657 Arcsight Jobs - Page 5

Minimum qualifications: Bachelor’s degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience. 5 years of experience in delivering technical solutions for security, with 1 year of experience in Google Security Operations (SecOps). Experience architecting and developing secure cloud solutions. Experience in consulting, project management and ownership of security during execution. Preferred qualifications: Experience with SIEM and SOAR platforms such as Arcsight, QRadar, Splunk, Securonix, Sentinel or similar. Experience in Identity and Access Management, network security, data protection, cryptography, security governance, or cyber incident response programs. Experience working with cloud architecture across a broad set of enterprise use cases and creating end-to-end solution architectures. Experience in leading complex delivery programs, managing executive relationships, and the ability to navigate the intricacies of Security delivery/consulting in organizations with varied styles of working. Experience with industry compliance frameworks (e.g., PCI-DSS, ISO 27017/27018, GDPR, SOC). Excellent organizational, problem-solving, articulating and influencing skills. About The Job The Google Cloud Platform team helps customers transform and build what's next for their business — all with technology built in the cloud. Our products are engineered for security, reliability and scalability, running the full stack from infrastructure to applications to devices and hardware. Our teams are dedicated to helping our customers — developers, small and large businesses, educational institutions and government agencies — see the benefits of our technology come to life. As part of an entrepreneurial team in this rapidly growing business, you will play a key role in understanding the needs of our customers and help shape the future of businesses of all sizes use technology to connect with customers, employees and partners. As a Senior Cloud Security Consultant, you will be responsible for strategic delivery helping our customers securely adopt Google Cloud services. You will span operational, tactical, and strategic levels as well as tasks that address difficult problems that businesses are facing when building out and improving their security posture on Google Cloud. You will showcase your communication skills and experience in security governance, security risk management, security operations, security architecture, building and modernizing security capabilities, or cyber incident response programs. You will have high visibility at the executive levels of customer organizations, including frequent interaction with CIOs, CISOs, CTOs, their staff, and Google Cloud Professional leadership. Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems. Responsibilities Provide domain expertise in modernizing Security Operations using Google SecOps (SIEM and SOAR), cloud security, compliance, and enterprise security best practices. Lead the scoping, structuring, planning, and execution of critical security engagements with Google Cloud customers. Work with customer development leads, client executives, and partners to manage and deliver successful cloud security architectures, serving as a cloud security and compliance subject matter expert and a trusted advisor to decision makers throughout the engagement. Create and deliver security best practices recommendations, tutorials, blog articles, sample code and technical presentations, adapting to different levels of key business and technical stakeholders; and influence the Google Cloud technology roadmap by taking customer and partner feedback to our product engineering teams. Travel up to 40% of the time in-region for onsite delivery activities, as needed. Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form .

Experience: 5-9 years Description: o Design, develop, and implement Pega Smart Dispute solutions. o Configure Pega rules, data models, and business processes to automate dispute resolution. o Work with business stakeholders to gather requirements and define workflows. o Provide support and maintenance for the Pega Smart Dispute application.

So, what’s t he r ole all about? As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NiCE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it to anyone who asks for it. Experience with Governance, Risk and Compliance (GRC) is a big plus! How will you make an impact? You will directly impact the success of the NiCE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you got what it takes? 8+ years of experience with Information Security; University-level degree in Information Security, Computer Science or other related field; knowledge of incident response, vulnerability management, cloud security, and other related topics; A burning curiosity to learn as much as you can about the NiCE cloud environment and the services and products we offer our customers as well as the existing security infrastructure we have in place today; Excellent communications skills to work collaboratively with security team members and operations and development teams around the world; Strong organization and prioritization skills to enable independent work in order to achieve tactical and strategic security goals; Education, training or experience with security and compliance fundamentals; Experience working with work tracking tools such as JIRA, ServiceNow, or others. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NiCE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NiCEr! Enjoy NiCE-FLEX! At NiCE, we work according to the NiCE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 8240 Reporting into: Technical Manager Role Type: Individual Contributor

Meet the Team This team is responsible for protecting employees, property, revenue, assets and business resiliency through the execution of global programs, policies, plans, and training. The Global Monitoring Center (GMC) strives to identify potential impact or business disruptions as early as possible to facilitate critical response and notification to minimize the impact to our people, assets, operations, and brand reputation. The GMC serves as a centralized 24/7/365 command, control, and communications hub, using outstanding technologies to predict, continuously supervise, evaluate, and mitigate physical, environmental, or personal threats. The GMC centralizes and streamlines immediate awareness and response efforts, supporting communications to customers throughout a significant incident or event. This position works with the Risk Manager, Corporate Security Global Monitoring Center. This person represents the Corporate Security brand to the Cisco community ! Your Impact Perform the first level of review, and triage internal and external physical security / safety incidents to determine potential for impact to Cisconians or Ciscos assets or operations Ensure the timely communication of all physical security/safety incidents to the appropriate customers as described in GMC SOPs Support other teams within the physical security department with intake, research, administrative, or investigative tasks Generate incident reporting documentation and support employees, partners, and incident leaders by keeping documents up to date with the latest available information Supervise employee travel to high-risk locations, and ensure any pre-travel security requirements are met Minimum Qualifications At least 2 years in a Global Security Operations Center or similar environment or 4 years of experience in another physical security role Strong verbal and written communication skills Able to prioritize tasks in a fast-paced environment Can work independently and as part of a team Working outside normally scheduled hours may be required to support major incidents or to provide planned or un-planned shift coverage ! Preferred Qualifications Strong critical thinking skills Comfortable with a high-tech work environment and eager to learn new tools and processes Customer service mindset Be self-driven and able to work in a collaborative remote environment Occasional travel to support Cisco Events with onsite GMC operations may be required, including internationally

About The Role Project Role : Solution Architect Project Role Description : Translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. Must have skills : Solution Architecture Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : Minimum BE BTech from a reputed university Summary :As a Solution Architect, you will translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. To design and deploy cyber security solutions in on-premises and public cloud infrastructure for large scale technology projects such as data lake, digital platform, and other core business and supporting applications Cyber Security Architect Roles & Responsibilities:-SPOC for cyber security design and deployment for any designated projects-Take full accountability of design of cyber security domain including network connectivity to various entities such as on-premises data centers and partner networks -Take ownership of design related issues and challenges and drive for solutions working with various internal teams and third-party solution providers such as OEMs and technology partners-Define and develop high level operating procedures for seamless operations of the project-Support transition of projects from deployment to operations-Anchor design and implementation of cyber security components-Be a SPOC for all cyber security initiatives in existing project and able to navigate through the clients landscape to upsell new initiatives in infrastructure space or able to pave ways for upselling value-driven initiatives for the client in other related domains such as application modernization, network transformation, and information security.-Lead the teams across various security solutions and thrive for upskilling and cross skilling to rationalize the resources across the towers and across the clients.-Introduce innovative solutions such as automation to increase productivity and improve service delivery quality -Participate in architecture and design review and approval forums to ensure the design principles are adhered to for any changes in the existing landscape or any new initiatives being rolled out in the existing landscape-Participate in client account planning and discussions to ensure security level initiatives are accounted for and issues are escalated to the right leaders for resolution-Build strong relationships with all client stakeholders and Accenture project teams for effective collaboration and outcomes Professional & Technical Skills: -Must have:-Hands-on Architecture and Design skills for SIEM, SOAR, UEBA, and cyber security-operations in on-premises data centers and public cloud-Strong experience working in Splunk, Palo Alto, and other leading OEMs in security domain-Strong Communication skills-Ability to drive discussions and ideas with clients senior leadership forums-Problem solving skills-Good to have-TOGAF or any equivalent certification in enterprise Security Architecture Additional Information:-Total IT experience of minimum 15 years; and-Minimum 4 years of experience in design and deployment of cyber security solutions in public cloud infrastructure (anyone from AWS, Azure, GCP, and OCI)-Minimum 10 years of experience in design and deployment of cyber security in on-premises infrastructure (SIEM, SOAR, UEBA, and cyber security operations)- This position is based at our Mumbai office.- A Minimum BE BTech from a reputed university is required. Qualification Minimum BE BTech from a reputed university

Description What We Do Managing cyber risk, together – Today the modern enterprise is an Enterprise of Things. We are on a mission to secure the Enterprise of Things with active defense by identifying, segmenting, and enforcing compliance of every connected thing in a real-time and at scale. Our unified security platform enables enterprises and government agencies to focus on Zero Trust segmentation, IT/OT convergence, and OT/ICS innovation, all supporting our mission and vision. Join us as we secure the world with our products. We are looking for resourceful individuals to collaborate as one team while ensuring a world-class customer experience. We are cyber-obsessed about addressing the world’s most challenging security problems. Innovation starts here, everyone’s ideas are valued, visionaries welcomed! What You Will Do Detection, monitoring, analysis, resolution of security incidents; participate in providing containment and recommendations. Coordinate escalations to external client support teams to ensure timely delivery of incident resolutions. Perform network/system/application/log intrusion detection analysis and trending. Contribute in tuning of the SIEM filters and correlation rules to continuously improve detection Participate in the security incident handling efforts in response to a detected incident, and coordinate with other stakeholders and clients. Ensure that Service Level Agreements are met. Maintain standard operating procedures, processes and guidelines. Contribute to automate analysis and investigative functions / tasks , administration and remediation procedures, workflows and other operational tasks. Maintain awareness of trends in security regulatory, technology, and operational requirements Shift rotation will be required for this role. The Security Analyst is responsible for the security analysis, incident classification, investigation and incident response actions including notification and alerting. Through the correlation rules and use-cases in the monitoring platform, you will Monitor customer environments for possible security incidents, using knowledge of attack types and standard protocol behaviour to classify incidents, comment, and provide advice on mitigation or remedial actions. Identification of incidents and subsequent analysis and investigation to determine their severity and the response required. Ensure that incidents are correctly reported and documented. Be prepared to provide a Technical Escalation Point during security incidents, establishing the extent of an attack, the business impacts, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a reoccurrence. Maintain a keen understanding of evolving threats and vulnerabilities to ensure the security of the client network. As required update Protective Monitoring/SOC documentation, processes and procedures. Support, troubleshoot, configure, manage, and upgrade FW, NIDPS, UTM, VPN, WAF and a wide variety of other security products What You Will Bring To Forescout Graduate with a degree from a recognized university with specialization in Computer Sciences or any other discipline, combined with 2-8 years of directly related practical experience and demonstrated ability to carry out the functions of the job. Strong experience of any SIEM platform (ELK, Splunk, QRadar, ArcSight, LogRhythm, RSA, etc.) Thirst for knowledge, inquisitive nature, keen interest in actively participating in SOC expansion. Experience working in an IT Security Operations Center, using SANS methodology. Experience and extensive knowledge of Security Information Event Management. Strong network security knowledge including firewalls, IPS/IDS, WAF, NAC platforms from different vendors. Working knowledge or hands-on experience in endpoint security detection & response technologies and platforms (AV, EDR, MDR, XDR, families). Experience in Intrusion Detection or Prevention Systems. Strong Knowledge of: TCP/IP, computer networking, routing and switching. Experience in Linux and Windows based devices at the System Administrator level. System log forensics (Syslog, Event Viewer). EC Council: C|HFI, ECAS or SANS: GIAC, GCFA, GCIH, GREM or other certifications are preferred. Strong troubleshooting, reasoning and problem solving skills. Ability and experience in writing clear and concise technical documentation. Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web. Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention. (DLP), Identity and Access Management (IAM) solutions. Knowledge of Forescout suite of security tools. Experience with Linux, Windows and Network Operating Systems required. Strong working knowledge of Routing and Access Control Devices required. What Forescout Offers You Our visionary leadership team fosters an environment that encourages professional growth and development. We champion a diverse and inclusive culture that cultivates collaboration and innovation, where our team can make a global impact on security while working with industry-leading technology. We take pride in offering a competitive total compensation package. If you have a strong work ethic, are visible and lean in, you will be recognised. We are in growth mode and there is a ton of opportunity at Forescout. Apply now to find out more! More About Forescout The Forescout 4D Platform™ provides complete asset intelligence and control across IT, OT, IoT, and IoMT environments. For more than 20 years, Fortune 100 organizations, government agencies, and large enterprises have trusted Forescout as their foundation to manage cyber risk, ensure compliance, and mitigate threats. With seamless context sharing and workflow orchestration across more than 100 full-featured security and IT product integrations, Forescout makes every cybersecurity investment more effective. Learn more at www.Forescout.com . Our Mission To continuously identify, protect, and ensure the compliance of all cyber assets across the modern organisation. Our Vision A world where every cyber asset is seen, secure and compliant. Our Cultural Values Cyber Obsessed – We are curious about technology, and we are innovative and passionate about solving big programs. Customer Driven – We listen, we learn, and we make it right. Collaborative, without Ego – No one succeeds alone. We strive to be the humble person that people want to work with. Relentless – We're smart, determined, and find a way. We figure stuff out. One Team – We all work together, and we all win together. Our DEI Statement At Forescout, we are committed to fostering a diverse, equitable, and inclusive workplace. We believe that diversity of background, experiences, and perspectives leads to innovation, creativity, and better decision making. We strive to create an environment where all team members feel valued, respected, and empowered. We actively promote equal opportunities and fair treatment for all individuals, regardless of their race, religion, colour, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, disability, status as a protected veteran, or any other characteristic protected by law. By embracing Diversity, Equity and Inclusion, we aspire to build a successful culture where we work together and win together as One Team. Thank you for taking the time to learn more about us. If this opportunity intrigues you, we would love for you to apply! NOTE TO EMPLOYMENT AGENCIES: We value the partnerships we have built with our preferred vendors. Forescout does not accept unsolicited resumes from employment agencies. All resumes submitted by employment agencies directly to any Forescout employee or hiring manager in any form without a signed Employment Placement Agreement on file and search engagement for that position will be deemed unsolicited in nature. No fee will be paid in the event the candidate is subsequently hired as a result of the referral or through other means. Forescout Technologies is proud to be an Equal Employment Opportunity Employer. We value and embrace diversity, equality, inclusion, and collaboration at the core of our “One Team” philosophy. We do not discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

We are hiring for Manager / Senior Manager Security Operations Center (SOC) at Gurgaon About the Role: We are seeking a proactive and experienced Manager / Senior Manager to lead our Security Operations Center (SOC) and Incident Response (IR) functions. This role involves designing and implementing a comprehensive SOC and IR strategy in partnership with Managed Security Services (MSS) providers, while also developing internal SOC capabilities to effectively detect, monitor, and respond to security threats. Core Responsibilities: Design and implement a managed SOC and Incident Response strategy, architecture, and program in collaboration with MSS providers to ensure comprehensive threat detection, monitoring, and response. Provide oversight and governance of MSS/SOC partners to ensure service quality, SLA compliance, and alignment with organizational security goals. Evaluate, recommend, and implement security technologies and tools essential for SOC operations and effective incident response. Define and develop threat detection use cases; oversee red team exercises and coordinate attack simulations to evaluate SOC readiness and response effectiveness. Ensure logging is enabled and correctly configured across all critical infrastructure, applications, and security devices in coordination with IT and cloud teams. Validate ingestion and monitoring of all relevant security logs into the SIEM platform to maintain effective threat detection. Manage, mentor, and develop a lean internal SOC team, collaborating closely with the MSS/SOC partner to strengthen in-house oversight and ensure operational resilience. Optimize detection coverage, incident triage processes, and SLA adherence to ensure timely and accurate incident resolution. Lead the design and tuning of alert rules, maintain automated playbooks, and implement advanced threat monitoring techniques to improve SOC efficiency. Be responsible for coordinating threat intelligence sharing and response activities across internal and MSS partner Incident Response teams. Ensure compliance with internal incident response procedures and relevant regulatory requirements. Drive continuous improvement of SOC capabilities through KPIs, regular threat drills, and post-incident reviews. Develop and maintain SOC performance dashboards and prepare executive-level reports to communicate operational effectiveness and security posture to senior leadership. Perform additional Information Security projects and tasks as assigned by senior management to support Mobileum’s evolving security landscape. Stakeholder & Collaboration Management: Collaborate with IT, Cloud Operations, Engineering, Legal, and Risk Management teams to align SOC operations with broader organizational risk management initiatives. Serve as the primary liaison with MSS providers, ensuring clear communication, contractual compliance, and coordinated incident response. Work alongside Security Architecture, Governance, and Compliance teams to integrate SOC activities within the organization’s overall security framework. Ability to translate complex technical details into clear, business-understandable language for effective communication with stakeholders. People Management & Leadership: Lead and mentor a lean internal SOC and Incident Response team, promoting a culture of proactive monitoring and continuous improvement. Encourage skill development and cross-functional collaboration to enhance SOC and IR capabilities. Balance leveraging MSS partnerships with developing strong in-house security operations expertise. Work Style & Leadership Attributes: Hands-on leader with strong technical knowledge of SOC operations and incident response methodologies. Proactive, self-driven, and solution-oriented with the ability to lead complex security programs under pressure. Excellent communicator capable of engaging technical teams, business stakeholders, and senior leadership. Ability to foster a security-aware culture and motivate teams to maintain high vigilance and operational excellence. Qualifications & Certifications: Preferred Certifications: GIAC Security Operations Certified (GSOC)/GIAC Certified Incident Handler (GCIH) Certified SOC Analyst (CSA) – EC-Council CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) PMP or equivalent project management certification (optional) Skills & Experience: 7–12 years of experience managing SOC and Incident Response teams or functions. Expertise with SIEM platforms (Splunk, IBM QRadar, ArcSight, Azure Sentinel, or equivalent) and security monitoring tools. In-depth knowledge of threat detection, incident triage, alert tuning, and automation of response processes. Experience managing Managed Security Service Providers (MSSPs) and third-party vendor relationships. Strong understanding of logging best practices, log management, and cloud security monitoring. Proven ability to analyse complex security incidents and lead root cause analysis and remediation efforts. Excellent leadership, stakeholder management, and communication skills. Work Experience: 7–12 years Educational Background: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Technology, or related discipline preferred. Location: Gurgaon

Diverse Lynx is looking for SOC Analyst to join our dynamic team and embark on a rewarding career journey Monitor and analyze security events and incidents, identifying and investigating potential threats Maintain the security of our network and systems by implementing security controls and best practices Work closely with the rest of the security team to ensure that our systems and networks are secure and compliant with industry standards Maintain accurate documentation and reports on security events and incidents Communicate effectively with team members and other stakeholders to ensure that security issues are addressed in a timely and effective manner Stay up to date with the latest security technologies and threats

Responsibilities 24x7 security alert monitoring, triaging and remediation withing SLA. Responsible for analyzing and correlating large data sets to uncover novel threats and attack techniques that may be present within the organization’s Environment. Incident Management. Daily, Weekly and Monthly report preparation. Daily health check of component and solution. He / She will be part of cyber defense center team to identify opportunities to develop analytical methods to detect advanced threat actors who utilize emerging tactics and techniques. In support of these processes, the role will also include developing and documenting new and innovative threat hunt hypotheses to increase the ability to find existing threats that are otherwise going unidentified or unnoticed. The role will be working part of 24x7 Security Operation Center operational and technical teams to gain insight into critical security controls and architectural specifics to develop valuable hunt strategies and analytics that identify malicious behavior accurately while maintaining a low false positive rate. Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis, and incident response. Work with key stakeholders to implement remediation plans in response to incidents. Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership. Author Standard Operating Procedures (SOPs) when needed. Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty. Should be comfortable to be part of 24*7 SOC services, including night shift Qualifications Educational qualifications: Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent). Certification desirable Security+, CEH, GCIH, GCIA, GSEC Experience Minimum 3+ years in SOC monitoring and incident management. Experience in a technical role in the areas of Security Operation, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence. Experienced in SIEM (Security Incident and Event Monitoring) processes and Products (e.g., ArcSight SIEM, EDR, CSPM) Experience analysing system, network, and application logging for attack techniques at all stages of the cyber kill chain/MITRE framework. Experience consuming and analysing Cyber Threat Intelligence for actionable takeaways. Ability to navigate and work effectively across a complex, geographically dispersed organization. Deep packet and log analytics. Forensic and Malware Analysis Cyber Threat and Intelligence gathering and analysis. Bachelor’s degree or equivalent experience

We are looking for a skilled professional with 6-9 years of experience to join our team as an SIEM specialist. The ideal candidate will have a strong background in security information and event management. Roles and Responsibility Design, implement, and manage SIEM systems to ensure the security and integrity of our organization's data. Develop and maintain dashboards and reports to provide insights into security threats and trends. Collaborate with cross-functional teams to identify and mitigate potential security risks. Conduct regular vulnerability assessments and penetration testing to identify weaknesses. Analyze log files and system logs to detect anomalies and suspicious activity. Develop and enforce security policies and procedures to ensure compliance with industry standards. Job Requirements Strong understanding of security principles and technologies such as firewalls, intrusion detection systems, and encryption. Experience with SIEM tools such as Splunk, LogRhythm, or QRadar. Excellent analytical and problem-solving skills with attention to detail. Ability to work effectively in a fast-paced environment and meet deadlines. Strong communication and collaboration skills to work with technical and non-technical stakeholders. Familiarity with industry standards and regulations related to security such as HIPAA, PCI-DSS, or NIST.

The Security Analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Good knowledge of SIEM, SIEM Architecture, SIEM health check. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Good verbal/written communication skills. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc. Helping L3 and L1 with required knowledge base details and basic documentations. Co-ordination SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. High ethics, ability to protect confidential information. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures. Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Ready to work on 24/7 shifts to support client requirement. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 2 Years of Experience in SOC monitoring and investigation. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Helping L3 and L1’s with required knowledge base details and basic documentations. Co-ordination with SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures.\ Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Building Parser for the SIEM using regex. Preferred technical and professional experience Escalation point for L1’s and SOC Monitor team. Ability to drive call and summarizing it post discussion. Good Understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD). Deep understanding on Windows, DB, Mail cluster, VM and Linux commands. Knowledge of network protocols TCP/IP and ports. Team Spirit and working ideas heading to resolution of issues. Qualifications like CISA, CISM, CISSP, CEH, SANS or any other recognized qualification in Cybersecurity (SIEM/Qradar certification) will be preferred. Thorough knowledge in SIEM tool and experience in networking, Cloud security experience will be preferred. SOC Senior Analyst experience with multiple customers.

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools.Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation.If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here.Responsibilities* Responsible for security researcher to provide insight and understanding of new and existing information security threats * Responsible to participate in recommending improvements to SOC security process, procedures, policies, security incident management and vulnerability management processes * You will be involved in evaluating, recommending, implementing, and solving problems related to security solutions and evaluating IT security of the new IT Infrastructure systems * Keep yourself up-to-date with emerging security threats including applicable regulatory security requirements * Work in a 24x7 Security Operation Centre (SOC) environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * Minimum 3+ years’ experience in SIEM. * Proven expertise in handling the daily monitoring of Information Security events on the QRadar / ArcSight / Splunk console platform * Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists * Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Overview of Role As the IT Security Training Manager at Subsea7, the primary focus will be in the delivery of Cyber Security awareness communications and training to the global organisation. As an integral part of the wider IT security team, you will place a crucial role in designing and delivering a range of training materials, including a cyber security awareness month, regular phishing awareness campaigns and annual cyber security training. The role would suit a candidate with experience delivering training to a technically diverse audience and someone with a passion and understanding of cyber security. A clear communicator will be vital to ensure the cyber security messaging is delivered effectively across a range of mediums including written, verbal and computer-based training. One of the key deliverables will be ensuring that regular cyber security training drills are conducted with range of stakeholders. This will involve working with both our IT teams and Vessel teams to deliver engaging and realistic content. The successful delivery of these will be key to ensuring that the organisation is prepared in the event of a cyber incident. The IT Security Training Manager will report into the IT Cyber Security & Compliance Director and will be a key part of the IT security team. Key responsibilities Plan and implement cyber security drill exercises to both IT and business audiences. Plan, deliver and enhance the regular email security training program Plan, deliver and enhance our annual cyber security awareness month through the use of blog posts, webinars and other communication methods Identify and drive improvements across our Cyber Security training and communication efforts Provide regular communication for cyber security threats facing the organisation Manage communications and training to key stakeholders related to cyber security initiatives Provide ongoing feedback on the effectiveness of training initiatives and provide clear improvements and next steps 4. person specification Experience of delivering tailored IT training to diverse audiences, including the planning, creation and delivery Strong interpersonal and communication skills Experienceof delivering engaging presentations to wide audiences Clear written English skills Experience of running and managing phishing campaigns Good organisational skills and able to prioritise workload Strong attention to detail and willing to source feedback from stakeholders Ability to work autonomously with the support of a wider team when required Previous experience in a Cyber Security team or role desirable

SOC Manager - L4 (NBA + SIEM + Perimeter Security, managing 20+ resources) Experience: 10+ years to 15 years Team Management: 20+ Security Analysts/Engineers Role Overview: We are looking for an experienced SOC Manager to lead our global Security Operations Center. The role demands strong expertise in Network Behavior Analytics (NBA), SIEM platforms, and Perimeter Security technologies , along with proven experience in managing and mentoring large teams (20+ resources). Key Responsibilities: Lead day-to-day operations of the Security Operations Center (SOC) . Oversee SIEM deployment, monitoring, and tuning (Splunk, QRadar, ArcSight, etc.). Manage Network Behavior Analytics (NBA) solutions for advanced threat detection. Ensure effectiveness of Perimeter Security tools (firewalls, IDS/IPS, WAF, VPNs, proxies). Define, implement, and monitor incident response playbooks & escalation procedures . Conduct threat hunting, forensic investigations, and vulnerability assessments . Collaborate with cross-functional teams to maintain regulatory compliance (ISO 27001, NIST, PCI-DSS, GDPR). Drive automation and optimization of SOC processes and workflows. Mentor and manage a team of 20+ analysts and engineers in a 24x7 environment. Report on security posture, incidents, and risk mitigation to leadership. Required Skills & Experience: 1015 years in Cybersecurity/SOC operations with at least 5+ years in a leadership role. Strong knowledge of SIEM tools (Splunk, QRadar, ArcSight, etc.) . Hands-on expertise in NBA tools and their integration with SIEM/SOAR. Deep knowledge of Perimeter Security technologies (Firewalls, IDS/IPS, WAF, DLP, VPN, Proxy). Experience with Cloud Security (AWS/Azure/GCP) in hybrid environments. Proven ability to manage large teams (20+ resources) in 24x7 SOC. Strong communication and stakeholder management skills. Preferred Certifications: CISSP, CISM, CCSP, Splunk Certified, QRadar, or Palo Alto . Education: Bachelors or Masters in Computer Science, Cybersecurity, or related field. Education Criteria : MCA OR BE/B.Tech in Electrical/Electronics/CS/IT Certification : At least one Security certification, PMP/ITIL Expert/CISA/CISM/CISSP OR Tool-Based Certification, should be completed within 30 days of onboarding. Interested candidate share your profile to geetha.p@matchps.com

Overview We are seeking a Cybersecurity Specialist to join the Critical Start Technologies Private Ltd. team, operating under the Critical Start umbrella, for our India operations. The ideal candidates is a detail-oriented and proactive cybersecurity professional with a strong foundation in security investigations and a passion for protecting digital environments. You thrive in collaborative settings, are comfortable managing multiple responsibilities, and bring a structured approach to problem-solving. Responsibilities Analyze security trends within customer environments. Identify risk prioritization from triaged security technologies. Create and enrich processes or documentation for team responsibilities. C ollaborate with SOC and MDR Operation Teams on internal projects as required , building client adoption and value optimization . Qualifications Required Qualifications: Two ( 2 )+ years of experience in Cyber Security Analytics . A Bachelor's degree from an accredited university in Computer Science, Engineering, Cyber Security, or related area. Two ( 2 )+ years of experience using Endpoint Protection (EPP), Endpoint Detection & Response (EDR/XDR), and Security Information and Event Management (SIEM) platforms. Certified in one or more industry related courses; Security+, CySA+, CASP+, or Equivalent/High. Ability to effectively prioritize tasks and handle multiple responsibilities simultaneously for client facing deliverables. Proficiency in using MS Products, including Word, Excel, PowerPoint, and Visio.

We are looking for a highly experienced and skilled Director of Cybersecurity to lead our cybersecurity efforts in Bengaluru. The ideal candidate will have a strong background in IT security and 15-20 years of experience. Roles and Responsibility Develop and implement comprehensive cybersecurity strategies to protect the company's assets. Conduct regular vulnerability assessments and penetration testing to identify potential threats. Collaborate with cross-functional teams to ensure seamless integration of security measures. Stay up-to-date with emerging trends and technologies in cybersecurity. Provide expert guidance on cybersecurity best practices to employees at all levels. Ensure compliance with relevant laws and regulations related to cybersecurity. Job Requirements Strong knowledge of IT security principles, including threat analysis and risk management. Experience with cybersecurity frameworks and standards, such as NIST and ISO 27001. Excellent leadership and communication skills, with the ability to motivate and guide teams. Strong analytical and problem-solving skills, with the ability to think critically and make sound decisions. Ability to work in a fast-paced environment and adapt to changing priorities. Strong understanding of cloud security architectures and their implementation. Educational qualifications: B.Tech/B.E., M.Tech, or equivalent degree.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Platform Engineering Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled Security Engineer with expertise in Google Chronicle SIEM, parser development, and foundational knowledge of cybersecurity. The ideal candidate will be responsible for analyzing security data and logs, ensuring accurate aggregation, normalization, tagging, and classification. You will work closely with log sources, particularly security and networking devices, to enhance our security monitoring capabilities. Roles & Responsibilities:Conduct security and data/log analysis, focusing on the aggregation, normalization, tagging, and classification of logs.Research, analyze, and understand log sources for security monitoring, with a particular focus on security and networking devices such as firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems.Validate log sources and indexed data, optimizing search criteria to improve search efficiency.Utilize automation tools to build and validate log collectors for parsing aggregated logs. Professional & Technical Skills: Proficiency in log analysis and SIEM tools, including but not limited to Google Chronicle, Splunk, ArcSight, and QRadar. Experience in SIEM content creation and reporting is essential.Strong experience in manual security log review and analysis, such as Windows Event Log and Linux Syslog, including incident classification, investigation, and remediation.Solid understanding of multiple attack vectors, including malware, Trojans, exploit kits, ransomware, phishing techniques, and APTs, as well as familiarity with attack techniques outlined in the OWASP Top 10.Knowledge of security and networking devices, including firewalls, routers, antivirus products, proxies, IDS/IPS, and operating systems.TCP/IP networking skills for packet and log analysis.Experience working with Windows and Unix platforms.Familiarity with databases is an advantage.Experience in GCP, AWS and Azure environments is a plus. Additional Information:- The candidate should have minimum 5 years of experience in Security Platform Engineering.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time educationRole Summary :The SOC Analyst plays a critical role in the first line of cyber defense by monitoring and triaging security alerts generated by Microsoft Sentinel. This role is responsible for identifying potential threats through continuous monitoring of security dashboards, performing initial analysis, executing predefined response actions, and escalating incidents based on severity. The analyst will work closely with L2/L3 analysts to ensure timely escalation and incident closure while maintaining accuracy and SLA adherence. This role is ideal for individuals developing their skills in SIEM operations and security monitoring with a focus on Microsofts security ecosystem. Roles & Responsibilities- Monitor Microsoft Sentinel dashboards and respond to alerts.- Perform initial triage, classification, and correlation of security events.- Trigger and monitor predefined SOAR playbooks.- Create and update incident tickets with all required details.- Escalate validated incidents to L2/L3 teams for deeper investigation.- Support daily SOC health checks and Sentinel connector status reviews Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM) Operations.- Strong understanding of incident response processes and procedures.- Experience with security monitoring tools and techniques.- Knowledge of compliance frameworks and regulations related to cybersecurity.- Ability to analyze security incidents and provide actionable insights.- Experience in SOC / IT security.- Basic knowledge of Microsoft Sentinel and KQL.- Familiarity with Defender for Endpoint, Identity, and Microsoft 365 Security.- Ability to follow runbooks, good verbal and written communication. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Employment Type: Full-time Job Description: We are looking for an experienced Senior System Security Administrator with 8+ years of expertise in managing, securing, and optimizing enterprise systems. The candidate will focus on Active Directory (AD), Antivirus solutions with Endpoint Detection and Response (AV-EDR), and DNS & DHCP services. This role requires advanced troubleshooting skills, a deep understanding of system security principles, and relevant industry certifications. Roles and Responsibilities • Design, implement, and manage multi-domain Active Directory environments. • Develop and enforce AD policies, including Group Policy Objects (GPOs), user and device management, and OU structures. • Ensure AD security by implementing privileged access management, auditing, and securing domain controllers. • Troubleshoot and resolve AD replication, authentication, and authorization issues. • Deploy, manage, and optimize enterprise AV-EDR solutions (e.g., CrowdStrike, Sophos). • Monitor, detect, and respond to endpoint security threats and vulnerabilities. • Conduct regular updates, patching, and fine-tuning of AV-EDR policies. • Perform threat analysis, incident response, and root cause investigation for endpoint-related incidents. • Configure and maintain enterprise DNS and DHCP systems (e.g., Infoblox, Windows Server). • Ensure high availability, redundancy, and fault tolerance of DNS & DHCP services. • Implement DNSSEC, IPAM solutions, and other security measures to prevent spoofing,

Your Career As a Domain Consultant you will be the expert for our Cortex portfolio, a Next-Gen AI-powered security operations platform. You will play a key role in defining technical solutions that secure a customers key business imperatives. You evangelize our industry leading solutions in Security Intelligence and Automation, XDR, Attack Surface Management, SOAR and Incident Response that establish Palo Alto Networks as a customers cybersecurity partner of choice Your Impact Collaborate with account teams to recommend and develop customer solutions within your assigned specialization area Present to customers as our expert at all levels in the customer hierarchy, from practitioner to senior leadership Lead and support customer demonstrations that showcase our unique value proposition Scope and Lead Proof of Value (PoV) projects for prospective customers based on best practices to ensure technical win in your assigned opportunities Drive high technical validation and PoV win rates within your assigned specialization area Architect solutions that will help our customers strengthen and simplify their security posture Accelerate technical validation of proposed solutions within your specialization Document High-Level Design and Key Use Cases to ensure proper implementation and value realization of Palo Alto Networks Solutions Help our customers build and develop further their services around Cortex solutions Lead conversations about industry trends and emerging changes to the security landscape Discuss, with credibility, competitive offers in the marketplace and position ours as the best alternative Assist account solutions consultants to respond effectively to RFIs/RFPs while serving as the main technical point of contact for Cortex Position Palo Alto Networks or Partner delivered services as appropriate to ensure proper implementation and value realization of Palo Alto Networks solutions Qualifications Your Experience Deep experience with security incident response, both IR tools and IR workflow process or SOC operational processes Strong technical hands-on experience (At least 5+ years) with EDR/XDR Experience around SOAR and SIEM will be an added advantage Strong practical experiences with threat hunting, malware, exploits and be able to demonstrate simulation of cyber attacks Experience installing, configuring and integrating a complex Security environment Experience with Security Analytics or Threat Intel is a plus Deep understanding of Unix/Linux and Windows operating systems and scripting skill in Python/JavaScript/PowerShell is an advantage Strong problem finding and solving skills, ability to analyze complex multivariate problems and use a systematic approach to gain quick resolution 8+ years of experience in a customer facing role Strong English language skills, both oral and written - Ability to confidently present with impact to an audience in person and remotely A team player - ability to share knowledge openly, interact with integrity, embrace diversity A Self-Starter, self-motivated and a quick learner with the ability to embrace change - the Cortex portfolio is always evolving and as a technical Specialist your expertise must be at the leading edge Additional Information The Team Palo Alto Networks has brought technology to market that is reshaping the cybersecurity threat and protection landscape. Our ability to protect digital transactions is limited only by our ability to establish relationships with our potential customers and help them understand how our products can protect their environments. You wont find someone at Palo Alto Networks that isnt committed to your success with everyone pitching in to assist when it comes to solutions selling, learning, and development. As a member of our systems engineering team, you are motivated by a solutions-focused sales environment and find fulfillment in working with clients to resolve incredible complex cyber threats.

Your Career We are seeking a driven problem solver to join our Unit 42 MDR team. Our team is responsible for customers internal security monitoring, threat hunting and incident response. As a MDR Analyst, we will rely on you to detect and respond to cyber incidents facing customers internal business. The ideal candidate is a quick learner and good communicator who will be able to follow established processes for analyzing threat alerts that fire from our Cortex XDR. The candidate should be a creative thinker who takes pride in solving tough problems. Your Impact Join a new emerging team who is going to be part of Palo Altos Unit 42, Working closely with global customers providing the best security in the market Own an incident lifecycle from outbreak to full remediation Provide critical feedback to the different product, research and engineering and threat hunting teams to help improve the products for the entire Palo Alto Networks customer base Work closely with Security Research, Threat Intelligence and Threat Hunting teams to remediate and detect new emerging threats This position requires flexibility to work primarily during morning and afternoon hours however, occasional night shifts may be required depending on business demands Qualifications Your Experience 3+ years of experience in a multi tiered SOC/IR is a must Experienced with Technologies such as EDR, SIEM, SOAR, FW A well established familiarity with attack trends and vectors Excellent written and oral communication skills in English Some degree of Malware Analysis or equivalent military experience - An advantage CEH / CompTIA CYSA+ certifications - An advantage Hands-on experience with Cortex XSOAR or Cortex XDR - An advantage Additional Information The Team The team youll lead helps protect customers by identifying the most sophisticated & stealthy attacks in their environment. The team does so by leveraging the Cortex product suite as well as unique tools, methodologies and techniques. Cortex provides enterprise-scale detection and response that runs on integrated endpoint, network and cloud data reduce the noise and focus on real threats. This team works closely with the different product teams and helps improve each and every product by providing first-hand insights into how the product is used and how it can perform even better.

About The Company Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of Communications Experience Required: 4+ years in Cybersecurity, with 2+ years hands-on NBAD and Network forensics Reports To: Security Operations Lead / SOC Manager Location: Jaipur Job Type: Full-time, Customer locations Job Summary We are looking for a skilled NBAD Engineer to support the identification of suspicious and anomalous network behaviors through behavior-based analytics. The candidate will be responsible for deploying, managing, and tuning NBAD tools, integrating them with SIEM/SOC infrastructure, and responding to alerts that indicate potential threats or network misuse. Key Responsibilities Design, deploy, and manage Network Behavior Anomaly Detection (NBAD) tools and solutions (e.g., Darktrace, Vectra AI, Cisco Stealthwatch, Corelight). Continuously monitor and analyze network traffic patterns to identify anomalies and potential threats. Correlate NBAD alerts with other data sources (e.g., SIEM, firewall logs, endpoint telemetry) for incident triage. Work closely with SOC and threat-hunting teams to investigate behavioral anomalies. Develop detection rules, baselines, and tuning configurations to reduce false positives and improve detection accuracy. Participate in incident response by providing insights into abnormal network activity. Maintain documentation of configurations, use cases, and response playbooks. Provide recommendations for enhancing network visibility and detection strategies. Required Skills And Qualifications Strong understanding of network protocols (TCP/IP, DNS, HTTP, SSL, etc.). Experience with NBAD or network analytics tools (e.g., Darktrace, Vectra, Stealthwatch, Nozomi, Niksun). Familiarity with packet capture and network traffic analysis tools (Wireshark, Zeek/Bro). Knowledge of threat detection methodologies, lateral movement, beaconing, and command & control techniques. Experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight) and their integration with NBAD tools. Ability to write detection rules, scripts, or playbooks (Python, Regex, YARA a plus). Good documentation, troubleshooting, and communication skills. Education Requirements BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification CEH/CSA/ NBAD certification

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift The candidate should have minimum 2 years of experience This position is based at our Chennai office.A 15 year full time education is required. Qualification 15 years full time education

Microland Limited is looking for Senior SME - SIEM to join our dynamic team and embark on a rewarding career journey Provide subject matter expertise in a specific area. Conduct research and analysis to support project development. Collaborate with cross-functional teams to provide expert guidance. Develop and deliver training and educational materials. Stay updated with advancements in the subject area. Prepare and present reports on subject matter activities and findings. Provide recommendations for improving processes and strategies.