12 Detection Rules Jobs

? Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation. ? Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies. ? Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents. ? Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations. ? Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications. ? Conduct root cause ...

Configure, manage, and optimize SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel, ArcSight, or LogRhythm) for log collection, parsing, and correlation. ? Develop and fine-tune detection rules, alerts, dashboards, and reports to identify potential security threats and anomalies. ? Monitor and analyze SIEM alerts to identify and respond to suspicious activities, false positives, or security incidents. ? Collaborate with the Security Operations Center (SOC), threat intelligence, and incident response teams to support investigations. ? Integrate new log sources and ensure complete, accurate, and secure logging from endpoints, servers, cloud services, and applications. ? Conduct root cause an...

About The Company Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of Communications Experience Required: 4+ years in Cybersecurity, with 2+years hands-on Anti APT tool and in IR Reports To: Security Operations Lead / SOC Manager Location: Jaipur Job Type: Full-time, Customer locations Job Summary We are looking for a highly skilled Anti-APT and IncidentResponse Specialist to lead the detection, analysis, and remediation ofsophisticated cyber threats, including Advanc...

As a Security Operations Centre (SOC) Analyst, your role involves monitoring, triaging, and analyzing security events and alerts on a 24/7 basis. This includes conducting malware analysis, including reverse engineering when necessary. You will be responsible for coordinating incident response activities, troubleshooting complex issues, and collaborating with teams across a global organization. Key Responsibilities: - Monitor security events and alerts round the clock - Analyze security incidents and conduct malware analysis - Coordinate incident response efforts and troubleshoot complex issues - Understand core concepts of security incident response - Analyze email security threats and contr...

As a Senior Consultant for the company, you will be responsible for designing, implementing, and optimizing Google SecOps SIEM and SOAR solutions. Your role will involve leading complex integrations and advising clients on advanced detection, automation, and response strategies. Key Responsibilities: - Lead the design and deployment of Google SecOps SIEM and SOAR solutions for complex client environments. - Develop advanced detection rules, custom parsers, and SOAR playbooks to address sophisticated threats. - Integrate diverse log sources and validate data quality, normalization, and enrichment. - Advise clients on SIEM/SOAR best practices, use case development, and automation opportunities...

Role Overview: As a skilled and proactive Claroty Monitoring and Configurations Analyst, you will be joining our Operational Technology (OT) cybersecurity team. Your main responsibility will be the administration, monitoring, tuning, and configuration of Claroty's Continuous Threat Detection (CTD) platform to ensure robust visibility and protection across industrial networks. Your strong knowledge of ICS/SCADA systems, OT protocols, and experience in configuring detection rules in Claroty environments will be essential for this role. Key Responsibilities: - Monitor Claroty CTD dashboards for alerts related to abnormal behavior, unauthorized access, and protocol violations across ICS/OT envir...

Cybersecurity at Providence is responsible for appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients) What will you be responsible for Lead the design and implementation of data ingestion from diverse sources, various mechanisms for integration and normalization of logs. Extension of pre-built UDMs in and creation of custom parsers where required for log sources. Integration of SIEM with other security capabilities and tools such as SOAR, EDR, threat intelligence platform, and ticketing systems. Write custom actions, scripts and...

Role: Sr Cloud Security Engineer Location: Pune/Mumbai Notice: Immediate Configure and onboard cloud log sources with proper parsing into the SIEM. Monitor and maintain log ingestion pipelines, troubleshooting issues as needed. Develop and tune detection rules aligned with MITRE ATT&CK for cloud threats. Create dashboards and reports for executive visibility and audits. Build playbooks for cloud threat response and recommend system improvements. Ensure alignment of use cases with evolving threat frameworks and cloud security trends.

Role & res Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to ass...

Role: S enior SOC Analyst, Alerts & Automation Standard Title: Senior Analyst, Cyber Defence (SOC) Location: Bangalore, India About Us Founded in 2014, Circles is a global technology company reimagining the telco industry with its innovative SaaS platform, empowering telco operators worldwide to effortlessly launch innovative digital brands or refresh existing ones, accelerating their transformation into techcos. Today, Circles partners with leading telco operators across multiple countries and continents, including KDDI Corporation, Etisalat Group (e&), AT&T, and Telkomsel, creating blueprints for future telco and digital experiences enjoyed by millions of consumers globally. Besides its Sa...

You will be responsible for leading the DLP strategy and implementation efforts within the SOC environment using Akamai's security suite. This includes designing, configuring, and maintaining Akamai DLP and Web Application Firewall (WAF) policies to prevent unauthorized data exfiltration. Monitoring and analyzing DLP alerts, conducting investigations, and coordinating incident response activities will also be part of your key responsibilities. In this role, you will develop use cases and fine-tune detection rules to reduce false positives and improve detection efficiency. Collaboration with cross-functional teams such as IT, Legal, Compliance, and Data Governance will be essential to ensure ...

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your role and responsibilities The SIEM Administrator will be responsible for administering the deployed SIEM service. The candidate is also expected to have hands on experience of deploying a SIEM solution from scratch, where the candidate should have the skills and knowledge to gather all the required information to build the SIEM so...