421 Arcsight Jobs - Page 9

Saint-Gobain group through its group company Grindwell Norton Limited has established INDEC - an International Delivery Center in Mumbai to provide IT solutions and services to the groups’ businesses Globally. INDEC is currently organized into INDEC Application Development, INDEC Infrastructure Management and Cyber Security Management. While INDEC Apps specializes in Software application development and maintenance services (ADM), INDEC Infra specializes in monitoring and managing the key IT infrastructure assets of the group deployed globally across 70 countries worldwide. INDEC provides IT Services and Solutions to the Saint-Gobain group through its state-of-the-art delivery centers based at Andheri – East in Mumbai. There are approximately 1200+ associates working in INDEC currently. INDEC Apps provides software application development and maintenance services across a wide spectrum covering SAP, Java, PHP, .Net, CRM, Mobility, Digital, Artificial Intelligence (AI), and Robotic Automation. INDEC Infra on the other hand operates the following service lines: Network Coordination Center (NCC/NOC), Data Center Infrastructure Support, IT Standards, Tools Engineering and Reporting Automation. INDEC Cybersecurity provides 24/7 Security monitoring to detect & react on any suspicious activity in Saint- Gobain. It provides services on vulnerability scanning, web application firewall, endpoint protection, strong authentication, digital certificate, Win 10 MBAM and SFTS support . Key Responsibiities: • Evaluate and enhance the performance of SIEM/SOAR systems to ensure optimal threat detection and incident response. • Develop and maintain automation scripts and playbooks to streamline incident detection, analysis, and response processes. Leverage SOAR capabilities to reduce manual intervention and improve response times. • Oversee the day-to-day administration of SIEM/SOAR platforms, ensuring their availability, reliability, and security. Perform regular updates, patches, and configuration changes. • Collaborate with the Incident Response team to ensure seamless integration of detection and response functions. Provide support during security incidents to ensure timely and effective remediation. • Work closely with other IT and security teams to develop specific use cases and to enhance the overall security posture of the organization. Share insights and recommendations to improve overall cybersecurity posture. • Maintain detailed documentation of automation, scripts, and improvement. • Manage execution of standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/SOAR platforms. • Manage technical documentation around the content deployed to the SIEM/SOAR. • Manage reports, dashboards, metrics for CyberSOC KPIs and presentation to senior management & other stakeholders Qualificaton: • Bachelor's degree in Computer Science, Information Security, EXTC or related field. • Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirable. • Proven experience (3+ years) working within the Cybersecurity field, with a focus on security platform implementation & administration. • Experience with deploying and managing a large SIEM/SOAR environment. • Experience with Palo Alto XDR and/or other SIEM platforms like Sentinel, Qradar, Splunk, ArcSight, etc. • Experience with Palo Alto XSOAR and/or equivalent SOAR Platforms like Resilient, Phantom, etc. • Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is highly desirable. Functional Skills/Competencies: • Has a systematic, disciplined, and analytical approach to problem solving. • Excellent ability to think critically under pressure. • Strong communication skills to convey technical concepts clearly to both technical and non- technical stakeholders. • Willingness to stay updated with evolving cyber threats, technologies, and industry trends. • Capacity to work collaboratively with cross-functional teams, developers, and management to implement robust security measures. SELECTION PROCESS: Interested Candidates are mandatorily required to apply through this listing on Jigya. Only applications received through Jigya will be evaluated further. Shortlisted candidates may be required to appear in an Online Assessment administered by Jigya on behalf of Saint-Gobain INDEC Candidates selected after the screening test will be interviewed by Saint-Gobain INDEC

About NCR Atleos Responsible for planning and performing Application Risk Assessments, as per the guidelines provided by regulations and standards. Build expertise on security governance and compliance that includes all Cloud providers and Cloud security monitoring. Build tool expertise on tools - Wiz, Algosec, Fortinet, Forscout, etc. Effectively collaborates and communicates with the stakeholders and ensure satisfaction Foster teamwork. Train and coach team members to ensure effective knowledge management activity. EEO Statement NCR Atleos is an equal-opportunity employer. It is NCR Atleos policy to hire, train, promote, and pay associates based on their job-related qualifications, ability, and performance, without regard to race, color, creed, religion, national origin, citizenship status, sex, sexual orientation, gender identity/expression, pregnancy, marital status, age, mental or physical disability, genetic information, medical condition, military or veteran status, or any other factor protected by law. Statement to Third Party Agencies To ALL recruitment agenciesNCR Atleos only accepts resumes from agencies on the NCR Atleos preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Atleos employees, or any NCR Atleos facility. NCR Atleos is not responsible for any fees or charges associated with unsolicited resumes.

HackIT Technology & Advisory Services is looking for Security Analyst - Red Team to join our dynamic team and embark on a rewarding career journey Gather, interpret, and analyze data to identify trends, patterns, and opportunities that support strategic decision-making Prepare clear, actionable reports, dashboards, and visualizations using tools like Excel, SQL, Power BI, or Tableau Collaborate with stakeholders to define business problems and recommend data-driven solutions Ensure data integrity, validate findings, and document methodologies Present insights to management and cross-functional teams in a concise and impactful manner Stay updated on industry best practices, tools, and emerging trends to enhance analysis quality and business outcomes

Managed Services SOC Manager Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

About Toast Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love. Because our technology is purpose-built for restaurants, our customers trust that we will deliver on their needs today while investing in innovative experiences that will power the future of the industry. About this roll*: We are seeking a strategic and experienced leader to manage our Corporate Security and Governance, Risk, and Compliance functions in India. You will lead and grow both teams, strengthen our security posture, drive compliance with industry frameworks, and support enterprise risk efforts, while partnering closely with global stakeholders on key initiatives. What you will do: Corporate Security: Provide leadership and oversight to the CorpSec team, ensuring the implementation of best practices across endpoint protection, vulnerability management, and threat mitigation. Guide the design and management of a secure enterprise endpoint strategy, ensuring the CorpSec team aligns with policy and compliance requirements. Supervise the CorpSec team in conducting vendor risk assessments and coordinate with global stakeholders to drive remediation activities. Oversee the management of secure email gateway and Data Loss Prevention (DLP) systems, ensuring the CorpSec team enforces data protection and policy compliance across all endpoints (Windows, macOS, Linux). Manage endpoint investigations and root cause analysis, directing the CorpSec team to collaborate with the SOC for integrating telemetry into SIEM platforms (e.g., Splunk, Datadog). Ensure the CorpSec team maintains documentation, SOPs, and training resources, and oversees the delivery of awareness sessions to improve endpoint hygiene. Stay informed on emerging threats to provide strategic guidance to the CorpSec team for enhancing threat detection and response capabilities. Governance, Risk, and Compliance (GRC): Oversee the development and maintenance of GRC frameworks (SOC 2, PCI DSS, ISO 27001), ensuring the Technical GRC team aligns with global standards and maintains ongoing compliance. Manage the review process for third-party security attestations (e.g., SOC 2, ISO 27001) and guide the Technical GRC team in assessing vendors in collaboration with Legal, Procurement, and IT. Supervise periodic vendor risk reviews, ensuring the Technical GRC team identifies gaps and drives remediation plans effectively. Partner with internal audit and external assessors to support security evaluations and regulatory alignment. Provide oversight for regular reporting on compliance posture, risk trends, and incident metrics to senior stakeholders, ensuring the Technical GRC team delivers accurate and timely updates. Team Leadership and Development: Provide leadership and mentorship to the Corporate Security and GRC teams in India, fostering a high-trust, collaborative environment. Recruit, train, and grow security talent to build a resilient, high-performing organization. Set performance goals, conduct evaluations, and support team members' ongoing development. Do you have the right ingredients*? Bachelor’s in Computer Science, InfoSec, or related field (Master’s preferred). Industry certifications like CISSP, CISM, or CEH are strongly preferred. 10+ years in cybersecurity, with hands-on experience in vulnerability management, compliance automation, and GRC. Strong understanding of SOC operations, incident response, and security tooling (SIEM, IDS/IPS, WAF). Proven leadership experience managing distributed security teams in dynamic environments. Skilled in communication, collaboration, and team development. Deep knowledge of compliance frameworks (e.g., SOC 2, PCI DSS, ISO 27001) and regulatory expectations.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required. What You'll Be Doing Academic Qualifications and Certifications: BE/BTech in Electronics/EC/EE/CS/IT Engineering or MCA At least one security certification such as CCNA Security, CCSA, CEH, CompTIA, GCIH/GCIA Required Experience: At least one SIEM solution certifications with one or more SIEM/ Security solutions (i.e., RSA NetWitness, Splunk ES, Elastic ELK, HP ArcSight, IBM QRadar Log Rhythm). Minimum overall 5 years of experience in handling security related products & services in a reputed organization out of which 3 years’ experience should be in SIEM solution. Person should have adequate knowledge of security devices like firewalls, IPS, Web Application Firewall, DDOS, EDR, Incident response, SOAR and other security devices Administration of SIEM environment (e.g.: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration management, change management, report management, manage backup and recovery, etc.) Construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables) Integration of customized threat intelligence content feeds provided by the Threat Intelligence & Analytics service Identifies possible sensor improvements to prevent incidents Collects/updates threat intelligence feeds from various sources Creates situational awareness briefings Co-ordinates with the different departments for incident analysis, containment and remediation Liaise with Security monitoring team to discover repeatable process that lead to new content development Provides engineering analysis and architectural design of technical solutions Knowledge of networking protocols and technologies and network security Sound analytical and troubleshooting skills Key Responsibilities: Monitors client infrastructure and solutions. Identifies problems and errors prior to or when they occur. Routinely identifies common incidents and opportunities for avoidance as well as general opportunities for incident reduction. Investigates first line incidents assigned and identifies the root cause of incidents and problems. Provides telephonic or chat support to clients when required. Schedules maintenance activity windows for patching and configuration changes. Follows the required handover procedures for shift changes to ensure service continuity. Reports and escalates incidents where necessary. Ensures the efficient and comprehensive resolutions of incidents and requests. Updates existing knowledge articles or create new ones. Identifies opportunities for work optimization including opportunities for automation of work, request fulfilment, incident resolution, and other general process improvement opportunities. May also contribute to / support on project work as and when required. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Work with Us. Change the Word. At AECOM, we're deivering a better word. Whether improving your commute, keeping the ights on, providing access to cean water, or transforming skyines, our work heps peope and communities thrive. We are the word's trusted infrastructure consuting firm, partnering with cients to sove the word’s most compex chaenges and buid egacies for future generations. There has never been a better time to be at AECOM. With acceerating infrastructure investment wordwide, our services are in great demand. We invite you to bring your bod ideas and big dreams and become part of a goba team of over 50,000 panners, designers, engineers, scientists, digita innovators, program and construction managers and other professionas deivering projects that create a positive and tangibe impact around the word. We're one goba team driven by our common purpose to deiver a better word. Join us. Fow & quaity data anaysis Preparing process fow diagrams, P&IDs Producing mass baances/process sizing cacuations Preparing process & performance specifications Process Modeing and simuation using software ike BioWin Providing mentoring and support for junior engineers and CAD technicians Contribute to the production and deivery of concise high-quaity technica documentation in Engish. Quaifications B.E./M.Tech. (preferred) in Chemica or Environmenta Engineering fied from a recognized university. Professiona registration or icensure in their designated home office country or be inactive pursuit of such registration. Awareness of pipe network design codes. Experience in designing Water Treatment systems incuding conventiona and advance system. Experience in designing Wastewater Treatment systems ike – ASP, MBBR, SBR, MBR, Digesters, Soids Handing system, Desaination system, etc. Awareness of Quaity aspects (i.e., registers, design issues ogs, QC process and design transmittas etc.). Abe to independenty work efficienty and meet required deadines by foowing reevant design manuas/standards and practices. 8 - 10 Years of experience in water/wastewater industry. Having hands-on experience in process simuation modeing. Experience in Detaied Design of Wastewater Water, Water, Biosoids and Desaination Systems. Good Engish communication skis. Good team payer Additiona Information AECOM provides a wide array of compensation and benefits programs to meet the diverse needs of our empoyees and their famiies. We aso provide a robust goba we-being program. We’re the word’s trusted goba infrastructure firm, and we’re in this together – your growth and success are ours too. As an Equa Opportunity Empoyer, we beieve in each person’s potentia, and we’ hep you reach yours. #LI-FS1

Ways of working: Mandate 3 : Onsite Office / Field: Employees are expected to work from the office on all days out of their respective base locations, About Swiggy Swiggy Instamart, is building the convenience grocery segment in India We offer more than 30000 + assortments / products to our customers within 10-15 mins We are striving to augment our consumer promise of enabling unparalleled convenience by making grocery delivery instant and delightful Instamart has been operating in 90+ cities across India and plans to expand to a few more soon We have seen immense love from the customers till now and are excited to redefine how India shops, Job Description Custodian of finance for 3PL (Contracts, surges, base pay) and overall CPD alignment Verifying invoices shared from 3PL Base pay computation Taxation clauses Incentive payouts Coordinate with the Finance Automation team to enhance the reporting requirements through system automation, Uploading on finly / oracle and following up on payments process as per DOA Recon with 3PL partners and finance team for quarterly/yearly closures Desired Skills Integrity: Accepting and adhering to high moral, ethical, and personal values in decisions, communications, actions, and when dealing with others, Strong analytical skills: able to clearly link financial results to operational performance drivers, generate alternatives and drive positive change, Excellent verbal and written communication skills and the ability to communicate complex business issues in a clear/concise manner, Adaptable/Flexible: being open to change in response to new information, different or unexpected circumstances, and/or to working in ambiguous situations, Strong knowledge of MS excel, We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regards to race, colour, religion, sex, disability status, or any other characteristic protected by the law"

Role Title: Cyber Defense Specialist – Senior SOC Analyst (L3/L4 | Threat Detection | Incident Response) 📍 Location: Manesar, Haryana (Onsite | Government Sector Engagement) 🏢 Organization: VVNT SEQUOR LLP, Noida 📅 Start Date: Immediate to ≤ 1 Month Preferred About the Role Join VVNT SEQUOR LLP as a Cyber Defense Specialist supporting our prestigious Government Sector client . With 8–10 years of deep expertise in SOC operations, SIEM platforms, and threat intelligence , you’ll be leading high-severity incident response efforts, forensic investigations, and proactive threat hunting. This is not just a monitoring role — it’s a frontline cybersecurity command post where you’ll shape detection strategies, automate response mechanisms, and act as a senior escalation point for L3/L4 security challenges. Your Core Responsibilities 🎯 SIEM & Threat Hunting Lead monitoring of security events using ArcSight , Splunk , ELK , and custom dashboards Develop and fine-tune correlation rules , detection use cases, and threat indicators Conduct proactive threat hunting using the MITRE ATT&CK framework, threat intel, and behavioral analytics 🚨 Incident Response & Digital Forensics Execute the full incident lifecycle —detection, containment, investigation, recovery, and RCA Perform forensic investigations : memory analysis, packet capture review, EDR telemetry (e.g., CrowdStrike , SentinelOne ) Conduct post-incident reviews , document findings, and coordinate RCA sessions with stakeholders 🛠️ Vulnerability Management & Infrastructure Security Conduct VAPT assessments using tools like Nessus , Qualys , OpenVAS , Metasploit , Burp Suite Manage and fine-tune Firewalls (Palo Alto, FortiGate) , WAF , IDS/IPS , and Anti-DDoS appliances Support audits and documentation for ISO 27001 , NIST CSF , and related compliance mandates ⚙️ Automation & Security Enablement Drive integration with SOAR platforms , building automated playbooks using Python , PowerShell , or REST APIs Mentor L1/L2 teams, lead internal security drills, and run awareness campaigns (e.g., KnowBe4 ) Collaborate on blue/purple team exercises to improve detection coverage Ideal Candidate Profile 8–10 years of SOC experience with strong L3/L4 exposure Expert in SIEM/EDR/SOAR tools , threat modeling, forensic analysis, and advanced detection Excellent in handling escalations, drafting RCA reports, and coordinating with InfoSec, Infra, and Audit teams Comfortable with mission-critical response , working in regulated or high-compliance environments Preferred Certifications / Experience Certifications: CEH, CHFI, GCFA, GCIA, Security+, Splunk Certified Analyst Experience with cloud security monitoring tools (AWS GuardDuty, Azure Sentinel, TIPs) Bonus: Exposure to OT/ICS environments , Red/Blue/Purple team operations, or critical infrastructure protection Why VVNT SEQUOR? Work on strategic cybersecurity projects for a Government client Get hands-on with next-gen detection tools and nation-grade threat response protocols Enjoy subsidized cab & lunch while working in a high-impact, innovation-led setup Be recognized as a cyber leader , not just an operator Application Process Send the following to: 📧 chaitali@vvntsequor.in , parveen.arora@vvntsequor.in 📱 WhatsApp: +91-9891810196 / +91-8802801739 Please include: Updated Resume (with certifications) Last Drawn & CTC Earliest Joining Date (Immediate to Max 1 Month only) Optimized Tags / Keywords Senior SOC Analyst | Cybersecurity Specialist | Threat Hunting | SIEM (Splunk, ArcSight) | Incident Response | Forensics | CrowdStrike | EDR | SOAR Automation | MITRE ATT&CK | ISO 27001 | NIST CSF | Python Scripting | VAPT | Firewall Security | L3 L4 Escalation Show more Show less

Job Summary: We are looking for a skilled and proactive L2 SOC Engineer with hands-on expertise in Database Activity Monitoring (DAM), Cyber ARK and Web Application Firewall (WAF) technologies. Experience with Privileged Identity Management (PIM) tools such as CyberArk is highly desirable. The candidate will be responsible for handling escalated incidents, threat analysis, and supporting the security infrastructure within a 24x7 SOC environment. Key Responsibilities: Monitor, analyze, and respond to security events and alerts escalated from L1 analysts. Operate and manage DAM and WAF systems for threat detection and response (MANDATORY). Perform threat hunting and deep-dive investigations on suspicious activities using logs and monitoring tools. Work with PIM tools (preferably CyberArk) to manage and secure privileged access. Perform rule tuning and policy management in DAM and WAF platforms to reduce false positives and improve detection. Coordinate with internal IT, application, and compliance teams to contain and remediate threats. Document incident response steps, create detailed reports, and support post-incident reviews. Stay updated on emerging threats and recommend proactive improvements in the SOC processes. Required Skills & Qualifications: 2–4 years of experience working in a Security Operations Center (SOC) environment. MANDATORY: Hands-on experience in: Database Activity Monitoring (DAM) Web Application Firewalls (WAF) (e.g., Imperva, F5, Akamai, Fortinet) Preferred: Experience with Privileged Identity Management (PIM) solutions, especially CyberArk . Strong understanding of networking, OS-level security, and incident response practices. Familiarity with SIEM tools such as Splunk, QRadar, ArcSight, etc. Ability to work in shifts, including 24x7 rotational support if required. Show more Show less

3 -7 years of working experience in a security operations centre or relevant. Experience with incident response frameworks and methodologies (e.g., MITRE ATT&CK) Strong knowledge of incident response, incident management, change management, process flow, etc. and their best practices. Excellent communication and collaboration skills Ability to work independently and as part of a team Ability to handle pressure and work effectively in a fast-paced environment Experience with security tools and technologies (e.g., SIEM, SOAR, EDR) a plus Knowledge of legal and regulatory requirements related to data breaches a plus Good understanding of Incident life cycle and Triage process. Good experience in OS logs, WAF, IPS, firewall etc. log analysis. Insight knowledge about DFIR and Malware analysis Knowledge of Threat Intelligence and Security Advisories research and analysis would be added advantage.

This role involves the development and application of engineering practice and knowledge in designing, managing and improving the processes for Industrial operations, including procurement, supply chain and facilities engineering and maintenance of the facilities. Project and change management of industrial transformations are also included in this role. Job Description - Grade Specific Focus on Industrial Operations Engineering. Develops competency in own area of expertise. Shares expertise and provides guidance and support to others. Interprets clients needs. Completes own role independently or with minimum supervision. Identifies problems and relevant issues in straight forward situations and generates solutions. Contributes in teamwork and interacts with customers. Skills (competencies)

John Cockerill, enablers of opportunities Driven since 1817 by the entrepreneurial spirit and thirst for innovation of its founder, the John Cockerill Group develops large-scale technological solutions to meet the needs of its time: facilitating access to low carbon energies, enabling sustainable industrial production, preserving natural resources, contributing to greener mobility, enhancing security and installing essential infrastructures. Its offer to businesses, governments and communities consists of services and associated equipment for the sectors of energy, defence, industry, the environment, transports, and infrastructures. With over 6,000 employees, John Cockerill achieved a turnover of € 1,209 billion in 2023 in 29 countries, on 5 continents. www.johncockerill.com Location: Navi Mumbai Job Purpose As a Security Operations Senior Specialist will be responsible for implementing and managing the SIEM solution (Rapid7) deployed and performing L2 activities for Security Incidents in JOHN COCKERILL. You should be able to manage the SIEM tool as administrator and react on the escalated Security Incidents from L1 Team. You will also be responsible for overseeing monitoring SOC capabilities to improve the efficiency ensuring our Environment is secured. The team’s mission is to manage the SIEM tool, ensure all new core infrastructure components are added to the SIEM for incident management and monitoring, reacting to potential threats in JOHN COCKERILL Environment, analyse the severity and scope of the issue and work with the Cybersecurity Incident Management and Response Team to contain, mitigate and remediate the issue. In addition, the team is also responsible for providing the ideas to constantly improve the monitoring and detection capability. Key Responsibilities Responsible for implementing and managing the SIEM tool (Rapid 7) Responsible for L2 activities for Security Incidents as part of SOC Adding all new servers, network equipment, security tools, cloud workloads to the SIEM for incident management and monitoring Triaging, investigating and management of ongoing Security Incidents which come as escalations from L1 team, and oversees the SOC monitoring capabilities and reporting of security related events. Support in the creation of operational documents such as- use cases, play/run books and training materials for incident response, and ensures regular updating of these documents. Support in the creation of various metrics, reporting, review of incident progress to Operations Manager Communicate potential threats, suspicious/anomalous activity, malware, etc., to the Security SOC provider, and be a point of contact for JOHN COCKERILL Cybersecurity issues Continuously improve processes for use across multiple detection sets for more efficient operations Should be responsible for Cybersecurity incident management and own the Incident under resolution Provide remediation advice and assist incident response team in security incident response activities, escalate if required Should be adoptable to work with multi-vendor organization Working across different cultures and organizations Education & Experience Bachelor of Engineering. Overall 5+ Years in System Infrastructure with 3+ Years in Security Operations Soft Skills Background, Skills and Competencies Excellent problem-solving skills Good oral and written communication skills Customer and service oriented Team player, sharing information spontaneously Pragmatic and solution-oriented Organized and rigorous Available and flexible Autonomous, self-taught, responsible. Technical Skills Rapid 7/Arcsight/Splunk/IBM QRadar tool administration, configuration and report writing skills are mandatory (any one tool) Certifications in Cybersecurity like COMPTIA+, CISSP or other specialized security certifications would be added advantage, cybersecurity fundamental concepts Minimum 5 years of relevant experience in managing large Windows server based platforms Very good knowledge of Windows operating systems and working knowledge of Microsoft Active Directory, ADFS, Exchange, IIS, SCCM Knowledge of Powershell scripts for the automation and management of Windows infrastructure Knowledge of Office365 and Azure Knowledge of network switching: TCP/IP, subnetwork calculations, VLAN concepts, firewall, NAT Installation of active devices in data center Good knowledge of MITRE attack Mandatory experience in pen test tools (PenTera, Kali Linux) Should possess in-depth knowledge on Network Security, Endpoint security etc Mandatory experience in working with Microsoft security landscape, e.g. Microsoft defender ATP, Microsoft cloud App security, Office ATP, Azure AD identity protection, Azure Security center, Azure sentinel. Should be having knowledge on ITIL Process Equal Opportunity Employer John Cockerill and all John Cockerill Companies are equal opportunity employers that evaluate qualified applicants without regard to race, color, national origin, religion, ancestry, sex (including pregnancy, childbirth and related medical conditions), age, marital status, disability, veteran status, citizenship status, sexual orientation, gender identity or expression, and other characteristics protected by law. John Cockerill offers you career and development opportunities within its various sectors in a friendly working environment. Do you want to work for an innovative company that will allow you to take up technical challenges on a daily basis? We look forward to receiving your application and to meeting you! Discover our job opportunities in details on www.johncockerill.com Show more Show less

Mizuho Global Services Pvt Ltd (MGS) is a subsidiary company of Mizuho Bank, Ltd, which is one of the largest banks or so called ‘Mega Banks’ of Japan. MGS was established in the year 2020 as part of Mizuho’s long term strategy of creating a captive global processing centre for remotely handling banking and IT related operations of Mizuho Bank’s domestic and overseas offices and Mizuho’s group companies across the globe. At Mizuho we are committed to a culture that is driven by ethical values and supports diversity in all its forms for its talent pool. Direction of MGS’s development is paved by its three key pillars, which are Mutual Respect, Discipline and Transparency, which are set as the baseline of every process and operation carried out at MGS. What’s in it for you? o Immense exposure and learning o Excellent career growth o Company of highly passionate leaders and mentors o Ability to build things from scratch Know more about MGS: https://www.mizuhogroup.com/asia-pacific/mizuho-global-services About the Role: We are seeking a highly skilled and motivated Senior Security Operations Center (SOC) Analyst to join our dynamic team. You will play a critical role in safeguarding our organization's information assets by monitoring, detecting, and responding to security threats. Roles and Responsibilities: · Monitor security events and alerts generated by SIEM tools and other security systems. · Conduct in-depth investigations of security incidents to identify root causes and potential threats. · Respond to security incidents in a timely and effective manner, following established incident response procedures. · Develop and maintain SOC rules, playbooks, and procedures. · Analyze security trends and identify potential vulnerabilities. · Collaborate with other security teams to improve overall security posture. · Stay up-to-date on the latest security threats and trends. Relevant Skills and Experience: · 5-7 years of experience in security operations, incident response, or a related field. · Strong understanding of security concepts, principles, and best practices. · Proficiency in using SIEM tools (e.g., Splunk, QRadar, ArcSight). · Experience in developing and maintaining SOC rules, playbooks, and procedures. · Knowledge of common security threats, vulnerabilities, and attack vectors. · Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). · Experience with scripting languages (e.g., Python, PowerShell). · Experience with cloud security (e.g., AWS, Azure, GCP). Qualifications: · Bachelor's degree in computer science, information technology, or a related field. · Security certifications (e.g., CISSP, CISM, CEH). · Strong problem-solving and analytical skills. · Excellent communication and interpersonal skills. · Ability to work independently and as part of a team. Additional Skills (Preferred): · Experience with threat intelligence platforms. · Experience with digital forensics. · Experience with security incident response frameworks (e.g., NIST, ISO 27001). Note : Only F2F interviews will be conducted if shortlisted. Interested candidates can send resume on mgs.rec@mizuho-cb.com along with the below details. Current CTC Expected CTC Notice period Experience in SOC Available for F2F ? Address: Mizuho Global Services India Pvt. ltd. 8th Floor, Campus 5, RMZ Millenia Business Park II, No.143, Dr. MGR Road, Perungudi Village, Kandanchavadi, Sholinganallur Taluk, Chennai - 600096, Tamil Nadu. Show more Show less

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Preferred technical and professional experience Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures

SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures Preferred technical and professional experience SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis

As Security Services Consultant, you are responsible for managing day to day operations of Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. What will you do * Responsible for implementation partner to see project on track along with providing required reports to management and client Handle the project as well as BAU operations while ensuring high level of systems security compliance Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. Analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 4+ years of experience in IT security with at least 3+ Years in SOC. Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM Working knowledge of industry standard risk, governance and security standard methodologies Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting Competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc. Preferred technical and professional experience One or more security certificationsCEH, Security+, GSEC, GCIH, etc., Ability to multitask and work independently with minimal direction and maximum accountability. Intuitive individual with an ability to manage change and proven time management Proven interpersonal skills while contributing to team effort by accomplishing related results as needed Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Solution Architect Project Role Description : Translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. Must have skills : Solution Architecture Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : Minimum BE BTech from a reputed university Summary :As a Solution Architect, you will translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. To design and deploy cyber security solutions in on-premises and public cloud infrastructure for large scale technology projects such as data lake, digital platform, and other core business and supporting applications Cyber Security Architect Roles & Responsibilities:-SPOC for cyber security design and deployment for any designated projects-Take full accountability of design of cyber security domain including network connectivity to various entities such as on-premises data centers and partner networks -Take ownership of design related issues and challenges and drive for solutions working with various internal teams and third-party solution providers such as OEMs and technology partners-Define and develop high level operating procedures for seamless operations of the project-Support transition of projects from deployment to operations-Anchor design and implementation of cyber security components-Be a SPOC for all cyber security initiatives in existing project and able to navigate through the clients landscape to upsell new initiatives in infrastructure space or able to pave ways for upselling value-driven initiatives for the client in other related domains such as application modernization, network transformation, and information security.-Lead the teams across various security solutions and thrive for upskilling and cross skilling to rationalize the resources across the towers and across the clients.-Introduce innovative solutions such as automation to increase productivity and improve service delivery quality -Participate in architecture and design review and approval forums to ensure the design principles are adhered to for any changes in the existing landscape or any new initiatives being rolled out in the existing landscape-Participate in client account planning and discussions to ensure security level initiatives are accounted for and issues are escalated to the right leaders for resolution-Build strong relationships with all client stakeholders and Accenture project teams for effective collaboration and outcomes Professional & Technical Skills: -Must have:-Hands-on Architecture and Design skills for SIEM, SOAR, UEBA, and cyber security-operations in on-premises data centers and public cloud-Strong experience working in Splunk, Palo Alto, and other leading OEMs in security domain-Strong Communication skills-Ability to drive discussions and ideas with clients senior leadership forums-Problem solving skills-Good to have-TOGAF or any equivalent certification in enterprise Security Architecture Additional Information:-Total IT experience of minimum 15 years; and-Minimum 4 years of experience in design and deployment of cyber security solutions in public cloud infrastructure (anyone from AWS, Azure, GCP, and OCI)-Minimum 10 years of experience in design and deployment of cyber security in on-premises infrastructure (SIEM, SOAR, UEBA, and cyber security operations)- This position is based at our Mumbai office.- A Minimum BE BTech from a reputed university is required. Qualification Minimum BE BTech from a reputed university

Person should be responsible for administration & management of three or more technologies listed Firewall, F5 WAF, F5 SSLO, Ant-DDoS, Packet Broker, Anti-Apt, IPS, etc. Managing complete administration including but not limited of creation, modification of rules and configuration, system upgrades. Handling escalated calls and providing SME support on above technologies. On-boarding of new applications in F5 SSLO, F5 WAF, Packet Broker and handle critical issues for the same. Single point of contact for above mentioned technologies. Incident management & timely escalation of incident. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Overall 4+ years of experience in the field of network security Person should be able to manage the team. Person should have good understanding on SIEM IR & should be able to guide the team. Require advance level of network security devices troubleshooting knowledge, tcpdump, log analysis etc. B. E. / B.Tech in Computer Science or Electronics & Telecommunications Preferred technical and professional experience Person should have good understanding on SIEM IR & should be able to guide the team. Require advance level of network security devices troubleshooting knowledge, tcpdump, log analysis etc.

TCS is conducting in-person interview drive for Hyderabad & Chennai location NOTE: Candidate interested in WALK-IN DRIVE in Hyderabad & Chennai must apply TCS is hosting an In-Person Interview Drive on Saturday, 21st June , we’d like to invite you to join us! This is a great opportunity to explore exciting career opportunities with us and meet our hiring team face-to-face. Role **: SOC Analyst / Consultant Desired Skill Set: Cyber security, SIEM, A ntivirus, Vulnerability management, Web Proxy, Security Patch management. Experience Range: 4-10yrs & 10+yrs Joining Location: PAN India Venue : Hyderabad : TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai : TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description: Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Oversight of facilitates for other offices in the UK and provide support and guidance where required. Ability to translate event analysis findings into new monitoring proposals. Remain flexible with 24/7 shift and task assignments. Show more Show less

L3 Security Incident Analyst Position Overview The L3 Security Incident Analyst is responsible for handling complex security incidents and leading incident response efforts. This role involves advanced threat analysis and strategy development to improve the organization’s security posture. Key Responsibilities - Lead investigations of complex security incidents and advanced persistent threats. - Develop and implement advanced threat detection and response strategies. - Collaborate with cross-functional teams to address vulnerabilities and improve security measures. - Perform forensics and malware analysis to understand and counter threats. - Develop and refine incident response plans and playbooks. - Provide expert guidance and training to L1 and L2 analysts. - Stay updated on emerging threats and technologies to enhance security defenses. Skill Required: Education: Bachelor’s degree in computer science, Information Security, or related field (or equivalent work experience). Certifications: Intermediate to advanced certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or equivalent preferred. Experience: years of experience in a security operations center (SOC) or incident response role. Technical Skills: Strong expertise in analyzing security events and incident response processes. Extensive experience in cybersecurity and incident response. Proficiency in using SIEM platforms and security monitoring tools. Proficiency in advanced security tools and technologies (firewalls, IDS/IPS, antivirus, CASB, EDR. SIEM, SOAR, TI etc.). Strong understanding of network protocols, operating systems, and common attack vectors. Understanding of enterprise IT Systems, applications and databases, cloud infrastructure and security principles, solutions, and technologies Expertise in threat analysis, forensics, and malware analysis, reverse engineering, and vulnerability assessment. E- Good written & verbal communication & presentation skills Strong leadership and communication skills. Regards Kirti Rustagi kirti.rustagi@raspl.com Show more Show less

Job Summary As a Cyber Security Specialist you will play a crucial role in safeguarding our organizations digital assets. With a focus on LDAP Ping Directory and a hybrid work model you will ensure the integrity and confidentiality of sensitive information. Your expertise will contribute to maintaining a secure environment supporting our mission to protect data and enhance trust in our services. Responsibilities Develop and implement security measures to protect the organizations digital infrastructure. Monitor and analyze security alerts to identify potential threats and vulnerabilities. Collaborate with IT teams to integrate security protocols into existing systems. Conduct regular security audits and assessments to ensure compliance with industry standards. Provide guidance and support to staff on security best practices and protocols. Investigate security breaches and incidents to determine root causes and implement corrective actions. Maintain and update security policies and procedures to reflect current threats and technologies. Utilize LDAP expertise to manage and secure directory services effectively. Work closely with stakeholders to address security concerns and implement solutions. Ensure the confidentiality integrity and availability of sensitive information. Stay informed about the latest cybersecurity trends and technologies to enhance security measures. Contribute to the development of security awareness programs for employees. Support the organizations mission by ensuring a secure and trustworthy digital environment. Qualifications Possess strong experience in LDAP and its application in cybersecurity. Have a solid understanding of cybersecurity principles and practices. Demonstrate proficiency in conducting security audits and assessments. Exhibit excellent problem-solving skills to address security challenges. Show ability to work collaboratively with cross-functional teams. Display knowledge of industry standards and compliance requirements. Have experience in developing and implementing security policies. Be familiar with security incident response and investigation techniques. Possess strong communication skills to convey security concepts effectively. Have a proactive approach to identifying and mitigating security risks. Show commitment to continuous learning and staying updated on cybersecurity trends. Demonstrate ability to manage and secure directory services using LDAP.

TCS has been a great pioneer in feeding the fire of Young Techies like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role**: SOC/SIEM Admin Experience Range: 5+ years We are currently planning to do a Walk-In Interview at below locations : Date – 21st June 2025 (Saturday) Hyderabad - TCS Synergy Park Phase1, Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Chennai - TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Job Description Role & Responsibilities: Monitor multiple security technologies such as SIEM, Antivirus, Vulnerability management, Web Proxy, Security Patch management. Tune/Create SIEM correlation rules. Perform in-depth incident and event analysis. Respond and handle the security incidents. Agree and align on reporting and monitoring requirements with business stakeholders. Conduct research on emerging security threats. Modify Standard Operating Procedures (SOPs) and training documentation. Coach junior team members. Good Knowledge on SIEM tools like QROC, Arcsight, SPLUNK or Sentinel. Knowledge and experience with PCs, LAN topologies, routers, hubs, and terminal servers Knowledge of security applications such as IDS, Security Event Management and anomaly detection tools. Knowledge of VPN technology. Knowledge of investigation tools like FTK imager, memory dump, threat analysis tools. Ability to read and interpret network diagrams. Show more Show less

Saint-Gobain group through its group company Grindwell Norton Limited has established INDEC - an International Delivery Center in Mumbai to provide IT solutions and services to the groups’ businesses Globally. INDEC is currently organized into INDEC Application Development, INDEC Infrastructure Management and Cyber Security Management. While INDEC Apps specializes in Software application development and maintenance services (ADM), INDEC Infra specializes in monitoring and managing the key IT infrastructure assets of the group deployed globally across 70 countries worldwide. INDEC provides IT Services and Solutions to the Saint-Gobain group through its state-of-the-art delivery centers based at Andheri – East in Mumbai. There are approximately 1200+ associates working in INDEC currently. INDEC Apps provides software application development and maintenance services across a wide spectrum covering SAP, Java, PHP, .Net, CRM, Mobility, Digital, Artificial Intelligence (AI), and Robotic Automation. INDEC Infra on the other hand operates the following service lines: Network Coordination Center (NCC/NOC), Data Center Infrastructure Support, IT Standards, Tools Engineering and Reporting Automation. INDEC Cybersecurity provides 24/7 Security monitoring to detect & react on any suspicious activity in Saint- Gobain. It provides services on vulnerability scanning, web application firewall, endpoint protection, strong authentication, digital certificate, Win 10 MBAM and SFTS support . Key Responsibiitie s:• Evaluate and enhance the performance of SIEM/SOAR systems to ensure optimal threat detection and incident respons e.• Develop and maintain automation scripts and playbooks to streamline incident detection, analysis, and response processes. Leverage SOAR capabilities to reduce manual intervention and improve response time s.• Oversee the day-to-day administration of SIEM/SOAR platforms, ensuring their availability, reliability, and security. Perform regular updates, patches, and configuration change s.• Collaborate with the Incident Response team to ensure seamless integration of detection and response functions. Provide support during security incidents to ensure timely and effective remediatio n.• Work closely with other IT and security teams to develop specific use cases and to enhance the overall security posture of the organization. Share insights and recommendations to improve overall cybersecurity postur e.• Maintain detailed documentation of automation, scripts, and improvemen t.• Manage execution of standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/SOAR platform s.• Manage technical documentation around the content deployed to the SIEM/SOA R.• Manage reports, dashboards, metrics for CyberSOC KPIs and presentation to senior management & other stakeholde rs Qualificat on:• Bachelor's degree in Computer Science, Information Security, EXTC or related fie ld.• Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirab le.• Proven experience (3+ years) working within the Cybersecurity field, with a focus on security platform implementation & administrati on.• Experience with deploying and managing a large SIEM/SOAR environme nt.• Experience with Palo Alto XDR and/or other SIEM platforms like Sentinel, Qradar, Splunk, ArcSight, e tc.• Experience with Palo Alto XSOAR and/or equivalent SOAR Platforms like Resilient, Phantom, e tc.• Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is highly desirab le. Functional Skills/Competenc ies:• Has a systematic, disciplined, and analytical approach to problem solv ing.• Excellent ability to think critically under press ure.• Strong communication skills to convey technical concepts clearly to both technical and non- technical stakehold ers.• Willingness to stay updated with evolving cyber threats, technologies, and industry tre nds.• Capacity to work collaboratively with cross-functional teams, developers, and management to implement robust security measu res. SELECTION PRO CESS:Interested Candidates are mandatorily required to apply through this listing on Jigya. Only applications received through Jigya will be evaluated fur ther.Shortlisted candidates may be required to appear in an Online Assessment administered by Jigya on behalf of Saint-Gobain INDECCandidates selected after the screening test will be interviewed by Saint-Gobain INDEC Show more Show less