybersecurity Expert with deep experience in Security Operations Center (SOC) environments and hands-on expertise in Micro Focus ArcSight (ESM, Logger, SmartConnectors). The ideal candidate will play a critical role in threat detection, incident response, and overall SIEM management to safeguard the organization’s infrastructure. Key Responsibilities SOC Operations Monitor and analyze security events and incidents from multiple sources in real-time. Conduct triage and investigation of security alerts to determine validity and impact. Respond to incidents, perform root cause analysis, and coordinate mitigation steps. Document incidents and provide detailed incident reports. ArcSight (SIEM) Management Configure and manage ArcSight ESM, Logger, and SmartConnectors. Create and optimize correlation rules, dashboards, and reports. Onboard new log sources, maintain log integrity and retention policies. Tune use cases to reduce false positives and improve detection efficacy. Threat Detection & Response Conduct threat hunting activities using ArcSight and threat intelligence feeds. Collaborate with threat intel teams to enhance detection capabilities. Participate in red team/blue team exercises and post-event analysis. Compliance & Reporting Ensure logging and monitoring processes support compliance (e.g., ISO 27001, PCI-DSS, NIST). Generate reports and metrics for stakeholders on SOC performance and incident trends. Collaboration & Knowledge Sharing Work with IT, network, and application teams for incident resolution and preventive actions. Train and mentor junior SOC analysts. Stay updated on threat landscape and SIEM advancements. Preferred Qualifications (Optional): Certification. 3 to 10 years of experience Experience with other security tools (EDR, SOAR, IDS/IPS, firewalls). Familiarity with scripting languages (e.g., Python, PowerShell). Understanding of compliance standards such as ISO 27001 , NIST , PCI-DSS , or GDPR . Education: Bachelor’s degree in Computer Science(BE,BTech,Mtech,Mca) Show more Show less

Greetings From TCS!! Position : SOC Analyst Experience : 4+years Walkin Interview on 7th Jun 2025 at below locations : Hyderabad TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Bangalore TCS L-Center, Vydehi RC-1 Block, EPIP Industrial Area, 82, 6th Rd, KIADB Export Promotion Industrial Area, Whitefield, Bengaluru, Karnataka 560066 Chennai TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Mumbai TCS OLYMPUS, Hiranandani Estate, Thane West, Thane, Maharashtra 400615 Noida TCS Yamuna, First floor, Assotech Business Cressterra, VI Plot 22, Sector 135, Noida, Uttar pradesh- 201301 Kolkata Tata Consultancy Services Limited | IT/ITES SEZ, Plot-IIF / 3 Action Area-II, New Town, Rajarhat, Kolkata-700156, West Bengal, India Job Description : Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Oversight of facilitates for other offices in the UK and provide support and guidance where required. Ability to translate event analysis findings into new monitoring proposals. Remain flexible with 24/7 shift and task assignments. Interested Candidates can share their cv to divya.jillidimudi1@tcs.com if you are available for Walkin interview Regards, Divya Jillidimudi Show more Show less

SOC ENGINEER (ENGINEER R&D / DEV) We are looking for a candidate who have experience in as DevOps engineer to creating systems software and analyzing data to improve existing systems or New innovation, along with develop and maintain scalable applications Monitor, troubleshoot, and resolve issues including deployments in multiple environments. Candidate must be well-versed in computer systems and network functions. They should be able to work diligently and accurately and should have great problem-solving ability in order to fix issues and ensure client’s business functionalities. REQUIREMENTS: ELK development experience Dev or DevOps experience on AWS cloud, containers, serverless code Development stack of Wazuh and ELK. Implement best DevOps practice Tool set knowledge required for parser/ use case development, plugin customisation – Regex, python, yaml, xml . Hands-on experience in DevOps . Experience with Linux and monitoring, logging tools such as Splunk ,Strong scripting skills Researching and designing new software systems, websites, programs, and applications. Writing and implementing, clean, scalable code. Troubleshooting and debugging code. Verifying and deploying software systems. Evaluating user feedback. Recommending and executing program improvements. Maintaining software code and security systems. Knowledge of cloud system(AWS, Azure). Excellent communication skills. GOOD TO HAVE: SOC, security domain experience is desirable. Knowledge of Docker, Machine Learning, BigData, Data Analysis, Web-Scrapping.ata Analysis, Web-Scrapping. Resourcefulness and problem-solving aptitude Good understanding of SIEM solutions like ELK, Splunk, ArcSight etc. Understanding of cloud platforms like Amazon AWS, Microsoft Azure and Google Cloud. Experience in managing firewall / UTM solutions from Sophos, Fortigate, Palo Alto, Cisco FirePower Professional certification (e.g. Linux Foundation Certified System Administrator, Linux+ CompTIA,RHCSA – Red Hat Certified System Administrator) QUALIFICATION: 2-3 years of experience in Product //DevOps//SecOps//development. SKILLS: Experience in software design and development using API infrastructure. Profound knowledge in various scripting languages, system, and server administration Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting Job Types: Full-time, Permanent Pay: ₹25,000.00 - ₹66,000.00 per month Benefits: Internet reimbursement Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): Do you have experience in SIEM Tool, Scripting, Backend or Front end development? Experience: minimum: 1 year (Required) Language: English (Required) Location: Kochi, Kerala (Required) Work Location: In person

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Security Architect is responsible for designing Scope of work document, preparing project plan, HLD, LLD, discussion with security team other members, good presentation skill to internal team & customer. Should have good hands-on knowledge on Checkpoint (Firewall & Anti-APT), Palto-Alto, F5 (SSL Encryption, decryption & interceptor etc.), Cisco ISE, VPN, load balancers, proxy systems, reverse proxies, Web application firewalls, DDoS protection, SIEM, SOAR solutions designed and troubleshooting to protect networks and systems from malicious/unauthorized network access or misuse. He/she should possess strong technical and subject matter expertise in the following security specialties: Next Generation Firewall: checkpoint & Palo-Alto Remote Access VPN – Checkpoint Harmony. Anti-APT: Checkpoint SandBlast F5 - SSL Decryption/Interceptor NAC: Cisco ACS/ ISE SIEM & SOAR: Arcsight As a Network Architect, you will provide overall enterprise level Security based infrastructure systems planning, operations and maintenance, and management across multiple sites across the country Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills and Experience Good understanding on Next Generation Firewalls (Checkpoint, Palo Alto Networks, Fortinet) and experience in handling security concepts (Rule ADD/ Modify Delete, Nat, Faulty Firewall replacement, High Availability setup, packet capture, log analysis etc.) Advanced knowledge on F5 SSL device, WAF, DDoS Protection solution, SSL Decryption solution and their monitoring & troubleshooting firmware upgrade Troubleshoot and fix high priority issues related to Firewall Load balancer, IPS/IDS, Proxy and WAF. Troubleshoot LAN, WAN, WLAN issues is added advantage Work with the HW Vendors/TAC for the SW/HW related issues and providing the fix. Troubleshoot Site to Site VPN (IPSEC/ GETVPN/ GRE/MGRE) , Proxy related issue (In-house/Cloud Hosting) & End user remote access VPN issues. Involve in change management process for HW replacement/ IOS upgrade/ Config change/ BW upgrade/ Whitelisting or Blacklist URLs & FW Rule addition etc. Knowledge and experience in Incident, Change, Problem, Service request and Configuration Management Processes. Qualifications – Min 14 years of industry experience as a Network Security engineering on Design, Implementation and troubleshooting security & load balancers Network Security, understanding and troubleshooting Next Gen Firewalls, NIDS/ NIPS, VPN, Anti-APT, RADIUS/ TACACS enabled security systems. Good understanding on DNS and DHCP BSc / B.Tech./ BCA / BE / Diploma / MCA / MSc or equivalent Certifications – Candidate must be certified as CISSP/CEH. Certifications like CCNA, CCNA Security, Product certifications on Fortinet, Checkpoint, Palo Alto Networks, Cisco ISE, etc. preferred. Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Note If shortlisted, you will be contacted via WhatsApp and email. Please monitor both channels and respond promptly. Location - Noida Work Mode - Work from Office Salary - INR(₹) 1,500,000 to 2,000,000 Joining Time / Notice Period: Immediate – 30 days About The Client We’re hiring for a technology-focused firm specializing in cybersecurity, cloud infrastructure, and risk management. They help global enterprises strengthen security operations, ensure compliance, and build resilient frameworks with advanced SOC capabilities and proactive incident response. Job Purpose The client is actively seeking an experienced SOC Lead to oversee 24/7 security operations and incident response efforts. This role involves leading L1/L2 teams, proactively monitoring threats, managing incident investigations, and ensuring organizational cyber resilience. The ideal candidate will possess strong hands-on experience across security infrastructure components, enterprise IT systems, and cloud environments—especially AWS—and will be instrumental in safeguarding systems from internal and external cyber threats. Roles And Responsibilities Lead and manage the SOC team across L1 and L2 analysts in a 24/7 environment. Handle escalated security incidents including threat detection, investigation, containment, and remediation. Work cross-functionally with technical and business stakeholders during and after incident response. Conduct proactive threat hunting and brand monitoring across endpoints, networks, and cloud environments (especially AWS). Analyze and respond to security alerts generated by SIEM platforms (e.g., Splunk, Datadog, Arcsight). Utilize IOCs and IOAs for real-time detection and forensic analysis. Perform in-depth forensics investigations, evidence handling, and data recovery. Ensure the integrity and secure custody of audit trails in the event of incidents. Maintain and evolve detection use cases, alert tuning, and log source integrations in SIEM. Must-Have Qualifications And Experience Bachelor's degree in Engineering or Technology (B.E./B.Tech.). 7+ years of experience in cybersecurity incident response and SOC operations. Proven Hands-on Expertise In Advanced Firewalls, IDS/IPS/WIPS, HIPS EDR, DLP, Antivirus, Proxy, VPN, DNS, DHCP Cloud platforms: AWS (required), Azure (preferred) SIEM systems (e.g., Splunk, Datadog, Arcsight) Security integration and use case development for SIEM Experience in forensics analysis, data recovery, and audit trail management. Familiarity with APT threats, vulnerability scanning, and threat intelligence. Knowledge of industry regulations and compliance frameworks such as SOC2, HIPAA, ISO27001. Exposure to incident response tools, ITSM platforms (JIRA, ServiceNow), and cloud-based security controls. Security certifications preferred: CISSP, CHFI, CEH. Show more Show less

Security Specialist Location: Hyderabad Position: 1 Experience: 4 to 8 years pre sales discussions and design security architecture based on customer requirement. Implement firewalls, anti-virus software, log management, authentication systems, content filtering, Professional IT certifications will be added advantage

Equal Opportunity Employer All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets Job Description : Job Title: Analyst SOC About News Corp News Corp is a global diversified media and information services company focused on creating and distributing authoritative and engaging content to consumers and businesses throughout the world. The company comprises global businesses across a range of media, including news and information services, book publishing, digital real estate services, cable network programming in Australia, and pay-TV distribution in Australia. The Role : We are looking for SOC analysts who will be responsible for monitoring and working on active alerts on various security tools (SIEM/XSOAR). The individual in this role is expected to have meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure, and deliver on tight deadlines. This position demands someone willing to use a network of sensors, security tools, and monitoring equipment to proactively identify, evaluate, and remediate potential cybersecurity threats. Based on an understanding of “normal” network activity, SOC analysts use tools and processes to detect anomalous activity, providing 24/7/365 detection and response capabilities. The person can multitask, work independently, and work collaboratively with teams, some of which may be geographically distributed. Key Responsibilities Use SIEM technologies and other native tools to perform the monitoring of security events on a 24x5 basis. Monitor various infrastructure log sources and Escalate potential security incidents to client personnel. Notify the Client of the incident and required mitigation works. Track and update incidents and requests based on client’s updates and analysis results. Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security, etc. Must know about SIEM Solutions (Splunk (Preferred), Qradar, ArcSight) Good understanding of Phishing email analysis and its terminologies. Knowing EDR solutions (Preferred CrowdStrike). Ability to run and understand Sandbox Static Analysis. Proactively research and monitor security information to identify potential threats that may impact the organization. Provide 24x7 monitoring operations for security alerts Required Skills and Qualifications : Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree. Minimum of 2-4 years of experience in the IT security industry, preferably working in a SOC/NOC environment. Certifications CCNA, CEH, Security+, CySA+ A degree in Computer Science, IT, Systems Engineering, or a related qualification 2-4 years of experience in Information Security. Cybersecurity best practices, techniques, and tools Understanding of tools like Crowdstrike, Qualys, Service Now, Splunk, and similar to these. Ability to work under pressure in a fast-paced environment Networking concepts, including TCP/IP, routing and switching Windows, Linux, and UNIX operating systems Communication skills, both verbal and written Location: Bangalore, IN Work Arrangement: Hybrid (3 days per week in office) Equal Opportunity Employer: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets This job is posted with NTS Technology Services Pvt. Ltd. Job Category: Show more Show less

Job Description: About Us At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Global Business Services Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations. Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence, and innovation. In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services. Process Overview The Global Information Security (GIS) is responsible for protecting Bank information systems, confidential and proprietary data, and customer information. The team develops the Bank’s Information Security strategy and policy, manages the Information Security program and identifies and addresses vulnerabilities, Develops, deploys and manages a risk-based controls portfolio, Manages and operates a global security operations center that monitors, detects and responds to cybersecurity incidents. Job Description The individual will be part of Security Event Management QA team and will be required to collaborate with both internal and external global teams across various locations for the project delivery. Responsibilities As a Member in Security Event Management QA, the individual will be focused in the following areas: Timeliness, meets established SLA Completeness, accomplishes all steps of the SOC Correctness, properly achieves desired end state of the Continual Improvement Requirements Education: B.E. / B. Tech/M.E. /M. Tech/B.Sc./M.Sc./BCA/MCA (prefer IT/CS specialization) Certifications, If Any: CEH, Security+, CCNA or any equivalent Experience Range: 10 + years Foundational skills: Experience in Information Security Experience in M&T all work types, at least 1 year exposure to same Experience in identifying threats and applying security controls to detect those users Experience and ability to quickly use open source tools to gather information on a domain or subject Self-motivated individual willing to learn new skills and accomplish goals within a short timeframe Good understanding of Security Event Management tools, techniques and processes Ability to leverage technical skills to correlate data to streamline analysis process Familiarity with and basic understanding of networking systems, firewalls, simple DNS & DHCP, security vulnerabilities, exploits, attacks and malware Ability to relate technical issues to non-technical associates / business owners understanding of vulnerabilities, exploitation, tools and techniques especially ArcSight (SIEM tool) Communication skills Microsoft Office applications Desired skills: Knowledge of SIEM, GRC tools DLP knowledge preferred. Experience detecting Insider Threats and placing controls within an organization to protect against these threats Network / Systems / Information Security Administration knowledge Work Timings: 7:30am to 8:30pm (9 hours rotational shift) Job Location: Gurugram/Mumbai Show more Show less

Delhi , India Designation: Partner Position: SIEM Instructor Mentor (Part-Time) Job Type: Consultant Benefits: Revenue distribution or a fixed hourly rate, with potential for performance-based bonuses tied to training outcomes. Reports to: Founder/CEO Job Overview The SIEM Mentor will provide expert training and mentorship to Eduroids' students on a part-time basis, focusing on equipping them with skills in Security Information and Event Management (SIEM). This role involves delivering practical training sessions, developing industry-relevant course materials, and guiding students through real-world security monitoring and incident response scenarios to prepare them for cybersecurity roles. Key Responsibilities Training Delivery: Conduct weekend training sessions focused on SIEM tools, processes, and best practices in security operations. Curriculum Development: Create and maintain up-to-date course content aligned with the latest trends in SIEM and cybersecurity. Hands-On Learning: Facilitate practical exercises, simulations, and case studies on threat detection, log analysis, and incident response using popular SIEM platforms. Mentorship: Offer personalized guidance to participants, addressing their questions and helping them grasp complex security concepts. Industry Alignment: Ensure training material reflects current cybersecurity challenges and industry standards in SIEM. Assessment and Feedback: Evaluate student progress through assessments, providing constructive feedback to foster their improvement. Knowledge Transfer: Share insights and experiences from real-world cybersecurity scenarios to bridge theory and practical application. Key Measures Student Progress: Track participant performance in mastering SIEM concepts, tools, and workflows. Industry Relevance: Maintain curriculum alignment with evolving cybersecurity threats, compliance standards, and technologies. Feedback Scores: Achieve high participant satisfaction ratings for training quality and mentorship. Project Completion: Ensure students complete SIEM-related projects, including log analysis, threat hunting, and creating custom alerts. Qualifications Education: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field. Experience: Minimum of 10 years of professional experience in cybersecurity, with a focus on SIEM tools and security operations. Experience working with Fortune 500 companies or high-security environments preferred. Demonstrated expertise in implementing and managing SIEM platforms in enterprise environments. Technical Skills: Proficiency with SIEM platforms such as Splunk , IBM QRadar , ArcSight , or LogRhythm . Knowledge of threat intelligence, log management, and compliance requirements like GDPR, PCI DSS, and HIPAA. Familiarity with scripting languages like Python or PowerShell for automation in SIEM tools. Strong understanding of cybersecurity frameworks like MITRE ATT&CK , NIST , or CIS Controls . Soft Skills: Excellent communication and presentation abilities. Ability to translate complex cybersecurity concepts into actionable knowledge for learners. Passion for teaching and mentoring aspiring cybersecurity professionals. Personal Attributes Dedicated to fostering the next generation of cybersecurity experts. Resilient and adaptable, with a focus on continuous improvement. Collaborative mentor who creates an engaging and supportive learning environment. Benefits Competitive compensation based on hourly or project-based engagement. Flexible remote working options. Opportunity to shape the future of cybersecurity professionals and contribute to their career success. Engaging and forward-thinking work culture.

Delhi , India Designation: Partner Position: SOC Instructor Mentor (Part-Time) Job Type: Consultant Benefits: Revenue distribution or a fixed hourly rate, with potential for performance-based bonuses tied to training outcomes. Reports to: Founder/CEO Job Overview The SOC Instructor Mentor will deliver advanced training and mentorship to Eduroids' students on a part-time basis, focusing on Security Operations Center (SOC) concepts, tools, and best practices. The role involves conducting engaging training sessions, developing industry-relevant course materials, and providing personalized guidance to students, equipping them with the skills required to excel in SOC roles such as security analysts and incident responders. Key Responsibilities Training Delivery: Lead interactive weekend sessions on SOC operations, incident response, threat detection, and security monitoring. Demonstrate workflows and methodologies for handling cybersecurity incidents within a SOC environment. Curriculum Development: Design and update course content, labs, and case studies aligned with SOC tools and frameworks, such as SIEM, SOAR, and endpoint detection platforms. Create comprehensive training materials covering SOC processes, including triage, analysis, containment, and remediation. Hands-On Learning: Facilitate hands-on labs using SOC tools like Splunk, IBM QRadar, ArcSight, and SentinelOne. Guide students through simulated incident response scenarios and log analysis exercises. Mentorship: Provide one-on-one guidance to students, addressing their questions and helping them understand real-world SOC workflows. Offer career advice, including certifications and skill-building strategies for aspiring SOC professionals. Industry Alignment: Ensure training materials reflect the latest cybersecurity trends, SOC methodologies, and compliance standards. Assessment and Feedback: Evaluate students through practical exercises, incident response scenarios, and periodic assessments. Provide constructive feedback to enhance participants’ skills and confidence. Knowledge Transfer: Share insights from a minimum of 15 years of professional experience in cybersecurity and SOC operations, emphasizing enterprise-grade practices. Key Measures Student Competency: High rates of student skill acquisition, demonstrated through successful completion of projects and assessments. Curriculum Relevance: Training content is continuously updated to align with current SOC tools, standards, and practices. Hands-On Proficiency: Students demonstrate practical expertise in using SOC tools and handling cybersecurity incidents. Feedback Scores: Achieve excellent ratings from students for training quality and mentorship effectiveness. Qualifications Education: Bachelor’s or Master’s degree in Cybersecurity, Information Technology, or a related field. Experience: Minimum of 15 years of professional experience in SOC operations, cybersecurity, or incident response. Hands-on experience with SOC tools, threat intelligence, and forensic analysis in enterprise environments. Real-time experience with Fortune 500 companies is highly preferred. Technical Skills: Proficiency in SOC workflows, including threat detection, incident response, and log management. Experience with SIEM solutions (Splunk, IBM QRadar, ArcSight) and SOAR platforms. Familiarity with scripting languages like Python, PowerShell, or Bash for automating SOC tasks. Strong understanding of MITRE ATT&CK framework and cybersecurity standards like NIST and ISO 27001. Soft Skills: Excellent communication and presentation abilities. Proven mentorship skills with a passion for teaching and guiding aspiring cybersecurity professionals. Strong analytical and critical thinking skills. Personal Attributes Passionate about cybersecurity and SOC operations. Resilient, adaptable, and committed to continuous learning. Collaborative team player who fosters an inclusive and engaging learning environment. Benefits Competitive compensation based on hourly or project-based engagement. Flexible remote working options. Opportunity to mentor and shape the next generation of SOC professionals. Collaborative and innovative work culture.