285 Arcsight Jobs - Page 9

OT Cybersecurity Engineer for Digital Industries Customer Services, India About Siemens Accelerating transformation for industries For us, it all starts and ends with our customers. Maximizing value for them is what drives us! Combining the real world of automation with the digital world of information technology opens up completely new possibilities for our customers in all industries, empowering them to make better decisions and enable them to accelerate their transformation to become a Digital Enterprise. With our unique portfolio, we can make a decisive contribution to sustainable industrial innovation transforming the everyday and creating a better tomorrow for societies and people around the world. Cybersecurity for Industry We give Cybersecurity for Industry the highest priority in successful digitalization, so we place it at the center of our development of innovative products, solutions, and services. We rely on the multilayer Defense in Depth concept strengthened by Zero Trust principles. This ensures reliable and always up-to-date protection on all levels, thanks to three pillars plant security, network security, and system integrity including Industrial Cybersecurity Services. At Digital Industries we create and implement digital manufacturing concepts for our vertical customer based on the Digital Enterprise software suite, TIA, MindSphere, Industrial Edge and Industrial cybersecurity offerings from Digital Industries. Are you passionate about safeguarding critical infrastructure and ensuring the security of industrial control systems? Join our team as a Cybersecurity Engineer and play a pivotal role in protecting our ICS and SIS systems, networks, and information. About The Role Key Responsibilities: Security MeasuresEngineer, implement, and monitor robust security measures to protect ICS and SIS systems, related networks, and sensitive information. System Security RequirementsIdentify and define system security requirements to ensure comprehensive protection. Security ArchitectureDesign and develop detailed cybersecurity architectures and designs, adhering to industry-standard blueprints and best practices. Implementing Backup Solutions and ManagementImplement and manage system backup technologies like Acronis, Veritas, Veeam and other providers, overseeing installation and deployment. Threat Detection and Vulnerability monitoringImplement solution like Claroty or Nozomi at ICS for the customers. Installing remediation to risk score for the customer. Endpoint SecurityDeploy and manage endpoint security and application control solutions from providers like McAfee, as well as SIEM solutions such as McAfee, Splunk, and Q-radar etc. Network SecurityImplement and manage network-based firewalls (e.g., Siemens, Fortinet, Palo Alto, CISCO), network troubleshooting, and intrusion detection products. Network ManagementInstall and manage network management solutions like SiNEC NMS, SolarWinds, WhatsUp Gold etc. Firmware UpdatesConduct firmware updates for various automation control systems, switches, and firewalls. Domain Controller ConfigurationConfigure and deploy domain controller settings and policies to defined computer groups as per approved list for ICS. Host-Based SecurityImplement host-based security technologies, including antivirus, data leakage prevention, host IPS, whitelisting, and anomaly detection. Installation and TestingPerform installation, configuration, and testing activities at both factory and customer sites, with experience in Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT). DocumentationPrepare comprehensive system documentation, including functional design specifications, backup systems documentation, firewall configurations, network diagrams, system architectures, asset inventory, FAT and SAT procedures, and operation & maintenance manuals. Experience 5 to 6 years of experience in working for OT Security systems design, implementation and consulting with at least some experience in industrial automation systems design. Proven experience in cybersecurity, particularly in ICS. Strong understanding of cybersecurity principles and best practices. Proficiency in managing backup technologies, endpoint security, SIEM solutions, and network-based firewalls. Hands-on experience with network management solutions and firmware updates. Ability to configure domain controllers and implement host-based security technologies. Excellent documentation skills and experience with FAT and SAT procedures. Education o Bachelor"™s degree in engineering (Electrical Engineering, Computer Engineering, or related field). A degree in Cybersecurity is preferred. o Valid certification in OT security (e.g., CISSP, GICSP, OSCP) would be additional advantage. Business Travel You will be in the delivery and implementation team and hence should be willing to travel and experience various manufacturing sites across India

Introduction Siemens Healthineers develops MedTech products that support better patient outcomes with greater efficiencies, giving providers confidence that they need to meet the clinical, operational, and financial challenges of a changing healthcare landscape. With 70,000+ employees Siemens Healthineers is one of the world"™s largest suppliers of technology to the healthcare industry. As a global leader in medical imaging, laboratory diagnostics, and healthcare information technology, we have a keen understanding of the entire patient care continuum"”from prevention and early detection to diagnosis and treatment. Brief Description: An Information Security Management system is maintained to address the complex challenges and threats in the rapidly evolving digital landscape and fulfill the organization"™s purpose and values. As an Information Security Professional, you will play an essential role in implementing and maintaining our Information Security requirements in accordance with ISO27001 and other relevant regulatory standards. You will gain expertise in driving implementation of various Information security topics in a cross-collaborative environment. What are my key Responsibilities? Assist the implementation and continuous improvement of the ISO27001 Information Security Management System (ISMS). Conduct regular risk assessments and internal audits to ensure compliance with ISO27001 standards. Ensure adherence to all relevant regulatory requirements as directed by the Global Cybersecurity Governance Organization and country specific cybersecurity requirements. Assist to Develop and maintain policies, procedures, and process documentation to meet the Information Security requirements. Work closely with various departments to collect and analyze operational security measures and help integrate measures into all aspects of operations without the need for follow-ups or reminders. Assist project teams for information security inquiries and incident response. Monitor and respond to security incidents and breaches, ensuring timely resolution and documentation of incidents. Assist with Planning, coordinating, conducting and preparing detailed audit reports for internal and external audits to assess the effectiveness of the information security program. Follow up on audit recommendations to ensure timely implementation of corrective actions. Maintain a comprehensive audit trail for all information security activities and initiatives. What do I need to qualify for this job? Bachelor"™s degree in engineering, Information Security, Computer Science, or a related field with 4-6 years of working experience. Minimum of 2-3 years of hands-on experience in information security, with a focus on implementing ISO27001. Strong understanding of ISO 27001 requirements, information security principles, risk management, IT infrastructure set up and regulatory requirements. Good understanding of ISO 27701 PIMS standards. Proven ability to work independently and collaboratively with cross-functional teams. Excellent communication, presentation and interpersonal skills. Self-directed with an ability to take ownership and accountability of assigned tasks. Familiarity with Software development best practices for ensuring security. Previous experience with Software quality assurance responsibilities will be preferred. Highly Recommended to have completed Lead Implementor certification in ISO 27001 standard . What else do I need to know? Siemens Healthineers is dedicated to equality and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens Healthineers are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow. We are looking forward to receiving your online application. Please ensure you complete all areas of the application form to the best of your ability as we will use the data to review your suitability for the role.

Managed Services SOC Manager Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

SOC T1 Analyst What you will do Let’s do this. Let’s change the world. In this vital role you will responsible for the initial response to security events and incidents within a 24/7 Cybersecurity Operations Center (CSOC). This role involves following established procedures to investigate security events, providing feedback to improve processes, and assisting in the incident response lifecycle. Additionally, the associate will participate in knowledge-sharing sessions and correlate security alerts across platforms. Roles & Responsibilities: Follow established procedures to triage, investigate and respond to security events and incidents. Provide feedback to senior analysts to improve, review, and optimize existing procedures and documentation. Correlate security alerts from various platforms based on common elements. Participate in and lead CSOC Tier 1 knowledge-sharing and learning sessions. Assist incident responders in coordinating the response, containment, eradication, recovery, and lessons learned phases of the incident response lifecycle. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelor’s degree with 1 to 3 yeras of experience in Security Operations or related field OR Diploma with 4 to 7 year of experience in Security Operations or related field Solid understanding of security technologies and their core functionality Experience in analyzing cybersecurity threats with up-to-date knowledge of attack vectors and the cyber threat landscape. Ability to prioritize tasks effectively and solve problems efficiently in a diverse, global team environment. Good knowledge of Windows and/or Linux systems. Preferred Qualifications: Familiarity with CSOC operations and incident response procedures. Experience with security alert correlation across different platforms. Professional Certifications: CompTIA Security+ (preferred) CEH (preferred) GSEC (preferred) MTA Security Fundamentals (preferred) Soft Skills: Strong communication and collaboration skills, especially when working with global teams. Ability to prioritize and manage tasks in high-pressure situations. Critical thinking and problem-solving abilities in cybersecurity contexts. A commitment to continuous learning and knowledge sharing. Work Hours: This position requires you to work a later shift and may be assigned a second or third shift schedule. Candidates must be willing and able to work during evening or night shifts, as required. Potential Shifts (subject to change based on business requirements)Second Shift2:00pm – 10:00pm IST; Third Shift10:00 pm – 7:00 am IST. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk Management Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accenture's overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation – BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole Description: Support SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information: The candidate should have a minimum of 5 years of experience in Splunk This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

locationsIndia, Bangalore time typeFull time posted onPosted 30+ Days Ago job requisition idJR0034151 Job Title: Security Researcher - EDR About Trellix: Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are looking for a skilled EDR Security Researcher. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities by identifying detection coverage gaps and developing signatures to address these gaps effectively. About the role Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols. Author detection rules for behavior-based detection engines. Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience. Write generic threat detections based on static and dynamic detection engines. Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework. Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset. Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives). Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection. Develop alerting, reporting, and automated detection solutions. Build tools and automation to improve productivity. About you 3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines. 2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools. 2+ years of experience querying and analyzing (for malware/TTPs) large datasets. Experience in programming or scripting languages (e.g., Python, PowerShell). Experience in utilizing various malware analysis tools and frameworks (e.g., IDA Pro). Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS. Excellent verbal and written communication skills in English. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

We are looking for the candidates from Delhi/NCR for the position of IT Security Engineer for US client in Gurgaon location Candidates from West and South location need not to apply Job description Job Title: SOC Analyst Tier 2 Looking for Immediate Joiners or who can Join within 15-20 Days. Location: Gurgaon Shift : Rotational Shift / US Shift Budget: As per market standards + Shift Allowances Contract Tenure: 2 years contract on the payroll of Mynd solution. Share your CV at "Pratibha@myndsol.com" Please share your CV With the Subject line as SOC Analyst Work Experience 2 to 5 years of experience in Security Operations, SOC or Cybersecurity and Graduate in IT/CS from recognized University Key Skills - Candidate should be ready for rotational shift -.Candidate must have Excellent communication Skill - Candidate must have the knowledge of penetration testing, Knowledge of TCP/IP protocols, network applications. Good knowledge of security tools and monitoring devices - CCNA would be preferred - Equivalent Certifications (Network+, Security+, CySA+, GSEC, GMON) Job Requirement Keysight is looking for a Cybersecurity Analyst to join its growing organization and be part of its in-house Security Operations Centre (SOC). This is a position requiring a good technical background in Information Security practice, good knowledge of IT Security threats and solid communication and organizational skills. The successful candidate is very motivated and willing to take on challenges, able to multi-task to succeed and has the ability work with the team to tackle incoming alerts. The Information Risk & Security team sets strategic direction for security within the organization and aligns with stakeholders throughout the company. JOB DESCRIPTION Handling, and escalation of, alerts which require technical triage and analysis. This may include web attacks, malware infections, and phishing campaigns, which have been identified by the Information Risk & Security teams technology stack. Functional Responsibilities Experience Monitoring SIEM solutions and a variety of other security devices found in a SOC environment (e.g. Behavioral Analytics tools, IDS/IPS, log management tools, and security analytics platforms. Creating and maintaining documentation for security event processing. Acknowledge and handle the incoming security alerts. Use the internal ticketing system and dashboards to update the tickets/alerts accordingly and escalating them to the appropriate teams if necessary. Assist the Incident Response team on alerts escalated to them by the SOC team. Develop/Update and follow Standard Operating Procedures (SOPs) and Playbooks to handle standard and out-of-band alerts. Report to the Incident Response Team quickly and efficiently regarding urgent matters. Ensure ticket queues are always within satisfactory limits and all tickets are updated. Provide On-Call Support for emergency or high severity issues. Liaise with partner teams and end-users for security related tickets and activities. Excellent analytical and problem-solving skills required. Experience working with SIEMs and evaluating SIEM alerts. Experience leveraging core security and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS) Key Competencies Ability to think with a security mindset. The successful candidate has a good IT background with good level knowledge of multiple relevant security practice areas (anti-malware solutions, patch and vulnerability management, network security; monitoring; endpoint, etc.) • Knowledge of TCP/IP Protocols, network analysis, and network/security applications. • Good knowledge of various security tools and monitoring devices; e.g. able to read and understand IDS/IPS/Firewall/Proxy logs and determine the current state of play. Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise. Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives. Experience in large, geographically diverse enterprise networks. Ability to build lasting relationships with partner teams and stakeholders. Documentation; experience in writing reports and documenting tickets efficiently and accurately. Visit : http://www.keysight.com/ Feel free to reach me for any clarifications

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Technical Services Implementation Engineer (L2) is a developing subject matter expert, responsible for ensuring that client solution requirements are resolved in line with Service Level Agreements (SLA). This role performs configurations, action installations and attend to break/fix events. What You'll Be Doing Key Responsibilities: B.E. /B. Tech in Computer Science/ Electronics /ECE / EE / ECS / IT Engineering/MCA/BCAAt least one SIEM solution certifications with one or more SIEM/ Security solutions (i.e., RSA NetWitness, Splunk ES, Elastic ELK, HP ArcSight, IBM QRadar Log Rhythm). At least one L3 level security certifications viz. CCIE/CISSP/CISA/CCNP etc. Minimum 7 years of experience in handling security related products& services in an organization and out of total experience, 5 years of minimum experience should be as an L2 in SOC management. Person should have adequate knowledge of Check point firewall and IPS and Cisco firewall and IPS, McAfee IPS, Web Application Firewall, DDOS and other security devicesAdministration of SIEM environment (eg: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration management, change management, report management, manage backup and recovery etc)Construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables)Integration of customized threat intelligence content feeds provided by the Threat Intelligence & Analytics serviceIdentifies possible sensor improvements to prevent incidentsCollects/updates threat intelligence feeds from various sourcesCreates situational awareness briefingsCo-ordinates with the different departments for incident analysis, containment and remediationLiaise with Security monitoring team to discover repeatable process that lead to new content developmentProvides engineering analysis and architectural design of technical solutionsDevice integration, Creation of Co relation rules and Parser developmentSound analytical and troubleshooting skillsGood Team Management and co-ordination skills Academic Qualifications and Certifications: Bachelor's degree or equivalent in Computer Science / Information Technology Degree or equivalent together with specialized training in new technologies and legacy systems or equivalent. Required Experience: Moderate level of experience in a technical implementation engineering or similar role. Demonstrated experience engaging with clients and conducting presentations. Demonstrated project administration and documentation experience. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Job Title: SOC Manager Location: Mumbai Experience: 5+ for L2 role, 8+ SOC Manager role Industry: Cybersecurity / Managed Security Service Provider (MSSP) Job Summary We are seeking a highly skilled and experienced SOC Manager to lead our Security Operations Center. The ideal candidate must have hands-on experience working in or managing operations for a Managed Security Services Provider (MSSP). You will be responsible for overseeing day-to-day SOC operations, leading a team of analysts, and ensuring proactive monitoring, detection, and response to security threats across client environments. Key Responsibilities Lead and manage 24x7 SOC operations, including Tier 1, Tier 2, and Tier 3 analysts. Develop and implement SOC processes, playbooks, and incident response procedures. Oversee threat intelligence, detection engineering, and use case development. Ensure SLAs and KPIs are met across all MSSP service deliveries. Collaborate with client stakeholders to communicate threat landscape, incidents, and security posture. Act as an escalation point during critical incidents and ensure proper incident lifecycle management. Evaluate and optimize SIEM, SOAR, and threat detection platforms. Conduct regular risk assessments, gap analysis, and SOC maturity evaluations. Mentor and upskill SOC team members to maintain high performance. Required Skills & Qualifications Bachelor’s degree in Computer Science, Information Security, or related field. Mandatory experience in an MSSP environment handling multiple client environments. Strong understanding of security operations, SIEM, SOAR, IDS/IPS, endpoint protection, firewalls, and threat intel platforms. Proficient in incident detection, analysis, containment, eradication, and recovery. Hands-on experience with tools like Splunk, QRadar, ArcSight, IBM Resilient, CrowdStrike, etc. In-depth knowledge of MITRE ATT&CK, NIST, ISO 27001, and other security frameworks. Excellent leadership, communication, and stakeholder management skills. Relevant certifications preferred: CISSP, CISM, CEH, GCIA, GCIH, or SOC-related certifications. Nice to Have Experience in managing global SOCs or distributed teams. Exposure to compliance requirements such as GDPR, PCI-DSS, HIPAA, etc. Knowledge of scripting (Python, Bash) or automation tools to improve SOC efficiency. Skills: firewalls,stakeholder management,mssp operations,endpoint protection,threat intelligence,soc leadership,soc,platforms,communication,management,soar,ids/ips,splunk,cybersecurity,leadership,iso 27001,ibm resilient,mitre att&ck,operations,nist,bash,crowdstrike,python,incident detection,security,skills,arcsight,security operations,qradar,siem

Network Security Engineer Summary Apply Now Hyderabad Full-Time 3-6 Years Industry IT/Security Responsibilities Design and deploy secure network architectures. Monitor and respond to security incidents and threats. Implement firewalls, IDS/IPS systems, and VPNs. Perform regular security audits and vulnerability assessmen About The Role Design and implement network security solutions to protect organizational assets. The role focuses on securing network infrastructure, monitoring security threats, and ensuring compliance with security standards. Qualifications Design and deploy secure network architectures. Monitor and respond to security incidents and threats. Implement firewalls, IDS/IPS systems, and VPNs. Perform regular security audits and vulnerability assessmen Skills Expertise in network security tools and protocols. Experience with SIEM platforms like Splunk or ArcSight. Strong knowledge of network architecture and protocols (TCP/IP, DNS). Ability to perform penetration testing and threat analysis.

Cybersecurity Specialist Summary Apply Now vijayawada Full-Time 5+ Years Industry IT/Security Responsibilities Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. About The Role Develop and manage security measures for networks, systems, and applications. The role includes conducting regular security audits and responding to security incidents. Qualifications Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. Skills Expertise in network security, firewalls, and intrusion detection systems. Proficiency in SIEM tools like Splunk or QRadar. Strong knowledge of compliance standards (ISO, NIST). Experience with vulnerability assessment and penetration testing.

About The Role : Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience Requirements 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Note : Preferable Immediate Joiner Security Analyst - L2 Responsibility: Coordinate with associate L1 Analysts Handle all the escalation of associate L1 Serve as shift leader and point of escalation for level 1 analysts Provide operational and technical support to the customer Oversee completion of day-to-day checklist(s), including: log review, management report scheduling, alert analysis, and escalation follow up activity status Provide knowledge to L1 to maintain and improve the Operation Ensure all unresolvable cases are passed to the correct team for action as appropriate Support implementation of SOC processes and perform periodic check for compliance Handle configuration and change management of SIEM / Logger. Duties: Ensure high level of quality when managing tickets, requests and Customer queries Capture requirements of Customer and prepare SIEM Rules, Reports and Dashboards Prepare reports & distribute in readiness for Customer tuning calls Arrange & manage client calls. Take actions accordingly. Create scheduled Customer reporting, from existing reports, whenever appropriate. Checklist Task for L2 Analyst : Handle all the escalation request of associate L1 Verify incident reported by associate L1 analyst Verify Reports made by associate L1 analyst

Req ID: 313359 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a AD - Systems Engineering Specialist to join our team in Noida, Uttar Pradesh (IN-UP), India (IN). Role Responsibilities Incidents response of Active Directory, Azure AD, and OS/server tickets Group policy administration and implementation Reporting and review of all connectivity, synchronization, replication within Active Directory DNS health and performance Sites and services - Missing or incorrectly assigned subnets NTP Reporting, configuration and accuracy Monitoring/reporting/reviewing all metrics and changes around netlogon, NTDS Database partitions, DNS settings, SRV records, Trust relationships Review of domain controllers, application, and security events to find any issues or trends Work with security teams to respond to emergency or critical vulnerabilities, patching or changes as required Response to NON-AD or believed to be AD related issues such as 3rd party application authentication issues, windows/RDP login issues, LDAP query issues, Kerberos errors, NTP errors. Windows Server OS maintenance, Patching, Upgrades, Hardware tickets, troubleshooting On-call rotation Required to have flexibility in schedules - First, Second, Third shifts available Required Qualifications 5+ years of relevant experience Strong knowledge of Active Directory, Window Server OS, Network, Firewall Basic understanding of Azure AD, Azure SSO, Azure MFA Strong knowledge of Group Policy VMware Basic understanding Strong troubleshooting skills Basic PowerShell Commands/scripting Preferences Ideally certifications from one of the followingSecurity+, Microsoft, AWS Strong Azure AD, Azure SSO, Azure MFA skills Advanced PowerShell scripting Undergraduate degree Strong understanding of networking technologies Advanced knowledge of network security that pertains to communications, computer system environments and related infrastructures About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies.Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us atus.nttdata.com NTT DATA endeavors to make https://us.nttdata.comaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here. Job Segment System Administrator, Consulting, Database, Technology

Managed Services SOC Manager Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

For Soc L3-Position: 7Yrs+ hands on Exp. Ready to work for Rotational shifts.(24*7), Team management & Shift roaster Location: Pune Roles and Responsibilities Key Skills: 1.SIEM tool exp-preferably Arc sight. 2. Log Analysis 3.Incident Response 4.DLP experience 5.Investigation Knowledge 6.Rules creation 7.Alert management. 8.Use case Creation 9.Team management 10.Shift Roaster 11.Monthly reports Key Responsibilities To handle the daily monitoring of information security events. To function as an intrusion analyst by examining security events for context, appropriateness and criticality To act as an information security researcher to provide insight and understanding of new and existing information security threats Key Operational Activities Daily checklists and tasks Log analysis and review Vulnerability management activities Alert analysis Investigation of suspicious security event activity Maintain and enforce adherence to corporate standards, policies and procedures Please share your profile to anwar.shaik@locuz.com

Cyber and 3rd party risk manager About Amgen Amgen harnesses the best of biology and technology to fight the world’s toughest diseases, and make people’s lives easier, fuller and longer. We discover, develop, manufacture and deliver innovative medicines to help millions of patients. Amgen helped establish the biotechnology industry more than 40 years ago and remains on the cutting-edge of innovation, using technology and human genetic data to push beyond what’s known today. What you will do Role Description This is a lead role to support the risk management product team in identifying, analyzing, and mitigating IT-related risks to the organization. This role will involve working closely with various departments to ensure that risk controls are in place, policies are adhered to, and security standards are met. The IT Risk Analyst will assist in developing and maintaining risk management frameworks, performing assessments, and supporting regulatory compliance efforts. Roles & Responsibilities Risk Management Leadership Support the global risk management and third-party organization in leading a team of risk analysts performing tasks related to the global risk assessment processes. Risk Identification and Assessment: Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies. Assist in the identification and evaluation of risks associated with third-party vendors and partners. Maintain the IT risk register, documenting risks, issues, and remediation actions. Risk Mitigation and Monitoring: Recommend risk mitigation strategies and implement risk management controls across IT infrastructure. Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks and vulnerabilities. Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST). Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices. Support the development and implementation of IT governance, risk, and compliance frameworks. Vendor Risk Management: Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications and Experience Education: Bachelor’s degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable. Experience 4-6 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools and frameworks (e.g., ISO 27001, NIST, COBIT). Skills and Competencies: Strong understanding of IT infrastructure, systems, and security best practices. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex risk concepts to non-technical stakeholders. Ability to assess and interpret security-related clauses in third-party contracts, such as Security Requirements Schedules (SRS) Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). Technical Knowledge: Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills Collaboration with global teams What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and mitigating potential risks. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Implement security measures to protect systems and data Conduct security assessments and audits Develop and implement security policies and procedures Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Strong understanding of identity and access management Experience with security tools and technologies Knowledge of security frameworks and standards Hands-on experience in incident response and threat detection Additional Information: The candidate should have a minimum of 7.5 years of experience in SailPoint IdentityIQ This position is based at our Bengaluru office A 15 years full-time education is required Qualification 15 years full time education

Required Skills Technology | Sentinel SIEM Tool Expert | Level 3 Support Technology | Securonix SIEM Tools Expert | Level 3 Support Technology | ArcSight SIEM Tools Administrator | Level 2 Support Technology | Cybersecurity General Administrator | Level 2 Support Technology | Network Traffic Analysis Administrator | Level 2 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | CompTIA Security+/Certified SOC Analyst (CSA)/GIAC Security Essentials (GSEC)/Certified Ethical Hacker (CEH)/Cisco Certified CyberOps Associate/GIAC Certified Incident Handler (GCIH)/GIAC Security Operations Certified (GSOC) Delivery Skills required are: - Technical Expertise: - Expert knowledge of threat detection techniques and tools. Leading incident response efforts, including advanced techniques for containment, eradication, and recovery. Conducting in-depth digital forensics investigations. Expertise in configuring and optimizing SIEM (Security Information and Event Management) systems. Analytical Skills: - Deep understanding of log analysis techniques and tools. Identifying patterns and anomalies in large datasets. Integrating threat intelligence into monitoring and response processes. Staying updated on the latest threat intelligence and applying it to enhance security. Collaboration and Coordination: - Working closely with other IT and security teams to ensure comprehensive security coverage. Leading the coordination of response efforts during major incidents. Ensuring effective communication and collaboration among all stakeholders. Coordinating with external partners and vendors for specialized support. Continuous Improvement: - Continuously evaluating and improving security processes and procedures. Implementing lessons learned from incidents to enhance the overall security posture. Contributing to the development and updating of security policies and procedures.

Role & responsibilities SOC Operations: Monitor and analyze security events across networks, systems, and endpoints. Investigate, escalate, and respond to security incidents in a timely manner. Collaborate with the SOC team to enhance incident response procedures. Microsoft Security Solutions: Manage and maintain Microsoft Defender suite of tools, Azure Sentinel, and Microsoft Services. Implement Microsoft security configurations and policies to protect digital environments. Conduct threat hunting and data analysis using Microsoft Sentinel, KQL, and other Microsoft tools. Ensure compliance with security standards and best practices within Microsoft environments. Threat Detection and Incident Response: Conduct root cause analysis for security incidents and create actionable remediation plans. Support threat intelligence and vulnerability management programs to proactively reduce risk. Automate response and remediation workflows using Microsofts security automation tools. Security Engineering and Improvements: Develop and fine-tune security alerts and rules to improve threat detection. Collaborate with cross-functional teams to assess and improve security architecture. Assist in the design and implementation of secure cloud and hybrid environments with a focus on Microsoft platforms. Documentation and Reporting: Maintain up-to-date documentation of security procedures and incident reports. Generate reports on security incidents, SOC performance, and security posture improvements. Provide recommendations to improve security operations and incident response Preferred candidate profile 7+ years of professional experience in Security Operations Centre (SOC) or 5+ years of experience cybersecurity engineering role Strong hands-on experience with Microsoft security products, including: Microsoft Defender for Endpoint, Azure Sentinel, and Microsoft 365 Defender. Knowledge of Kusto Query Language (KQL) for threat hunting and data analysis. Familiarity with Microsoft security compliance frameworks and configurations. Act as an escalation point for high and critical severity security incidents and conduct thorough investigations to determine potential impact and understand extend of compromise. Practical knowledge of SIEM platforms, preferably Azure Sentinel, and incident response processes. Hunt for Indicators of Compromise (IOCs) and signs of Advanced Persistent Threats (APTs) within the Clients environment. Analyse attack patterns, Tools, Techniques and Procedures (TTPs) to identify methods of attacks and attack life cycle. Experience with a variety of security technologies, including firewalls, intrusion detection systems, EDR, XDR, SASE, SSE, Email Security Gateways, IDAM, and vulnerability scanners Experience with security best practices, including incident response, risk assessments, and security controls. Strong analytical and problem-solving skills with the ability to work in a fast-paced environment. Perks and benefits Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. The successful applicant will enjoy working in a collaborative environment in Chandigarh, India with a friendly and highly driven people (the Oreos), where ideas are always welcome and ongoing training and development is strongly encouraged. The renumeration will be negotiated and based on the relevant skills and experience of the successful applicant. If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you.

We are seeking a highly experienced and motivated Senior SOC Manager to lead our Security Operations Center (SOC) team. The Senior SOC Manager will be responsible for managing the day-to-day operations of the SOC, overseeing security monitoring, incident response, threat intelligence activities, and ensuring the organisation's information assets are protected. The ideal candidate will have a strong background in cybersecurity operations, team leadership, and incident management, with a strategic mindset and the ability to drive continuous improvement. Role & responsibilities 1. Leadership and Management: Team Leadership : Lead, mentor, Build and manage a team of SOC analysts, incident responders, and threat hunters. Foster a culture of continuous improvement, accountability, and professional development within the SOC team. Conduct regular performance reviews and provide constructive feedback to team members. Operational Management : Develop and maintain SOC processes, procedures, and documentation to ensure efficient and effective operations. Ensure the SOC team operates 24/7, providing continuous coverage for security monitoring and incident response. Coordinate shift schedules, resource allocation, and ensure adequate staffing levels. Monitoring and Detection : Oversee the monitoring of security events and alerts generated by various security tools and technologies. Ensure the timely identification, analysis, and escalation of potential security incidents. Develop and fine-tune detection rules, signatures, and use cases to enhance threat detection capabilities. Incident Response : Coordinate and manage the end-to-end incident response process, including detection, analysis, containment, eradication, and recovery. Develop, implement, and maintain incident response playbooks, runbooks, and standard operating procedures (SOPs). Lead post-incident reviews, including root cause analysis and lessons learned, to improve incident response processes. Threat Intelligence Integration : Ensure the SOC team stays up-to-date with the latest threat intelligence and cyber threat landscape. Integrate threat intelligence into SOC operations to enhance detection and response capabilities. Collaborate with threat intelligence analysts to gather, analyse, and disseminate actionable intelligence. Threat Hunting : Develop and lead proactive threat hunting activities to identify and mitigate potential threats before they impact the organisation. Utilise advanced analytical and forensic tools to uncover hidden threats and malicious activities. Internal Collaboration : Work closely with other IT and security teams to ensure seamless integration of security operations. Collaborate with the IT infrastructure team to ensure security controls are properly implemented and maintained. Engage with application development teams to ensure secure coding practices and application security measures. Stakeholder Communication : Communicate effectively with senior management, providing regular updates on SOC activities, incidents, and overall security posture. Develop and deliver regular SOC performance and incident reports to leadership. Serve as the primary point of contact for escalated security incidents and external communications. Process Enhancement : Identify areas for improvement within the SOC and implement enhancements to processes, tools, and technologies. Conduct regular SOC assessments and readiness exercises to ensure operational effectiveness. Stay informed about the latest security trends, technologies, and best practices. Metrics and Reporting : Develop and track key performance indicators (KPIs) and metrics to measure the effectiveness and efficiency of SOC operations. Provide detailed reporting on SOC activities, incidents, and trends to senior management and other stakeholders. Monthly CISO reports Regulatory Compliance : Ensure SOC operations comply with relevant regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Support audit activities and provide necessary documentation and evidence for compliance audits. Collaborate with the compliance team to address regulatory changes and ensure ongoing compliance. Employee Training : Develop and deliver regular cybersecurity training programs for SOC staff to enhance their skills and knowledge. Promote security awareness and best practices across the organisation through training and awareness programs. Conduct phishing simulations and other awareness activities to test and improve employee readiness. Professional Development : Encourage SOC team members to pursue relevant certifications and professional development opportunities. Provide guidance and support for career development and advancement within the SOC team. Education and Experience: Education : Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred. Relevant certifications such as CISSP, CISM, GIAC, or equivalent are highly desirable. Experience : A minimum of 10-12 years of experience in cybersecurity, with at least 7-8 years in a SOC management or leadership role. Proven track record of managing and leading high-performing security teams in a dynamic and fast-paced environment. Security Operations : Strong understanding of security monitoring and incident response processes and technologies. Experience with SIEM platforms (e.g., Splunk, ArcSight, QRadar) and other security tools. Knowledge of threat intelligence and analysis methodologies. Technical Expertise : Familiarity with regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Proficiency in using advanced analytical and forensic tools for threat detection and incident analysis. Understanding of network security, endpoint security, application security, and cloud security principles. Leadership and Management : Excellent leadership, team management, and mentoring skills. Strong analytical and problem-solving abilities. Effective communication and interpersonal skills, with the ability to interact with technical and non-technical stakeholders. Strategic Thinking : Ability to think strategically and develop long-term plans for improving SOC operations and overall security posture. Demonstrated ability to drive continuous improvement and foster a culture of innovation. This position may require occasional on-call support and the ability to respond to security incidents outside of regular business hours. Hybrid work environment with a combination of on-site and remote work. Perks and Benefits Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. The successful applicant will enjoy working in a collaborative environment in Chandigarh, India with a friendly and highly driven people (the Oreos), where ideas are always welcome and ongoing training and development is strongly encouraged. The renumeration will be negotiated and based on the relevant skills and experience of the successful applicant. If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you.

Job description We are seeking a highly experienced and motivated Senior SOC Manager to lead our Security Operations Center (SOC) team. The Senior SOC Manager will be responsible for managing the day-to-day operations of the SOC, overseeing security monitoring, incident response, threat intelligence activities, and ensuring the organisation's information assets are protected. The ideal candidate will have a strong background in cybersecurity operations, team leadership, and incident management, with a strategic mindset and the ability to drive continuous improvement. Role & responsibilities Lead the analysis and investigation of information security events (IDS/DLP/SIEM/etc.) in a 24x7 SOC environment to immediately detect, verify, and respond swiftly to cyber threats, and remove false positive. Serve as a technical point of escalation. Responsible for investigating incidents, analysing attack methods, researching new defence techniques and tools, developing security policy, and documenting procedures for SOC. Maintain baselines for secure configuration and operations. Malware analysis and other attack analysis to extract indicators of compromise. Perform data security event correlation between various systems. Prepare reports, summaries, and other forms of communication that may be both internal and client facing. Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives. Develop and deploy processes to ensure efficient and effective security operations. Provide guidance and mentorship to other security analysts and junior members of the security team. Keep up-to-date with the latest trends and best practice developments in the field of cybersecurity and SIEM tools Values And Behaiviours Have Fun We take time and effort to make the workplace more enjoyable, we reward and celebrate success, our customers and partners see us as human. Move with Velocity We evolve and grow to stay ahead of the curve, we make decisions quickly and often, we are decisive and show initiative, we are outcome oriented and we question everything to determine what speeds or impedes the desired outcome. Go Further We go beyond delivering what works, we discover delights and help customers transform their business, we have a passion for learning, we have a desire to question the norms, and we are curious to step out of our comfort zones. Thrive Together We are high functioning, supportive and inclusive, collaboration is in our DNA, we step up to assist our team members, and we work as a team to achieve the right outcome. Skills and Capabilities At least 7 years of experience working in a SOC environment, with a focus on using multiple SIEM tools. Strong understanding of security operations and incident response processes Hands-on experience with at least two major SIEM tools (e.g., MS Sentinel Rapid7, Exabeam Splunk, ArcSight, QRadar,) Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work in a fast-paced, dynamic environment Qualifications B-Tech

Preference : Experience working with BIG4 or CMMi level 5 organisations. As the Head of Security Operations and Architecture you will be responsible for leading and managing all aspects of our organisations security infrastructure, systems, and processes. This role requires a strong background in security architecture, excellent leadership and communication skills, and a deep understanding of security best practices. Role & responsibilities Develop and implement a comprehensive security architecture strategy that aligns with the organisations goals and objectives. Lead the design, implementation, and maintenance of security systems and solutions to protect the organizations information assets and infrastructure. Collaborate with cross-functional teams to identify security requirements and ensure that security measures are integrated into the design and development of new systems and applications. Conduct regular security assessments and audits to identify vulnerabilities and recommend appropriate remediation actions. Stay up-to-date with the latest security threats, vulnerabilities, and industry trends, and provide guidance and recommendations to mitigate risks. Develop and implement security policies, procedures, and standards to ensure compliance with relevant regulations and industry best practices. Manage and oversee security incident response activities, including investigations, documentation, and resolution. Provide leadership and guidance to the security team, including training, mentoring, and performance evaluations. Collaborate with internal stakeholders and external partners to ensure effective security governance and risk management. Foster a culture of security awareness and continuous improvement within the organization. Preferred candidate profile Bachelors degree in a related field or equivalent work experience. Proven experience in security architecture, preferably in a leadership or managerial role. Strong knowledge of security principles, practices, and technologies. Excellent leadership and communication skills, with the ability to effectively collaborate with cross-functional teams and senior executives. Strong analytical and problem-solving skills, with the ability to make sound decisions in complex and high-pressure situations. In-depth understanding of security frameworks, standards, and regulations (e.g., ISO 27001, NIST, GDPR). Professional certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are highly desirable. Experience with cloud security architecture and best practices is a plus. Strong project and time management skills, with the ability to prioritize and manage multiple initiatives simultaneously. Knowledge and understanding of cyber security standards, processes, policies and metrics (encompassing network security, application security and data security). Understanding of industry best practices for security architecture frameworks, tools, standards and guidelines. Understanding of cyber security principles and security layers. Familiarity with SABSA, TOGAF, NIST 800-53, Open FAIR, MITRE ATT&CK/D3FEND, threat modelling and related methodologies or frameworks CISSP, CISM, CCSK or other related certifications Experience in a number of security technologies and vendors covering: Palo Alto Networks, Proofpoint, Netskope, Zscaler, Tenable, Rapid7, Qualys, SentinelOne, CrowdStrike, Microsoft Experience working in an Agile environment Identity and Access Management Identity Governance: Cloud security across AWS/Azure and google cloud Strong ambition and ability to develop and expand cyber security services and product support. Outstanding interpersonal skills and the capacity to develop and maintain excellent working relationships with customers, stakeholders and vendors. Excellent presentation skills focusing on technical presales and solutions Strong troubleshooting skills and analytical abilities in reviewing, diagnosing and resolving complex networking problems. Strong documentation skills to develop customer facing technical and advisory documents Prior experience working across the integration of Digital and Cloud based Technology. Extensive experience in understanding and mapping out end-to-end Architecture. Experienced in Designing solutions, system and software architecture according to business strategies and architecture standards/processes. Proven track record in analysing business requirements and determining appropriate solutions to these requirements based on business needs. Ability to resolve moderate and highly complex problems and issues in solution architectures and assess potential risks with the ability to determine solutions to these risks Understanding of technologies: CASB, Web Filtering, Attack Surface Reduction, EDR, Network segmentation Strong understanding of Zero Trust architecture and concepts Ability to analyse complex technology problems and able to find secure solutions without loosing sight of business requirements Experience with security engineering, infrastructure-as-code, CI/CD, automation, and application development desirable Experience with cloud security technologies desirable Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. Enjoy working with a friendly and highly driven team (the Oreos), where ideas are always welcome and ongoing learning and development is strongly encouraged. Our people are rewarded with monthly team events and, learning sponsorship and many rewards & awards. The remuneration will be negotiated based on relevant skills and experience If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you . For more information visit our webpage: www.oreta.com.au

We are seeking a highly experienced and motivated Senior SOC Manager to lead our Security Operations Center (SOC) team. The Senior SOC Manager will be responsible for managing the day-to-day operations of the SOC, overseeing security monitoring, incident response, threat intelligence activities, and ensuring the organisation's information assets are protected. The ideal candidate will have a strong background in cybersecurity operations, team leadership, and incident management, with a strategic mindset and the ability to drive continuous improvement. Role & responsibilities 1. Leadership and Management: Team Leadership : Lead, mentor, Build and manage a team of SOC analysts, incident responders, and threat hunters. Foster a culture of continuous improvement, accountability, and professional development within the SOC team. Conduct regular performance reviews and provide constructive feedback to team members. Operational Management : Develop and maintain SOC processes, procedures, and documentation to ensure efficient and effective operations. Ensure the SOC team operates 24/7, providing continuous coverage for security monitoring and incident response. Coordinate shift schedules, resource allocation, and ensure adequate staffing levels. 2. Security Monitoring and Incident Response: Monitoring and Detection : Oversee the monitoring of security events and alerts generated by various security tools and technologies. Ensure the timely identification, analysis, and escalation of potential security incidents. Develop and fine-tune detection rules, signatures, and use cases to enhance threat detection capabilities. Incident Response : Coordinate and manage the end-to-end incident response process, including detection, analysis, containment, eradication, and recovery. Develop, implement, and maintain incident response playbooks, runbooks, and standard operating procedures (SOPs). Lead post-incident reviews, including root cause analysis and lessons learned, to improve incident response processes. 3. Threat Intelligence and Analysis: Threat Intelligence Integration : Ensure the SOC team stays up-to-date with the latest threat intelligence and cyber threat landscape. Integrate threat intelligence into SOC operations to enhance detection and response capabilities. Collaborate with threat intelligence analysts to gather, analyse, and disseminate actionable intelligence. Threat Hunting : Develop and lead proactive threat hunting activities to identify and mitigate potential threats before they impact the organisation. Utilise advanced analytical and forensic tools to uncover hidden threats and malicious activities. 4. Collaboration and Communication: Internal Collaboration : Work closely with other IT and security teams to ensure seamless integration of security operations. Collaborate with the IT infrastructure team to ensure security controls are properly implemented and maintained. Engage with application development teams to ensure secure coding practices and application security measures. Stakeholder Communication : Communicate effectively with senior management, providing regular updates on SOC activities, incidents, and overall security posture. Develop and deliver regular SOC performance and incident reports to leadership. Serve as the primary point of contact for escalated security incidents and external communications. 5. Continuous Improvement: Process Enhancement : Identify areas for improvement within the SOC and implement enhancements to processes, tools, and technologies. Conduct regular SOC assessments and readiness exercises to ensure operational effectiveness. Stay informed about the latest security trends, technologies, and best practices. Metrics and Reporting : Develop and track key performance indicators (KPIs) and metrics to measure the effectiveness and efficiency of SOC operations. Provide detailed reporting on SOC activities, incidents, and trends to senior management and other stakeholders. Monthly CISO reports 6. Compliance and Audit: Regulatory Compliance : Ensure SOC operations comply with relevant regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Support audit activities and provide necessary documentation and evidence for compliance audits. Collaborate with the compliance team to address regulatory changes and ensure ongoing compliance. 7. Training and Awareness: Employee Training : Develop and deliver regular cybersecurity training programs for SOC staff to enhance their skills and knowledge. Promote security awareness and best practices across the organisation through training and awareness programs. Conduct phishing simulations and other awareness activities to test and improve employee readiness. Professional Development : Encourage SOC team members to pursue relevant certifications and professional development opportunities. Provide guidance and support for career development and advancement within the SOC team. Preferred candidate profile Education and Experience: Education : Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred. Relevant certifications such as CISSP, CISM, GIAC, or equivalent are highly desirable. Experience : A minimum of 10-12 years of experience in cybersecurity, with at least 7-8 years in a SOC management or leadership role. Proven track record of managing and leading high-performing security teams in a dynamic and fast-paced environment. Technical Skills: Security Operations : Strong understanding of security monitoring and incident response processes and technologies. Experience with SIEM platforms (e.g., Splunk, ArcSight, QRadar) and other security tools. Knowledge of threat intelligence and analysis methodologies. Technical Expertise : Familiarity with regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Proficiency in using advanced analytical and forensic tools for threat detection and incident analysis. Understanding of network security, endpoint security, application security, and cloud security principles. Soft Skills: Leadership and Management : Excellent leadership, team management, and mentoring skills. Strong analytical and problem-solving abilities. Effective communication and interpersonal skills, with the ability to interact with technical and non-technical stakeholders. Strategic Thinking : Ability to think strategically and develop long-term plans for improving SOC operations and overall security posture. Demonstrated ability to drive continuous improvement and foster a culture of innovation. Work Environment: This position may require occasional on-call support and the ability to respond to security incidents outside of regular business hours. Hybrid work environment with a combination of on-site and remote work. Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. The successful applicant will enjoy working in a collaborative environment in Chandigarh, India with a friendly and highly driven people (the Oreos), where ideas are always welcome and ongoing training and development is strongly encouraged. The renumeration will be negotiated and based on the relevant skills and experience of the successful applicant. If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you.

Role & responsibilities SOC Operations: Monitor and analyze security events across networks, systems, and endpoints. Investigate, escalate, and respond to security incidents in a timely manner. Collaborate with the SOC team to enhance incident response procedures. Microsoft Security Solutions: Manage and maintain Microsoft Defender suite of tools, Azure Sentinel, and Microsoft Services. Implement Microsoft security configurations and policies to protect digital environments. Conduct threat hunting and data analysis using Microsoft Sentinel, KQL, and other Microsoft tools. Ensure compliance with security standards and best practices within Microsoft environments. Threat Detection and Incident Response: Conduct root cause analysis for security incidents and create actionable remediation plans. Support threat intelligence and vulnerability management programs to proactively reduce risk. Automate response and remediation workflows using Microsofts security automation tools. Security Engineering and Improvements: Develop and fine-tune security alerts and rules to improve threat detection. Collaborate with cross-functional teams to assess and improve security architecture. Assist in the design and implementation of secure cloud and hybrid environments with a focus on Microsoft platforms. Documentation and Reporting: Maintain up-to-date documentation of security procedures and incident reports. Generate reports on security incidents, SOC performance, and security posture improvements. Provide recommendations to improve security operations and incident response Preferred candidate profile 7+ years of professional experience in Security Operations Centre (SOC) or 5+ years of experience cybersecurity engineering role Strong hands-on experience with Microsoft security products, including: Microsoft Defender for Endpoint, Azure Sentinel, and Microsoft 365 Defender. Knowledge of Kusto Query Language (KQL) for threat hunting and data analysis. Familiarity with Microsoft security compliance frameworks and configurations. Act as an escalation point for high and critical severity security incidents and conduct thorough investigations to determine potential impact and understand extend of compromise. Practical knowledge of SIEM platforms, preferably Azure Sentinel, and incident response processes. Hunt for Indicators of Compromise (IOCs) and signs of Advanced Persistent Threats (APTs) within the Clients environment. Analyse attack patterns, Tools, Techniques and Procedures (TTPs) to identify methods of attacks and attack life cycle. Experience with a variety of security technologies, including firewalls, intrusion detection systems, EDR, XDR, SASE, SSE, Email Security Gateways, IDAM, and vulnerability scanners Experience with security best practices, including incident response, risk assessments, and security controls. Strong analytical and problem-solving skills with the ability to work in a fast-paced environment. Perks and benefits Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. The successful applicant will enjoy working in a collaborative environment in Chandigarh, India with a friendly and highly driven people (the Oreos), where ideas are always welcome and ongoing training and development is strongly encouraged. The renumeration will be negotiated and based on the relevant skills and experience of the successful applicant. If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you.