285 Arcsight Jobs - Page 6

About Us Capco, a Wipro company, is a global technology and management consulting firm. Awarded with Consultancy of the year in the British Bank Award and has been ranked Top 100 Best Companies for Women in India 2022 by Avtar & Seramount . With our presence across 32 cities across globe, we support 100+ clients across banking, financial and Energy sectors. We are recognized for our deep transformation execution and delivery. WHY JOIN CAPCO You will work on engaging projects with the largest international and local banks, insurance companies, payment service providers and other key players in the industry. The projects that will transform the financial services industry. MAKE AN IMPACT Innovative thinking, delivery excellence and thought leadership to help our clients transform their business. Together with our clients and industry partners, we deliver disruptive work that is changing energy and financial services. #BEYOURSELFATWORK Capco has a tolerant, open culture that values diversity, inclusivity, and creativity. CAREER ADVANCEMENT With no forced hierarchy at Capco, everyone has the opportunity to grow as we grow, taking their career into their own hands. DIVERSITY & INCLUSION We believe that diversity of people and perspective gives us a competitive advantage. Location- Bangalore/Pune Work Mode - Hybrid (3 Days) Experience - 6+ Years Experienced in Project/Program PMO Experienced in handling stakeholders in different geos Experienced in working with Global customers Experienced in Project/Program Financials/budgeting and tracking Experienced in RAID log management Experienced in setting up steerco meetings and chairing it Experienced in working on executive reports/steerco deck/etc Experienced in working for financial services customers/projects Have thorough understanding on Project SDLC/governance Good communication skills Willing to work in UK shift timing WHY JOIN CAPCO You will work on engaging projects with some of the largest banks in the world, on projects that will transform the financial services industry. We offer A work culture focused on innovation and creating lasting value for our clients and employees Ongoing learning opportunities to help you acquire new skills or deepen existing expertise A flat, non-hierarchical structure that will enable you to work with senior partners and directly with clients A diverse, inclusive, meritocratic culture We offer: A work culture focused on innovation and creating lasting value for our clients and employees Ongoing learning opportunities to help you acquire new skills or deepen existing expertise A flat, non-hierarchical structure that will enable you to work with senior partners and directly with clients

The SOC Analyst is responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents using a variety of tools and technologies. This role is critical in protecting the organizations digital assets and ensuring compliance with security policies and standards. Monitor SIEM systems and security tools for suspicious activity. Analyze and respond to security incidents and threats. Stay updated on threat intelligence and attack trends. Review logs from firewalls, IDS/IPS, and antivirus tools. Escalate critical incidents and document findings. Support vulnerability management and remediation tracking. Configure and tune security tools like SIEM and EDR. Ensure compliance with security policies and audits. Collaborate with IT and network teams on investigations. Contribute to process improvements and incident playbooks. Primary Skills SIEM (e.g., Splunk, QRadar, ArcSight) Incident Response Log Analysis Threat Intelligence Secondary Skills Scripting (Python, PowerShell, Bash) Cloud Security (AWS, Azure, GCP) Endpoint Detection and Response (EDR)

Senior individual delivery role for complex security functions reducing risk, improving defensive capabilities, and mitigating cyber threats to both Thomson Reuters and its customers. Works with Lead Cyber Defense Individual Contributors and Cyber Defense People Leaders to deliver high-quality and innovative cyber defense security solutions across the enterprise by applying analytic, engineering, or other relevant technical expertise. Employs critical subject matter knowledge to identify, develop, and deploy solutions to key operational cyber defense challenges across a range of functions. About the Role: Delivers high quality solutions across cyber security functions including, but not limited tothreat detection, cyber threat intelligence, network security, incident response, insider threat prevention, defensive platforms and engineering, vulnerability management, and attack surface reduction. Drives continuous improvement in key cyber defense capabilities by streamlining technology acquisition and deployment, engineering solutions, and implementing innovative processes and procedures that increase efficiency, enhance performance, and reduce risk. Executes cyber security plans, activities, and policies that protect Thomson Reuters’ information infrastructure, customer base, and products. Assists in maturing cyber defense capabilities, enforces organizational security principles and industry recognized best practices, and demonstrates responsible resource management. Works independently or as part of functional project teams to implement security controls, monitor and mitigate threats, tune and optimize security appliances, coordinate with enterprise information services teams, interface with product teams, or other tasks associated with cyber defense and cyber fusion centers. About you: Youre a fit for the Senior Cyber Security Platform Engineer if you Have at least 5 years of CyberSecurity experience (Administration and Security Tools and Threat Intelligence Platforms) Knowledge and proven experience with AWS Proven experience with Python and Linux. Proven Experience dealing with the administration of cybersecurity tools. Troubleshooting and support on the integration and automation of process flows. Knowledge in MISP and Confluence. #LI-HS1 What’s in it For You Hybrid Work Model We’ve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrow’s challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. About Us Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

Monitor network traffic for unusual activity and potential threats Configure and manage security tools such as firewalls, antivirus software, and intrusion detection systems. Required Candidate profile Provide technical advice on network security issues to staff and management. Respond to, investigate, and resolve security incidents and breaches

Location : Mohali Job Type : Full-time Department : Cyber Security / IT Operations CTC : 3 LPA – 5 LPA Experience Required : 0 -2 years We are seeking a motivated and detail-oriented Implementation Engineer with experience in SIEM technologies. As part of the team, you will play a key role in deploying, configuring, and supporting SIEM solutions for our clients, ensuring they are optimally set up to detect, monitor, and respond to security threats. Key Responsibilities: Assist in the deployment, configuration, and maintenance of SIEM solutions (e.g., Splunk, IBM QRadar, ArcSight, etc.) for clients. Collaborate with the project management and technical teams to ensure smooth installation and integration of SIEM tools. Implement and configure log sources, data connectors, and system integrations. Assist in the creation and tuning of security rules and alerts to identify and respond to potential threats. Provide technical support and troubleshooting for SIEM-related issues during implementation and post-deployment phases. Conduct system performance tuning and optimization to ensure the SIEM solution is running efficiently. Document system configurations, processes, and implementation steps. Stay updated on industry best practices and trends in security monitoring. Requirements: Strong understanding of networking concepts and networking components. Proficiency in both Windows and Linux operating systems. In-depth knowledge of firewalls and network security principles is a plus. Hands-on experience with implementing and managing SIEM, SOAR, NDR, XDR tools is highly desirable. Must have the attitude to continuously learn and grow within the cyber security field. Good communication skills, both verbal and written. Ability to work in a fast-paced, collaborative environment Basic knowledge of SIEM platforms (e.g., Splunk, IBM QRadar, ArcSight, etc.). Experience with log sources such as firewalls, intrusion detection/prevention systems, and servers. Familiarity with security monitoring, threat detection, and incident management practices. Knowledge of scripting languages such as Python, Bash, or PowerShell is a plus. Show more Show less

Key Responsibilities JOB DESCRIPTION Leadership and Team Management: Lead and manage the Internal Red Team and SOC Operations teams, ensuring effective collaboration and alignment with organizational security objectives. Provide mentorship and guidance to team members, fostering a culture of continuous learning and professional development. Conduct regular performance reviews and provide ongoing feedback and coaching. Red Team Operations: Plan, execute, and oversee red team exercises to identify and exploit vulnerabilities in systems, networks, and applications. Develop and maintain red team methodologies, tools, and documentation. Work closely with other security teams to remediate identified vulnerabilities and improve security defenses. SOC Operations Management: Oversee the daily operations of the SOC, ensuring efficient and effective monitoring, detection, and response to security incidents. Develop and maintain SOC processes, procedures, and documentation to ensure consistent and high-quality operations. Ensure the SOC is staffed 24/7, including managing schedules, shifts, and on-call rotations. Incident Response and Management: Coordinate and lead the response to major security incidents, including investigation, containment, eradication, and recovery. Develop and maintain an incident response plan and ensure the team is well-trained and prepared to handle incidents. Conduct post-incident reviews and develop lessons learned to improve future response efforts. Threat Intelligence and Analysis: Oversee the collection, analysis, and dissemination of threat intelligence to inform security operations and red team activities. Ensure the SOC team utilizes advanced threat detection tools and techniques to identify and mitigate threats. Collaborate with other teams to enhance threat intelligence capabilities and integrate with existing processes. Security Monitoring and Reporting: Ensure continuous monitoring of network traffic, system logs, and security alerts using SIEM (Security Information and Event Management) solutions. Develop and maintain metrics and dashboards to report on SOC and red team performance and security posture. Present regular reports and briefings to senior management on the state of security operations and key incidents. Policy and Compliance: Develop and enforce security policies, procedures, and standards in alignment with industry best practices and regulatory requirements. Ensure compliance with relevant regulations, such as GDPR, and PCI-DSS. Participate in security audits and assessments, and coordinate with external auditors as needed. Qualifications Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered. Minimum of 7 years of experience in cybersecurity, with at least 3 years in a management or leadership role overseeing red team and/or SOC operations. Strong understanding of offensive security practices, including penetration testing and red teaming methodologies. Experience with SOC operations, including incident response, threat detection, and SIEM tools such as Splunk, ArcSight, or QRadar. Knowledge of common attack vectors and techniques, such as phishing, malware, and ransomware. Familiarity with regulatory requirements and frameworks, such as NIST, ISO 27001, and GDPR. Relevant certifications, such as CISSP, CISM, OSCP, CEH, or GIAC, are highly desirable. Excellent leadership, communication, and interpersonal skills. Ability to work effectively under pressure and manage multiple priorities. About The Team eClerx is a global leader in productized services, bringing together people, technology and domain expertise to amplify business results. Our mission is to set the benchmark for client service and success in our industry. Our vision is to be the innovation partner of choice for technology, data analytics and process management services. Since our inception in 2000, we've partnered with top companies across various industries, including financial services, telecommunications, retail, and high-tech. Our innovative solutions and domain expertise help businesses optimize operations, improve efficiency, and drive growth. With over 18,000 employees worldwide, eClerx is dedicated to delivering excellence through smart automation and data-driven insights. At eClerx, we believe in nurturing talent and providing hands-on experience. eClerx is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or protected veteran status, or any other legally protected basis, per applicable law. Show more Show less

Key Responsibilities Leadership and Team Management: Lead and manage the Internal Red Team and SOC Operations teams, ensuring effective collaboration and alignment with organizational security objectives. Provide mentorship and guidance to team members, fostering a culture of continuous learning and professional development. Conduct regular performance reviews and provide ongoing feedback and coaching. Red Team Operations: Plan, execute, and oversee red team exercises to identify and exploit vulnerabilities in systems, networks, and applications. Develop and maintain red team methodologies, tools, and documentation. Work closely with other security teams to remediate identified vulnerabilities and improve security defenses. SOC Operations Management: Oversee the daily operations of the SOC, ensuring efficient and effective monitoring, detection, and response to security incidents. Develop and maintain SOC processes, procedures, and documentation to ensure consistent and high-quality operations. Ensure the SOC is staffed 24/7, including managing schedules, shifts, and on-call rotations. Incident Response and Management: Coordinate and lead the response to major security incidents, including investigation, containment, eradication, and recovery. Develop and maintain an incident response plan and ensure the team is well-trained and prepared to handle incidents. Conduct post-incident reviews and develop lessons learned to improve future response efforts. Threat Intelligence and Analysis: Oversee the collection, analysis, and dissemination of threat intelligence to inform security operations and red team activities. Ensure the SOC team utilizes advanced threat detection tools and techniques to identify and mitigate threats. Collaborate with other teams to enhance threat intelligence capabilities and integrate with existing processes. Security Monitoring and Reporting: Ensure continuous monitoring of network traffic, system logs, and security alerts using SIEM (Security Information and Event Management) solutions. Develop and maintain metrics and dashboards to report on SOC and red team performance and security posture. Present regular reports and briefings to senior management on the state of security operations and key incidents. Policy and Compliance: Develop and enforce security policies, procedures, and standards in alignment with industry best practices and regulatory requirements. Ensure compliance with relevant regulations, such as GDPR, and PCI-DSS. Participate in security audits and assessments, and coordinate with external auditors as needed. Qualifications Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered. Minimum of 7 years of experience in cybersecurity, with at least 3 years in a management or leadership role overseeing red team and/or SOC operations. Strong understanding of offensive security practices, including penetration testing and red teaming methodologies. Experience with SOC operations, including incident response, threat detection, and SIEM tools such as Splunk, ArcSight, or QRadar. Knowledge of common attack vectors and techniques, such as phishing, malware, and ransomware. Familiarity with regulatory requirements and frameworks, such as NIST, ISO 27001, and GDPR. Relevant certifications, such as CISSP, CISM, OSCP, CEH, or GIAC, are highly desirable. Excellent leadership, communication, and interpersonal skills. Ability to work effectively under pressure and manage multiple priorities. Show more Show less

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required. What You'll Be Doing Academic Qualifications and Certifications: BE/BTech in Electronics/EC/EE/CS/IT Engineering or MCA At least one security certification such as CCNA Security, CCSA, CEH, CompTIA, GCIH/GCIA Required Experience: At least one SIEM solution certifications with one or more SIEM/ Security solutions (i.e., RSA NetWitness, Splunk ES, Elastic ELK, HP ArcSight, IBM QRadar Log Rhythm). Minimum overall 5 years of experience in handling security related products & services in a reputed organization out of which 3 years’ experience should be in SIEM solution. Person should have adequate knowledge of security devices like firewalls, IPS, Web Application Firewall, DDOS, EDR, Incident response, SOAR and other security devices Administration of SIEM environment (e.g.: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration management, change management, report management, manage backup and recovery, etc.) Construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables) Integration of customized threat intelligence content feeds provided by the Threat Intelligence & Analytics service Identifies possible sensor improvements to prevent incidents Collects/updates threat intelligence feeds from various sources Creates situational awareness briefings Co-ordinates with the different departments for incident analysis, containment and remediation Liaise with Security monitoring team to discover repeatable process that lead to new content development Provides engineering analysis and architectural design of technical solutions Knowledge of networking protocols and technologies and network security Sound analytical and troubleshooting skills Key Responsibilities: Monitors client infrastructure and solutions. Identifies problems and errors prior to or when they occur. Routinely identifies common incidents and opportunities for avoidance as well as general opportunities for incident reduction. Investigates first line incidents assigned and identifies the root cause of incidents and problems. Provides telephonic or chat support to clients when required. Schedules maintenance activity windows for patching and configuration changes. Follows the required handover procedures for shift changes to ensure service continuity. Reports and escalates incidents where necessary. Ensures the efficient and comprehensive resolutions of incidents and requests. Updates existing knowledge articles or create new ones. Identifies opportunities for work optimization including opportunities for automation of work, request fulfilment, incident resolution, and other general process improvement opportunities. May also contribute to / support on project work as and when required. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Provide advanced incident response and threat analysis in a Security Operations Center (SOC). Lead investigations, conduct forensics, and manage escalated security incidents to minimize risks and ensure data protection.

Implement and manage Splunk for monitoring and analyzing machine data to ensure system performance and security.

Design and implement identity governance and lifecycle management solutions using RSA IGL. Ensure compliance and security for user identities and access controls.

The Firewall,WAF role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Firewall,WAF domain.

The Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty domain.

The Imperva DB security Engineer role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Imperva DB security Engineer domain.

Role & responsibilities Security Architecture & Engineering Design and deploy secure network, infrastructure, and Azure cloud architectures using Defender for Cloud, Sentinel, Entra ID, and Purview. Select, integrate, and optimize security tools (SIEM/SOAR, firewalls, EDR, DLP). Embed security into DevOps/CI-CD pipelines via automation (Logic Apps, PowerShell, KQL). Security Operations & Incident Response Configure and tune detection rules and workbooks in Sentinel; build automated playbooks for common incidents. Lead triage, investigation, and root-cause analysis of alerts from Defender and Sentinel. Conduct proactive threat hunting, log review, and vulnerability assessments. Identity & Access Management Implement and manage Conditional Access, MFA, Privileged Identity Management, and RBAC in Entra ID. Enforce least-privilege principles and lifecycle policies across users, groups, and service identities. Governance, Risk & Compliance Maintain alignment with ISO 27001, NIST, CIS, PCI-DSS, and GDPR using Secure Score and Compliance Manager. Develop and enforce security policies, standards, and audit controls. Team Leadership & Collaboration Mentor SOC analysts and engineers, driving continuous improvement and knowledge sharing. Collaborate closely with IT, DevOps, and business units to integrate security into all projects.

The Firewall,WAF role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Firewall,WAF domain.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in continuous learning to stay updated on the latest security trends and technologies, contributing to a secure environment for all stakeholders. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsPreferable GCIA, GCFA, CISSPStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Engineering Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your role involves ensuring the security of critical assets and data. Roles & Responsibilities:Work as part of Security Engineering handling tunings, customer requests, escalations, reporting, trainings, etc.Administration of the Accenture proprietary SIEM (Log Collection Platform) to gather security logs from customer environment.Life cycle management of the SIEM (Onboarding, Break-fix, Patching, Live update )Adhering to SOPs and notify customers on log flow/log format issuesDocument best practices and writing KB articlesIdentify opportunities for process improvements Professional & Technical Skills: Experience in SOC OperationsKnowledge on networking, Linux and security concepts Experience in configuring/managing security controls such as Firewall, DS/IPS,EDR,UTM,ProxyKnowledge on log collection mechanism such as Syslog, Log file, DB & API and build collector Knowledge in device onboarding and integrationPassion for cyber security, learning, and knowledge sharing Strong Verbal & written communication skills Proven customer service skills, problem solving and interpersonal skills Ability to handle high pressure situationsConsistently exhibit high levels of teamworkFollowing certifications is added advantage:Network+,Linux+, Security and CCNAPrior experience in information security or SOC operations Additional Information:Work as part of a global technical services team that works 24/7 on rotational shiftBachelors degree in computer science, The candidate should have minimum 2 years of experience This position is based at our Chennai office. A 15 years full time education is required. Qualification 15 years full time education

The Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Securonix/UEBA/SIEM, Tripwire IP360, Tripwire CCM, AWS Guardduty domain.

A career in our Advisory Acceleration Centre is the natural extension of PwC’s leading class global delivery capabilities. We provide premium, cost effective, high quality services that support process quality and delivery capability in support for client engagements. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Use feedback and reflection to develop self awareness, personal strengths and address development areas. Delegate to others to provide stretch opportunities, coaching them to deliver results. Demonstrate critical thinking and the ability to bring order to unstructured problems. Use a broad range of tools and techniques to extract insights from current industry or sector trends. Review your work and that of others for quality, accuracy and relevance. Know how and when to use tools available for a given situation and can explain the reasons for this choice. Seek and embrace opportunities which give exposure to different situations, environments and perspectives. Use straightforward communication, in a structured way, when influencing and connecting with others. Able to read situations and modify behavior to build quality relationships. Uphold the firm's code of ethics and business conduct. ,Quality Assurance SOC Analyst - CaaS As a Quality Assurance SOC Analyst (Senior Associate) within the Cyber as a Service (CaaS) practice, you’ll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. You will play a pivotal role in ensuring the quality and effectiveness of our SOC operations. You will be responsible for reviewing and enhancing our security incident response processes and procedures, evaluating the performance of SOC analysts, and implementing best practices to maintain the highest standards of security. This role is critical in maintaining the integrity of our clients' systems and Required Qualifications data. Responsibilities include but are not limited to: 3+ years of experience in a technical role in the areas of Security Operations, Quality Assurance in a SOC setting, Threat Intelligence, Incident Response, or Penetration Testing/Red Team. At a minimum, a Bachelor's Degree in a relevant area of study with a preference for Computer Science, Computer Engineering, Cybersecurity, or Information Security. Knowledge and experience working with various SIEM, EDR, NDR and Ticketing tools. Knowledge of Security Operations Centre (SOC) processes and procedures. Effective communication skills, both written and verbal. Strong attention to detail and commitment to quality. Advanced knowledge and experience analyzing attacker techniques at all stages of a breach. Knowledge of MITRE ATT&CK and Cyber Kill-Chain is a must Be available to work on a 24/7 basis (Mon-Sun) on a shift based schedule to continuously assure quality within SOC. Roles & Responsibilities Conduct regular quality assessments of security incident handling processes within the SOC for both L1 and L2 functions. Review and evaluate the effectiveness of SOC analyst activities, including incident detection, analysis, investigation and response. Identify areas for improvement and provide recommendations to enhance SOC operations and incident response capabilities. Collaborate with SOC management and leads to develop and implement quality assurance strategies and initiatives. Create and maintain comprehensive quality assurance documentation, reports, and metrics. Mentor and provide guidance to junior SOC analysts to improve their performance and investigation skills. Stay up-to-date with the latest threat landscape, attack vectors, and cybersecurity technologies through ongoing research and professional development. Assist in incident response activities as needed, including during high-priority security incidents. Participate in the development and delivery of training programs for SOC staff. Collaborate with the L2 analyst team to develop robust quality assurance practices, documentation, reports and metrics. Collaborate with L1 and L2 SOC analysts to provide training and knowledge sharing on quality assurance best practices. Communicate findings and recommendations effectively to technical and non-technical stakeholders internally and externally. Maintain detailed records of quality assurance activity, including findings, actions taken, and outcomes. Participate in knowledge-sharing initiatives with the L1 and L2 team to enhance collective expertise and investigation skills. Ensure adherence to established quality assurance processes and procedures. Identify opportunities for process improvement and contribute to the enhancement of quality assurance methodologies. Maintain composure and efficiency in high-pressure situations. Willing to work in US day shift (9AM EST - 5PM EST) / India night Shift (7 PM IST to 3 AM IST) and weekend support / on call support Experience & Skills 3+ years of experience in a technical role in the areas of Security Operations, Quality Assurance in a SOC setting, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team. Experience in SOC L1, SOC L2 is a must. Experience in SOC Quality Assurance is a must Experience in SIEM technologies such as Azure Sentinel, Splunk, ArcSight, QRadar, Exabeam, LogRhythm Experience and knowledge of EDR and NDR technologies such as Cortex XDR, CrowdStrike, Carbon Black, Cylance, Defender, DarkTrace Experience with ticketing system such as ServiceNow, JIRA is considered a strong asset Experience and Knowledge working with Cyber Kill-Chain model and MITRE ATT&CK framework Ability to use data to 'tell a story'; ability to communicate findings and recommendations effectively to technical and non-technical stakeholders. Proficient in preparation of reports, dashboards and documentation Excellent communication and leadership skills Ability to handle high pressure situations with key stakeholders Good Analytical skills, Problem solving and Interpersonal skills A demonstrated commitment to valuing differences and working alongside diverse people and perspectives Show more Show less

Key Responsibilities: Incident Detection & Response: Monitor security alerts and events through SIEM tools to identify potential threats. Investigate security incidents and respond in a timely and effective manner. Leverage EDR (Endpoint Detection and Response) solutions for threat detection and incident analysis. Threat Analysis & Mitigation: Conduct thorough threat and malware analysis to identify and mitigate risks. Work closely with internal teams to investigate malware, viruses, and ransomware threats. Use CrowdStrike , Defender , and other endpoint security tools to prevent attacks. Email Security Management: Monitor and manage email security systems to prevent phishing, spam, and other malicious email threats. Respond to suspicious email alerts and work with other teams to resolve them. Continuous Monitoring & Alerting: Actively monitor systems, networks, and applications for any signs of suspicious activities. Utilize Endpoint Security solutions to continuously track and protect endpoints across the network. Collaboration & Reporting: Work closely with the IT and security teams to assess, analyze, and resolve security incidents. Maintain detailed documentation of incidents, findings, and responses for future reference. Regularly report on the status of ongoing security incidents and trends to senior management. Research & Knowledge Enhancement: Stay updated with the latest security threats, vulnerabilities, and trends. Participate in security training and development to improve skills in SIEM , EDR , and other security tools. Required Skills and Qualifications: Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills. Preferred Qualifications: Security certifications like CompTIA Security+ , CISSP , CEH , or GIAC are a plus. Experience with incident response and forensic investigation. Familiarity with cloud security in AWS, Azure, or Google Cloud. Show more Show less

SOC ENGINEER (ENGINEER R&D / DEV) We are looking for a candidate who have experience in as DevOps engineer to creating systems software and analyzing data to improve existing systems or New innovation, along with develop and maintain scalable applications Monitor, troubleshoot, and resolve issues including deployments in multiple environments. Candidate must be well-versed in computer systems and network functions. They should be able to work diligently and accurately and should have great problem-solving ability in order to fix issues and ensure client’s business functionalities. REQUIREMENTS: ELK development experience Dev or DevOps experience on AWS cloud, containers, serverless code Development stack of Wazuh and ELK. Implement best DevOps practice Tool set knowledge required for parser/ use case development, plugin customisation – Regex, python, yaml, xml . Hands-on experience in DevOps . Experience with Linux and monitoring, logging tools such as Splunk ,Strong scripting skills Researching and designing new software systems, websites, programs, and applications. Writing and implementing, clean, scalable code. Troubleshooting and debugging code. Verifying and deploying software systems. Evaluating user feedback. Recommending and executing program improvements. Maintaining software code and security systems. Knowledge of cloud system(AWS, Azure). Excellent communication skills. GOOD TO HAVE: SOC, security domain experience is desirable. Knowledge of Docker, Machine Learning, BigData, Data Analysis, Web-Scrapping.ata Analysis, Web-Scrapping. Resourcefulness and problem-solving aptitude Good understanding of SIEM solutions like ELK, Splunk, ArcSight etc. Understanding of cloud platforms like Amazon AWS, Microsoft Azure and Google Cloud. Experience in managing firewall / UTM solutions from Sophos, Fortigate, Palo Alto, Cisco FirePower Professional certification (e.g. Linux Foundation Certified System Administrator, Linux+ CompTIA,RHCSA – Red Hat Certified System Administrator) QUALIFICATION: 2-3 years of experience in Product //DevOps//SecOps//development. SKILLS: Experience in software design and development using API infrastructure. Profound knowledge in various scripting languages, system, and server administration Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting Job Types: Full-time, Permanent Pay: ₹25,000.00 - ₹66,000.00 per month Benefits: Internet reimbursement Schedule: Day shift Supplemental Pay: Performance bonus Application Question(s): Do you have experience in SIEM Tool, Scripting, Backend or Front end development? Experience: minimum: 1 year (Required) Language: English (Required) Location: Kochi, Kerala (Required) Work Location: In person

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 2 SOC analysts are incident responders, remediating serious attacks escalated from Tier 1, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 3 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 3 Years’ Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting Show more Show less

We are seeking a skilled and proactive Cybersecurity Expert with deep experience in Security Operations Center (SOC) environments and hands-on expertise in Micro Focus ArcSight (ESM, Logger, SmartConnectors). The ideal candidate will play a critical role in threat detection, incident response, and overall SIEM management to safeguard the organization’s infrastructure. Key Responsibilities SOC Operations Monitor and analyze security events and incidents from multiple sources in real-time. Conduct triage and investigation of security alerts to determine validity and impact. Respond to incidents, perform root cause analysis, and coordinate mitigation steps. Document incidents and provide detailed incident reports. ArcSight (SIEM) Management Configure and manage ArcSight ESM, Logger, and SmartConnectors. Create and optimize correlation rules, dashboards, and reports. Onboard new log sources, maintain log integrity and retention policies. Tune use cases to reduce false positives and improve detection efficacy. Threat Detection & Response Conduct threat hunting activities using ArcSight and threat intelligence feeds. Collaborate with threat intel teams to enhance detection capabilities. Participate in red team/blue team exercises and post-event analysis. Compliance & Reporting Ensure logging and monitoring processes support compliance (e.g., ISO 27001, PCI-DSS, NIST). Generate reports and metrics for stakeholders on SOC performance and incident trends. Collaboration & Knowledge Sharing Work with IT, network, and application teams for incident resolution and preventive actions. Train and mentor junior SOC analysts. Stay updated on threat landscape and SIEM advancements. Preferred Qualifications (Optional): Certification. 3 to 10 years of experience Experience with other security tools (EDR, SOAR, IDS/IPS, firewalls). Familiarity with scripting languages (e.g., Python, PowerShell). Understanding of compliance standards such as ISO 27001 , NIST , PCI-DSS , or GDPR . Education: Bachelor’s degree in Computer Science(BE,BTech,Mtech,Mca) Show more Show less

Greetings From TCS!! Position : SOC Analyst Experience : 4+years Walkin Interview on 7th Jun 2025 at below locations : Hyderabad TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Bangalore TCS L-Center, Vydehi RC-1 Block, EPIP Industrial Area, 82, 6th Rd, KIADB Export Promotion Industrial Area, Whitefield, Bengaluru, Karnataka 560066 Chennai TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Mumbai TCS OLYMPUS, Hiranandani Estate, Thane West, Thane, Maharashtra 400615 Noida TCS Yamuna, First floor, Assotech Business Cressterra, VI Plot 22, Sector 135, Noida, Uttar pradesh- 201301 Kolkata Tata Consultancy Services Limited | IT/ITES SEZ, Plot-IIF / 3 Action Area-II, New Town, Rajarhat, Kolkata-700156, West Bengal, India Job Description : Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Oversight of facilitates for other offices in the UK and provide support and guidance where required. Ability to translate event analysis findings into new monitoring proposals. Remain flexible with 24/7 shift and task assignments. Interested Candidates can share their cv to divya.jillidimudi1@tcs.com if you are available for Walkin interview Regards, Divya Jillidimudi Show more Show less