285 Arcsight Jobs - Page 3

Role Description L1 SOC Lead Experience : 7 to 9 years Location : Hyderabad/Trivandrum/Kochi Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence Job Description SOC Lead Position Overview: We are seeking an experienced and technically proficient SOC Lead to manage a medium-sized SOC team. The ideal candidate will provide technical mentorship, effectively manage security incidents, and ensure efficient project management within the SOC environment. This role requires a strategic leader with strong technical expertise and excellent management skills to oversee daily SOC operations and support team development. Under leadership's guidance, responsibilities include P&L, delivery, compliance, and other operational goals. Key Responsibilities Effectively lead a medium-sized cybersecurity SOC team accountable for delivering cybersecurity services to global customers. Effectively manage the deliverables for SOC for an MSSP team Manage resources, headcount, and profitability objectives under leadership guidance. Ensure the team's quality of deliverables aligns with organizational standards. Manage stakeholder relationships and ensure effective communication. Drive initiatives to promote continuous improvement, innovation, and customer satisfaction under leadership's guidance. Job Requirements Required Skills: Previous operational experience in cybersecurity incident management and response teams like CSIRT, CIRT, SOC, or CERT. Experience with MSSP teams. Proven experience in leading/managing a team size of 10 or more. Proficiency with SIEM tools such as ArcSight, Splunk, QRadar, etc. Strong ability to write technical documentation and present technical briefings to varying audiences. Desired Skills Cybersecurity Fundamentals: In-depth understanding of cybersecurity concepts, threats, vulnerabilities, and attack vectors. Knowledge of security technologies, including SIEM, EDR, firewalls, IDS/IPS, and vulnerability scanners. o Familiarity with network protocols, operating systems, and cloud environments. Incident Response Expertise in incident handling, investigation, and remediation. Knowledge of forensic analysis techniques. Ability to develop and implement incident response plans. Experience Atleast 3 years of experience managing a team of SOC Analysts 5+ years of information security experience is required. At least 3 years of experience in security monitoring, digital forensic analysis, or incident response is preferred. Show more Show less

Assist in defining security Policies Standards and reference Architecture for Network design and deployment related to above technologies. Proactive analysis of Network for secure deployments, secure configurations against Global Security Best Practices. Assisting network design team with security inputs while designing an architecture for new offices/ branches/ data centres etc. for Security by Design. Developing network security standards and guiding network design to meet corporate requirements. Strategize and formulate high and low-level monitoring mechanism for security posture of network deployments and advise measures to improve them. Possess and maintain technical knowledge of aspects of DDoS mitigation, NAC, Internet Proxy, DNS etc. Conducting analysis of network security and Strategize and formulate high and low-level monitoring mechanism for DDoS mitigation, NAC, Internet Proxy, DNS. Taking proactive measures for enhancing the security posture of the Bank's network by studying the vulnerabilities issued/ published by various OEMs, internal and external agencies such as CERTetc. Working with internal and external business stakeholders on ensuring that IT infrastructure meet global network security standards. Produce and track metrics for the effectiveness and maturity of Secure network deployments.

Dedicated lead to work with the Happiest Minds Shared SOC team and ITteam to enhance the overall Incident response processes Run any critical incident response along with SOC and IT team Review and update the use caserepository as applicable to Happiest Minds Environment Work on root causeanalysis and remediations for alerts/incidents raised by customers Review andupdate existing automation playbooks Continuous updates of detectiontechniques Periodic threat hunting Use cases to prioritize based on thefindings from the threat and vulnerability management program

Implementation and Deployment: - Design and deploy IDS (ARMIS)solutions tailored to OT environments. - Develop comprehensive deploymentarchitectures, ensuring seamless integration with existing systems. - Configure and optimize network andfirewall settings to support IDS deployments. Data Network Security - IDS, Cybersecurity.

Senior Cybersecurity Analyst with a minimum of 6+ years of experience in thefield of Operation technology, particularly focusing on Endpoint Detection andResponse (EDR) and Intrusion Detection System #40;IDS#41; monitoringtools. The ideal candidate will have demonstrated expertise in Carbon Black AppControl. Carbon Black, MS Defender for Endpoints (EDR/ATP),Data Network Security - IDS, Unix Administration, Windows, Carbon Black, MS Defender for Endpoints (EDR/ATP), Data Network Security - IDS, Unix Administration, Windows. Senior Cybersecurity Analyst with a minimum of 6+ years of experience in the field of Operation technology, particularly focusing on Endpoint Detection and Response (EDR) and Intrusion Detection System (IDS) monitoring tools. The ideal candidate will have demonstrated expertise in Carbon Black App Control.

Cybersecurity, Azure Sentinel SIEM,MS Defender for Endpoints (EDR/ATP),AWS IAM,SOAR Concept, Fortinet FortiSOAR, Palo Alto Networks - Firewalls, Cortex XSOAR, Python We are seeking a Cybersecurity Analyst with 1-6years of experience in fundamental cybersecurity concepts, including SIEM, EDR, IAM, and SOAR platforms The ideal candidate should have a basic understanding of security automation and orchestration using platforms like FortiSOAR, Palo Alto XSOAR, and ThreatConnect (preferred) Experience with SOAR play book creation , integration etc Additionally, knowledge of Python scripting for automation and security tasks will be an added advantage

Hi, Exp: 5-10 Years Minimum of 4+ years’ experience with Microsoft DLP (Microsoft Defender /MS Purview & Compliance) and Microsoft Sentinel tool equivalent with other similar data leakage tool etc.) · Must have hands on experience for data loss product evaluations, building and implementing it, operationalize and integrating with existing systems for effective and efficient use and providing technical support and stakeholder management experience. · Must have hands-on experience with rule creation and maintenance, antispam and anti-phishing administration, report analysis and providing recommendations of future configurations and rules · Exposure/ knowledge of Data Loss Prevention integration with SIEM technologies (i.e.: Splunk, HP ArcSight, etc.) · Knowledge of programming languages a plus (i.e.: Java, .NET, Python, etc.) Top 3 Skills Required MS Purview & Compliance (MS DLP) MS Sentinel Basic scripting for automation If interested please share resume at deepika.eaga@quesscorp.com Show more Show less

The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Requirements Must-haves: 2-3 Year Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Knowledge of creating and modifying the dashboards. Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows Deep Knowledge in SIEM, Ticketing tool, EDR, Vulnerability Management, MimeCast, DMARC tool. Excellent written and verbal communication skills. Good to have: · Good to have industry certifications on any SIEM Platform, CEH, C|SA, CompTIA Security+ & Others Main Responsibilities Tier 1 SOC analysts are incident responders, remediating serious attacks escalated from junior analyst, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments(CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Leading efforts to counter SLA breaches and anticipating the likelihood of future security alerts,incidents. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone),based on the security event severity and suspicious activities, escalate to managed service support teams, tier 2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when newthreats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. · Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Keep updated with the likes of OWASP Top 10 vulnerabilities, Bleeping Computer articles etc., for acquiring the knowledge over current threats in security perspective. Other responsibilities and additional duties as assigned by the security management team or service delivery manager. Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting Job Types: Full-time, Permanent Pay: Up to ₹70,000.00 per month Benefits: Internet reimbursement Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): Do you have any experience in SIEM Tools? Experience: minimum: 2 years (Required) Language: English (Required) Location: Kochi, Kerala (Required) Work Location: In person

Overview Role description Seasoned SOC Manager with over 13 years of experience in cybersecurity, including 8+ years of specialized expertise and more than 3 years in leadership roles within Security Operations Centers. Proven ability to lead high-performing SOC teams (L1–L3), drive operational excellence, and strengthen organizational security posture through strategic threat detection and incident response initiatives. Key Responsibilities Led 24x7 SOC operations, managing day-to-day activities and incident response efforts. Directed a multidisciplinary team of L1, L2, and L3 analysts to ensure effective threat monitoring and rapid response. Developed, implemented, and maintained SOC policies, playbooks, standard operating procedures (SOPs), and escalation workflows. Oversaw the end-to-end lifecycle of security incidents, including detection, triage, analysis, containment, eradication, and recovery. Acted as a key liaison between security teams, IT, application stakeholders, and executive leadership during incidents and investigations. Administered and optimized security technologies such as SIEM (Splunk, QRadar, ArcSight), SOAR platforms, EDR, IDS/IPS, and threat intelligence tools. Generated and presented regular reports on SOC performance metrics, threat trends, and incident outcomes to senior leadership. Led continuous improvement initiatives, including analyst training programs, process automation, and tool enhancements. Ensured SOC compliance with industry standards, security frameworks (MITRE ATT&CK, NIST, ISO 27001), and regulatory requirements (GDPR, HIPAA, PCI-DSS). Managed SOC staffing activities, including recruitment, onboarding, shift scheduling, and performance evaluations. Skills SOC, SIEM, Threat Monitoring Show more Show less

Introduction A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your Role And Responsibilities Responsible for implementation partner to see project on track along with providing required reports to management and client Handle the project as well as BAU operations while ensuring high level of systems security compliance Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. Ready to support for 24/7 environment. Preferred Education Master's Degree Required Technical And Professional Expertise 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. B.E./ B. Tech/ MCA/ M.Sc. Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. Working knowledge of industry standard risk, governance and security standard methodologies Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. Ability to multitask and work independently with minimal direction and maximum accountability. Preferred Technical And Professional Experience Preferred OEM Certified SOAR specialist + CEH Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work Intuitive individual with an ability to manage change and proven time management Proven interpersonal skills while contributing to team effort by accomplishing related results as needed Up-to-date technical knowledge by attending educational workshops, reviewing publications Show more Show less

Company Description Strategy (Nasdaq: MSTR) is at the forefront of transforming organizations into intelligent enterprises through data-driven innovation. We don't just follow trends—we set them and drive change. As a market leader in enterprise analytics and mobility software, we've pioneered BI and analytics space, empowering people to make better decisions and revolutionizing how businesses operate. But that's not all. Strategy is also leading to a groundbreaking shift in how companies approach their treasury reserve strategy, boldly adopting Bitcoin as a key asset. This visionary move is reshaping the financial landscape and solidifying our position as a forward-thinking, innovative force in the market. Four years after adopting the Bitcoin Standard, Strategy's stock has outperformed every company in S&P 500. Our people are the core of our success. At Strategy, you'll join a team of smart, creative minds working on dynamic projects with cutting-edge technologies. We thrive on curiosity, innovation, and a relentless pursuit of excellence. Our corporate values—bold, agile, engaged, impactful, and united—are the foundation of our culture. As we lead the charge into the new era of AI and financial innovation, we foster an environment where every employee's contributions are recognized and valued. Join us and be part of an organization that lives and breathes innovation every day. At Strategy, you're not just another employee; you're a crucial part of a mission to push the boundaries of analytics and redefine financial investment. Job Description Support the detection, monitoring and tracking of security vulnerabilities at the application, database, server, workstation and OS levels Tune-in and configure SIEM performance and events data quality to maximize log correlation efficiency Work closely with the network team to implement and maintain network access control technologies Configure Security Orchestration, Automation, and Response (SOAR) tools, scripts, events, and playbooks Expertise in shell scripting and other programming languages, such as Python and/or Power Shell Proficiency in understanding and using regular expressions (regex) Solid understanding of REST/SOAP/WSDL/XML (Web Services), HTTP Request Methods. Work closely with the compliance team to identify, document and implement various security controls related to NIST, FedRAMP, HiTRUST, and ISO 27001 Guide the network and operations teams in implementing security best practices Work with network, and systems engineering teams to promote automation, automated monitoring and administration functionality Implement, and support security solutions including but not limited to Intrusion Detection, Log Management, Data Loss Prevention, Vulnerability Management, Web Content Filtering, and Configuration Management Support the efforts to develop operational best practice procedural documentation for operations staff Assist in the development and documentation of various systems, policies, procedures, and customer deliverables Research new products and make appropriate recommendations Develop and design project plans, tasks and timelines and then provide verbal and written status reports as directed Conduct on-going security assessments, document and track findings and remediation activities Provide on-call support as needed Ideal candidates should be able to work 9am – 6pm ET (US Hours) Qualifications BS in Computer Science, Engineering or related field desired Minimum 3 years of experience supporting enterprise level environment Must have a good understanding of the following: Log correlation, SIEM technologies (AlertLogic, ArcSight, Q1 Radar, Log Rhythm, Splunk, etc.), IDS/IPS technologies, Vulnerability Scanners (Nessus, Qualys, etc.) and other related technologies Understanding of common web application vulnerabilities and familiarity with using web application scanning tools such as Burp Suite, ZAP Proxy, Acunetix, etc. Understanding of cloud solutions and cloud security best practices in environments such as AWS, Azure and Google Cloud Solid understanding of compliance requirements and standards such as PCI-DSS, HIPAA, HiTRUST, ISO 27001, SOX. etc. Demonstrated knowledge of one or more of the following systems: Linux, Windows, or Mac OS Working knowledge of firewall and web filtering technologies Experiences practicing ITIL framework-based processes such as Change, Problem, and Incident management in an enterprise environment Excellent verbal and written communication, presentation, and interpersonal skills Able to define, document and support systems, policies, and procedures Excellent analytic, problem solving and troubleshooting skills Good knowledge and experience designing network, system and application security architectures Ability to efficiently handle multiple projects with shifting priorities Able to anticipate and mitigate risks as well as define architectural solutions Additional Information The recruitment process includes online assessments as a first step. We send them via e-mail, please check also your SPAM folder. We work from Pune office. Show more Show less

Total Experience: Experience 5 8 years Job Skills: Keep track of APTs groups (advanced persistent threats). Know APT Groups motivation, their tools & techniques, the malware they write, and C&C (command and control center), identify their targets. Threat intelligence analyst must have professional experience in cybersecurity. A Threat Researcher is responsible for identifying and analyzing potential threats to an organizations network and systems. They work to understand the tactics, techniques, and procedures (TTPs) used by threat actors to compromise systems and steal sensitive data. Threat Researchers are also responsible for developing and implementing strategies to detect, prevent, and mitigate these threats. Conducting research on emerging threats and Vulnerabilities. Analyzing Threat intelligence data to identify potential threats. Developing and implementing strategies to detect and prevent threats. Collaborating with other cybersecurity professionals to develop and implement security measures. Creating reports and presentations to communicate findings to management and other stakeholders. Ensure all the advisories received from regulatory and strategy partners are analyzed and processed in timely manner. All TI trackers are updated in near real time. Create reports/Dashboard for higher management. Collects data types and sources of information in addition to commonly collecting forms of threat data, i.e., malicious IPs and domains. Information from news and social media sources. Vulnerability data such as personally identifiable information. Performs sorting, filtering, indexing on raw data. Format and structure raw data. Take the result of several tools, data sources and combines those data points on a per-host basis, performing, investigating, and analyzing data. DisseminationDeliver the intelligence to the intended consumers at different levelsStrategic, Tactical, Operational, Technical. Provide Contextual Intel feeds to all the stacks which requires priority attention to protect HDFC assets. Regular training and knowledge sharing with the team. Collaboration with TH and RT and provide threat intel to SOC CD to create use case. There should be no audit points to come from the defined and existing process. Audit requirements should be fulfilled. Efficacy testing for new product as per industry best practice. Timely tracking and follow-ups on all open alerts/advisories. Timely escalation on open issues/tasks. Responding to all intelligence received from our Threat Intel partners and inform seniors or required escalation where required like Bank data leak/breach alerts. Doing in-house threat research from the open sources along with the help of our existing Threat Intel portal.

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Bangalore Req ID: 768176

Job description Job Description: SOC Trainer – ASD Academy Position: SOC Trainer (Security Operations Center Trainer) Course Duration: 15 Days Class Schedule: Monday to Friday (1.5 Hours per Day) Course Level: Beginner to Advanced Payout: ₹600 per Class Role Overview: ASD Academy is seeking an experienced SOC Trainer to deliver structured training sessions on Security Operations Center (SOC) practices. The trainer will be responsible for guiding students from beginner to advanced levels, ensuring they gain a comprehensive understanding of SOC principles, tools, and real-world applications. Key Responsibilities: ✔ Conduct engaging and interactive online/offline SOC training sessions (1.5 hours per day, Monday to Friday). ✔ Cover essential SOC topics, including SIEM, log analysis, threat detection, incident response, and security monitoring. ✔ Develop practical exercises, case studies, and hands-on labs to enhance student learning. ✔ Provide real-world insights and best practices to help students gain industry-ready skills. ✔ Assess student performance through assignments, quizzes, and live troubleshooting scenarios. ✔ Address student queries and mentor them throughout the course. Requirements: ✔ Strong knowledge of SOC operations, cybersecurity frameworks, and threat intelligence. ✔ Hands-on experience with SIEM tools (Splunk, QRadar, ArcSight, etc.) and security monitoring technologies. ✔ Prior experience in training, mentoring, or teaching cybersecurity concepts is a plus. ✔ Excellent communication skills and the ability to simplify complex cybersecurity concepts. ✔ Passion for cybersecurity education and a commitment to student success. Why Join Us? 🚀 Opportunity to mentor aspiring cybersecurity professionals. 🚀 Flexible training structure with well-defined curriculum support. 🚀 Work with an industry-leading cybersecurity training academy. If you’re passionate about cybersecurity education and have expertise in SOC operations, we’d love to have you on board! 📩 Apply Now: Send your CV and relevant experience details to hr@asdcybersecurity.in. Show more Show less

Key Responsibilities: Leadership and Team Management: Lead and manage the Internal Red Team and SOC Operations teams, ensuring effective collaboration and alignment with organizational security objectives. Provide mentorship and guidance to team members, fostering a culture of continuous learning and professional development. Conduct regular performance reviews and provide ongoing feedback and coaching. Red Team Operations: Plan, execute, and oversee red team exercises to identify and exploit vulnerabilities in systems, networks, and applications. Develop and maintain red team methodologies, tools, and documentation. Work closely with other security teams to remediate identified vulnerabilities and improve security defenses. SOC Operations Management: Oversee the daily operations of the SOC, ensuring efficient and effective monitoring, detection, and response to security incidents. Develop and maintain SOC processes, procedures, and documentation to ensure consistent and high-quality operations. Ensure the SOC is staffed 24/7, including managing schedules, shifts, and on-call rotations. Incident Response and Management: Coordinate and lead the response to major security incidents, including investigation, containment, eradication, and recovery. Develop and maintain an incident response plan and ensure the team is well-trained and prepared to handle incidents. Conduct post-incident reviews and develop lessons learned to improve future response efforts. Threat Intelligence and Analysis: Oversee the collection, analysis, and dissemination of threat intelligence to inform security operations and red team activities. Ensure the SOC team utilizes advanced threat detection tools and techniques to identify and mitigate threats. Collaborate with other teams to enhance threat intelligence capabilities and integrate with existing processes. Security Monitoring and Reporting: Ensure continuous monitoring of network traffic, system logs, and security alerts using SIEM (Security Information and Event Management) solutions. Develop and maintain metrics and dashboards to report on SOC and red team performance and security posture. Present regular reports and briefings to senior management on the state of security operations and key incidents. Policy and Compliance: Develop and enforce security policies, procedures, and standards in alignment with industry best practices and regulatory requirements. Ensure compliance with relevant regulations, such as GDPR, and PCI-DSS. Participate in security audits and assessments, and coordinate with external auditors as needed. Qualifications: Bachelors degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered. Minimum of 7 years of experience in cybersecurity, with at least 3 years in a management or leadership role overseeing red team and/or SOC operations. Strong understanding of offensive security practices, including penetration testing and red teaming methodologies. Experience with SOC operations, including incident response, threat detection, and SIEM tools such as Splunk, ArcSight, or QRadar. Knowledge of common attack vectors and techniques, such as phishing, malware, and ransomware. Familiarity with regulatory requirements and frameworks, such as NIST, ISO 27001, and GDPR. Relevant certifications, such as CISSP, CISM, OSCP, CEH, or GIAC, are highly desirable. Excellent leadership, communication, and interpersonal skills. Ability to work effectively under pressure and manage multiple priorities.

About Target As a Fortune 50 company with more than 400,000 team members worldwide, Target is an iconic brand and one of America's leading retailers. At Target, we have a timeless purpose and a proven strategy and that hasn t happened by accident. Some of the best minds from diverse backgrounds come together at Target to redefine retail in an inclusive learning environment that values people and delivers world-class outcomes. That winning formula is especially apparent in Bengaluru, where Target in India operates as a fully integrated part of Target s global team and has more than 4,000 team members supporting the company s global strategy and operations. Joining Target means promoting a culture of mutual care and respect and striving to make the most meaningful and positive impact. Becoming a Target team member means joining a community that values diverse backgrounds. We believe your unique perspective is important, and you'll build relationships by being authentic and respectful. At Target, inclusion is part of the core value. We aim to create equitable experiences for all, regardless of their dimensions of difference. As an equal opportunity employer, Target provides diverse opportunities for everyone to grow and win. About Target Tech Every time a guest enters a Target store or browses Target.com, they experience the impact of Target s investments in technology and innovation. We re the technologists behind one of the most loved retail brands, delivering joy to millions of our guests, team members, and communities. The Sr. Engineering Manager (SEM) is responsible for a managing a team of engineers. This role is accountable for leading a team, developing code, deploying and managing in production. You will be called upon to be the technical representative for your team during cross-team collaborative efforts and planning. Success in this role will require strong and innovative approaches to problem solving, great technical leadership, excellent communication (written and verbal, formal and informal), flexibility, accountability and a self-motivated working style with attention to detail. About Team Our mission is two-foldwe protect the hundreds of thousands of Target endpoints (such as user laptops, in store devices, distribution center technology, servers and containers) from cyber threats while balancing the stability and functionality needs of Target s technology environment. To do this, we use a combination of vendor tools, in-house developed utilities and strong organizational partnerships to achieve shared goals. Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals. As a Sr. Engineering Manager, you ll take the lead as you Optimize a suite of products to secure Target endpoints. Use innovation and critical thinking to solve complex security and technology problems. Test the efficacy of tools by leveraging adversary emulation tools. Establish good stakeholder relationships and work closely with Tech teams, influence the product roadmap and help drive requirements while being a strong advocate of agile and DevOps practices across the team. Execution of the team-developed strategy, solving enterprise-wide problems and addressing key security concerns. Provide career development and performance management to a team of engineers. Industry endpoint security domain expert, benchmarking with other retailers and companies, staying on top of new trends and technology in a quickly-moving space. About you 4 year degree in Computer Science or equivalent experience 9+ years of engineering experience 1-3 years of managing teams with a strong track record of delivery for cross-functional products Strong written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to variety of audiences Team-orientated, passionate about developing others skills and capabilities Successful track record of working in large enterprise technology ecosystems leading complex technology teams Deep understanding of agile development processes and methodology including continuous integration and delivery, with a mindset of building incrementally and delivering business value quickly Strong collaboration skills, effective management of complex cross-team initiatives and leads with the desire to enable our engineering teams.

Job Information Job Opening ID ZR_1902_JOB Date Opened 29/04/2023 Industry Technology Job Type Work Experience 5-8 years Job Title SIEM - Splunk Content Developer City Chennai Province Tamil Nadu Country India Postal Code 600089 Number of Positions 5 3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Understanding of MITRE ATT&CK framework. Location: Pan India check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Noida Req ID: 768174 Show more Show less

Role: SOAR Admin L3 Experience: 5-8 years Location: Gurgaon Shifts: Rotational Shifts Immediate joiners only Budget: As per market Desirable Tool Hands-On: ArcSight SOAR Role Requirement: Platform Administration Playbook Creation Automation Development Integration Management with supporting technologies Threat Intelligence Integration Good written & verbal communication & presentation skills Strong leadership and communication skills. Education: Bachelor’s degree in computer science, Information Security, or related field (or equivalent work experience). Certifications: Intermediate to advanced certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or equivalent preferred. Regards Kirti Rustagi hr1@raspl.com Show more Show less

Job Duties (Summary): Senior Security SOC Analyst works in 24/7 team and in shifts which include nights and rotational weekends. The role is a key part of our Security Monitoring Incident Response team, involving in investigating alerts/events that trigger from MS Sentinel / SIEM and EDR Tools and other end point tools. Senior Analyst will be the internal escalation point for the Security analysts within the shift/team and will assist Security Analysts in responding to Security Incidents. This role also needs exceptional communication skills (verbal and written), and an ability quickly understand complex information while recognizing familiar elements within complex situations. Required Skills & Experience: Responsible for 24/7 monitor, triage, analysing security events and alerts. Including Malware analysis. Should have good hands-on in Microsoft Sentinel and should have ability to query using KQL [Mandatory] Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc... Strong knowledge of email security threats and security controls, including experience analysing email headers. Analysing Phishing emails and associated Threats and to remediate them by blocking the Url’s analysing the malware(s),link(s),IOC’s. Good understanding of Threat Intel and Hunting. Good hands on experience in investigating EDR alerts (Tanium, CrowdStrike, etc..) Good hands on experience in using XSOAR Platforms (Demisto, Phantom, etc..) Strong technical understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP. Experience analysing network traffic using tools such as Wireshark, to investigate either security issues or complex operational issues. Experience reviewing system and application logs (e.g., web or mail server logs), either to investigate security issues or complex operational issues. Knowledge in investigating security issues within Cloud infrastructure such as AWS, GCP, Azure (Preferred not mandatory) Good knowledge and hands-on experience with SIEM systems such as SentinelOne/RSA Netwitness/Splunk/AlienVault/QRadar, ArcSight or similar in understanding/creating new detection rules, correlation rules etc... Experience In defining use cases for playbooks and runbooks (Preferred) Experience in understanding log types and log parsing Strong passion in information security, including awareness of current threats and security best practices. Basic Qualifications (Preferred not mandatory ? if Candidate has equivalent knowledge) Bachelor’s Degree in Computer Sciences or equivalent (Preferred not mandatory) Minimum of 3 years of experience in a Security Operations Centre (SOC) or incident response team (CSIRT Team member). Overall 3+ experience in Information Security/IT Security/Network Security. CEH, CISSP, OSCP, CHFI, ECSA, GCIH, GCIA, GSEC, GCFA certification (minimum One certification - Preferred not mandatory) A relevant specialist degree (e.g., information security or digital forensics). Knowledge in NIST CSF, MiTRE & ATTACK Framework. Active involvement in the Information Security community. Certified in Azure Security [SC-200, AZ-500, AZ-900] ? Either one or more [Mandatory]

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Noida Req ID: 768174

Incident handling, forensic analysis, and VAPT SIEM tools cybersecurity frameworks Log analysis, monitoring, detecting and investigating security incidents and breaches. CEH,CSA,CompTIA Security+,GCIH,security incidents

As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources.

• Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). • Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black).

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Delivery Governance Good to have skills : Identity Access Management (IAM), Security Information and Event Management (SIEM) Minimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Roles & Responsibilities: Expected to be a SME with deep knowledge and experience. Should have Influencing and Advisory skills. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Expected to provide solutions to problems that apply across multiple teams. Lead and manage the Security Delivery team effectively. Develop and implement Security Delivery Governance strategies. Collaborate with cross-functional teams to ensure successful project delivery. Professional & Technical Skills: Must To Have Skills: Proficiency in Security Delivery Governance. Good To Have Skills: Experience with Identity Access Management (IAM), Security Information and Event Management (SIEM). Strong understanding of security principles and best practices. Experience in developing and implementing security policies and procedures. Knowledge of regulatory compliance requirements related to security. Excellent communication and leadership skills. Additional Information: The candidate should have a minimum of 15 years of experience in Security Delivery Governance. This position is based at our Bengaluru office. A 15 years full time education is required. Qualification 15 years full time education