7 Correlation Rules Jobs

Role Overview: The SIEM Content Management Engineer will be responsible for designing, developing, optimizing, and maintaining SIEM content including use cases, correlation rules, threat models, dashboards, and reports. This role plays a critical part in enhancing threat detection capabilities and aligning SIEM content with evolving threat landscapes and business requirements. Key Responsibilities: Develop and maintain SIEM use cases aligned with threat intelligence, MITRE ATT&CK framework, and business risks. Create and optimize correlation rules, alerts, dashboards, and reports in Securonix (or other SIEM platforms). Collaborate with Threat Intel, SOC, and Incident Response teams to identi...

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about protecting companies from cyber threats Do you want to be part of a team that safeguards the digital assets of cutting-edge organizations Look no further Kyndryl is seeking a Cybersecurity Specialist to join our team of talented Technical Specialists. As a Cybersecurity Specialist, you will be at the forefront of protectin...

Role Overview: You are being hired as a SOC Analyst Intern at TechDefence Labs, an Information Security Consulting Company based out of Ahmedabad. As a SOC Analyst Intern, your primary responsibilities will include Splunk deployment, implementation, and configuration, correlation rules, performance optimization, and monitoring alerting tools. You will also be responsible for handling escalated incidents from various teams and customers, triaging alerts, responding to common alerts, and identifying abnormal security events. Key Responsibilities: - Deploy and configure Splunk for effective monitoring and analysis - Create and implement correlation rules to identify potential security threats -...

Company Profile Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member's contributions and offers a supportive environment for career development. Come, stay, and grow with us. Job Description We are seeking a skilled and detail-oriented Splunk SIEM Policy Administrator to manage and maintain security po...

Job Description Responsible for end-to-end implementation and configuration of SIEM(LogRhythm) and SOAR(Cortex) solutions across customer environments Onboard diverse log sources (cloud, on-prem, endpoint, network) into the LogRhythm SIEM platform and normalize data(Including Supported and Non Supported Devices) Design and implement Standard and Custom detection rules, dashboards, and Reports. Including UEBA, NBA, MITRE, Logsource based and Cross Correlation Usecases Collaborate with SOC, threat intel, TPM and Internal teams to enhance security posture and streamline incident response. Troubleshoot log ingestion and parsing errors. Implement threat intelligence integration to enrich alerts a...

As a member of the team at Atos, you will be responsible for triaging, investigating, and analyzing security alerts that are escalated from L1 analysts. Your role will involve performing in-depth analysis of logs, alerts, and network traffic using various SIEM tools such as Splunk, QRadar, and ArcSight. Additionally, you will be expected to conduct root cause analysis of security incidents and provide recommendations for containment and remediation actions. It will be your responsibility to respond to medium and high-severity incidents and escalate critical incidents to L3 or IR teams when necessary. Furthermore, you will play a key role in threat hunting by utilizing IOCs, anomaly detection...

We are seeking a SOC Analyst with 1-3 years of experience to join our team at TechDefence. As a SOC Analyst, you will be responsible for various essential tasks such as Splunk deployment, implementation, and configuration, correlation rules, performance optimization, and performance tuning. Additionally, you will monitor alerting tools, handle escalated incidents from different teams, triage alerts, respond to common alerts, and provide escalations as necessary. The ideal candidate should hold a minimum IT Diploma or equivalent qualification, have the ability to work in rotating shifts, and be on-call outside of regular hours on a recurring basis. Personal and professional integrity is a mus...