32 Incident Analysis Jobs

The role of Fusion Data Intelligence Content Development is to empower customers to maximize the potential of their data through the provision of high-quality pre-built content and a flexible customization framework. The team consists of seasoned experts in Oracle Analytics and Fusion Data Intelligence, dedicated to resolving customer issues effectively. As part of this position, you will be required to participate in on-call shifts beyond regular business hours, including weekends and public holidays. Your responsibilities will involve analyzing reported incidents, addressing them promptly, gaining a holistic understanding of the situation, and suggesting improvements to the product with the aim of reducing incident occurrences and resolution times. Additionally, enhancing Oracle Support and customer self-sufficiency, optimizing application performance, and strengthening integration between Fusion Data Intelligence and other Oracle products are key objectives. Furthermore, you will be involved in the development of Proof of Concepts (POCs) to validate proposed enhancements. Collaboration with various Oracle development teams and Oracle Support will be essential in carrying out these responsibilities effectively.,

Roles/Responsibilities: Experiencein SIEM Tool like ArcSight, LogRhythm SIEM, Threat Intelligence, MalwareAnalysis, Incident Response Experiencein handling SOC customer in MSSP/multi-tenant environment Responsiblefor the technical Administration or troubleshooting in SIEM ensuring theefficient functionality of the solution Responsiblefor Incident Validation, Incident Analysis, Solution Recommendation, Good knowledge on implementation,installation, integration troubleshooting and overall functionalities of LogRhythm/ArcSight/QRadar/Splunk Arc Sight/LR/QRadar platformadministration, management experience, platform upgrade Experience in troubleshooting platformrelated issues, Data backup, restoration, retention Experience in creating content basedon MITRE Framework Exposure to SOAR, alert aggregation,automation, Playbook creation ArcSight/LRrule base fine tuning, Ongoing log source modifications, Configuration/policychanges, General SIEM Administration, SIEM Content Development Troubleshootingof an incident within IT Security incident response teams of SOC. Maintainsawareness of new and emerging cyber-attack threats with potential to harmcompany systems and networks. Devises and implements countermeasures tomitigate potential security threats. Assistswith the development and maintenance of IT security measurement and reportingsystems to aid in monitoring effectiveness of IT Security programs. Assistswith the development, revision, and maintenance of Standard OperatingProcedures and Working Instructions related to IT Security. Good Coordination skills with variousother teams for faster resolution/completion. Good to have threat huntingknowledge. Education/Skills: BE/B.Techor equivalent with minimum 7-10 years of experience Workexperience of minimum 6 years in SOC Incident Handling, Incident Response TrendAnalysis, administration/monitoring of SIEM Tool like ArcSight, LogRhythm SIEM,Threat Intelligence, Malware Analysis, Abilityto adapt and follow the processes and guidelines Possessan impeccable work ethic and a high degree of integrity GoodAnalytical & Problem Solving skills Ableto communicate with technical staff/management Flexibleto work after office and over weekend if required Highlymotivated & customer centric

IBM Software Support Organisation is seeking a Technical Support Professional to join our team! IBM Software Technical Support Engineers take pride in helping customers by solving problems and answering questions both large and small. Support Engineers develop a mastery of our different products and use that knowledge to enable customers to overcome problems while sharing best practices. This important role is a hub within the company. Technical Support Engineers take questions, issues, and feedback from users and work with Solution Architects, Product Management and Engineering to continuously improve our solutions. Additionally, Technical Support Engineers are encouraged and provided the opportunity to hone their technical skills and deepen their knowledge. Areas of responsibility include: Engage on cases effectively in a timely manner working as part of a Global 24X7 team. Work closely with Engineering and Operations on resolving escalated cases. Educate customers to help them become product experts. Write knowledge base articles based on customer questions. Develop and maintain strong customer relationships. Provide technical engineering support, as part of our Technical Support Team, to resolve customer issues by performing diagnostics, performance optimization, incident analysis, solution partner recommendations, and product knowledge transfer. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Passion for customer care and customer satisfaction and self-motivated towards meeting agreed goals. Good spoken and written communication skills along with ability to collaborate with the team and act as a team player. 7+ years of previous experience in a customer facing technical support/development role with experience in Maximo Asset Management/Maximo Application Suite software and good knowledge of Cloud technologies (Red Hat OpenShift/Azure/Kubernetes). A successful track record in developing and managing customer relationships. EnglishFluent. Preferred technical and professional experience You would make a great addition to our team if you have great skills in some of the following: Experience in shell scripting and programming languages such as Java, C++. Understanding about Mobile technologies. Proficient in Windows/Linux operation system. Experience in Databases including MongoDB, DB2/Oracle/SQL Server. Understanding of the application development projects and Administration knowledge of Application Servers(WebSphere/WebLogic). Working knowledge or Understanding of web technologies and/or data analytics.

As an L2 SOC Analyst specializing in LogRhythm SIEM, your role will involve strengthening the Security Operations Center in Mumbai. With 2 to 5 years of hands-on experience in security monitoring and incident analysis, particularly focusing on LogRhythm SIEM, you will play a crucial part in the in-depth analysis, incident investigation, escalation, and coordination with response teams. Your key responsibilities will include monitoring, analyzing, and triaging security alerts from LogRhythm SIEM and other security platforms. You will be responsible for investigating and validating security incidents with detailed analysis and impact assessment, conducting threat hunting, and advanced log correlation as per SOC playbooks. Additionally, you will respond to incidents following defined escalation matrices, perform root cause analysis, recommend containment and mitigation actions, and provide guidance and mentorship to L1 SOC Analysts for escalated incidents. Moreover, you will prepare incident reports, analysis summaries, and dashboards for management, monitor and report SIEM health, log source integration issues, and tuning requirements. Your role will also involve participating in the continuous improvement of detection rules and SOC processes. Being ready to work in 24x7 rotational shifts with a constant readiness for critical incident handling is essential for this position. To excel in this role, you should possess 2 to 5 years of SOC operations experience, with a specific focus on SIEM monitoring and incident handling. Strong hands-on experience with LogRhythm SIEM is mandatory, in addition to a good understanding of security threats, attack vectors, malware behavior, and common vulnerabilities. Practical experience in analyzing logs from firewalls, IDS/IPS, endpoint security, and cloud platforms is required, along with familiarity with the MITRE ATT&CK framework and the usage of threat intelligence. Furthermore, you should exhibit strong analytical thinking, incident response capabilities, and problem-solving skills. Effective communication skills for incident reporting and escalation are essential for this role. Preferred certifications include LogRhythm Certified Deployment Engineer (LCDE) or LogRhythm Certified SOC Analyst (LCSA), while certifications such as CompTIA Security+, CEH, CySA+, or equivalent security certifications are optional. Any threat hunting or incident response certification would be considered a plus. This is a full-time role based at the Mumbai SOC facility, requiring you to work in 24x7 rotational shifts, including nights and weekends.,

SOC Analyst L3 (Sentinel is must) Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads. Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive , threat-informed , risk-based , intelligence-driven approach to detecting and responding to threats. Our mission is to help our customers: Proactively detect and respond to cyber-attacks 24x7x365. Defend against new and emerging risks that impact their business. Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments. Reduce their exposure to risks that impact their identity and brand. Develop operational resilience. Maintain compliance with legal, regulatory and compliance obligations. What were looking for To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Operations Analyst (L3) to support Rackspaces strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sr. Sec Ops Analyst, who has a proven record of accomplishment in the cloud security monitoring and incident detection domain. As a Security Operations Analyst(L3), you will be responsible for detecting, analysing, and responding to threats posed across customer on-premises, private cloud, public cloud, and multi-cloud environments. The primary focus will be on triaging alerts and events (incident detection), which may indicate malicious activity, and determining if threats are real or not. You will also be required to liaise closely with the customers key stakeholders, which may include incident response and disaster recovery teams as well as information security. Key Accountabilities Should have experience of 10 years in SOC and 5 years in Azure Sentinel. Ensure the Customers operational and production environment remains secure at all the times and any threats are raised and addressed in a timely manner. Critical incident handling & closure. Escalation management and handling escalations from L2 Analysts. Proactive discovery of threats based on MITRE ATT&CK framework. Deep investigation and analysis of critical security incidents. Post breach forensic incident analysis reporting. Review the weekly and monthly reports. Review new use cases created by L2 and implement in cloud-native SIEM (Security Information and Event Management). Assist with customer onboarding (such as use case development, identifying data sources, configuring data connectors etc) Advanced threat hunting. Develop custom dashboards and reporting templates. Develop complex to customer specific use cases. Advanced platform administration. Solution recommendation for issues. Co-ordinate with vendor for issue resolution. Basic and intermediate playbook and workflow enhancement. Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc. Develop the custom parsers for the incident and alert enrichment. Problem specific playbook and workflow creation and enhancements Required to work flexible timings. Skills & Experience Existing experience as a Security Operations Analyst, or equivalent. Experience of working in large scale, public cloud environments and with using cloud native security monitoring tools such as: Microsoft Sentinel Microsoft 365 Defender Microsoft Defender for Cloud Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint. Firewalls and network security tools such as Palo Alto, Fortinet, Juniper, and Cisco. Web Application Firewall (WAF) tools such as Cloudflare, Akamai and Azure WAF. Email Security tools such as Proofpoint, Mimecast and Microsoft Defender for Office Data Loss Prevention (DLP) tools such as Microsoft Purview, McAfee and Symantec Nice to have skills/experience includes: Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc. Experience with scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell. Experience with DevOps practices and tools such as Backlogs, Repos, Pipelines, Artifacts, CI/CD, JIRA, Azure DevOps, CircleCI, GitHub Actions, Ansible and/or Jenkins. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - Certified Information Security Systems Professional (CISSP) Microsoft Certified: Azure Security Engineer Associate (AZ500) Microsoft Certified: Security Operations Analyst Associate (SC-200) CREST Practitioner Intrusion Analyst (CPIA) CREST Registered Intrusion Analyst (CRIA) CREST Certified Network Intrusion Analyst (CCNIA) Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) GIAC Certified Incident Handler (GCIH) GIAC Security Operations Certified (GSOC) A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail. A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture. Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure. An individual who shows a willingness to go above and beyond in delighting the customer.

Continue to make an impact with a company that is pushing the boundaries of what is possible. At NTT DATA, renowned for technical excellence, leading innovations, and making a difference for clients and society. The workplace embraces diversity and inclusion, providing an environment where you can grow, belong, and thrive. Your career at NTT DATA involves believing in yourself, seizing new opportunities and challenges, expanding skills and expertise in the current role, and preparing for future advancements. Encouraged to take every opportunity to further your career within the global team. Providing technical support to field engineers, technicians, and product support personnel diagnosing, troubleshooting, repairing, and debugging complex electro/mechanical equipment, computer systems, software, or networked and/or wireless systems. Responding in situations where first-line product support has failed, reporting problems to design engineering/software engineering, and supporting customers with highly technical products. The MS Engineer is responsible for proactively identifying and resolving technical incidents and problems for clients. Maintaining a high level of service through preemptive activities, reviews, operational improvements, and quality assurance to ensure zero missed SLA conditions. Managing tickets of varying complexity, ensuring client infrastructure is operational, performing checks, applying monitoring tools, and responding to alerts. Key Roles and Responsibilities: - Configure, install, test, and operationalize assigned infrastructure at the client site - Identify and log incidents and errors in a timely manner with necessary detail - Analyze, escalate support calls, investigate and resolve incidents and problems - Report and escalate issues to 3rd party vendors when needed - Provide onsite technical support and field engineering services to clients - Conduct incident/service request reviews, recommend quality improvements - Identify work optimization opportunities and automation possibilities Knowledge, Skills, and Attributes: - Communicate and collaborate across different cultures and social groups - Plan activities well in advance, considering changing circumstances - Maintain a positive outlook and work well under pressure - Adapt to changing circumstances and prioritize client interactions - Actively listen, adapt, and create a positive client experience - Hold an advanced diploma, degree, or relevant qualification in IT/Computing Required Experience: - Work experience in Engineering within a medium to large ICT organization - Experience in Managed Services, ITIL processes, and working with vendors/3rd parties NTT DATA is an Equal Opportunity Employer.,

As the Backup Team Lead, you will be responsible for managing a team of backup administrators and overseeing global backup and recovery operations. Your role involves ensuring a highly available, reliable, serviceable, secure, and efficient environment for our internal customers. You will be the service owner and accountable for backup operations, continual improvement, cost and vendor management. Your key duties and responsibilities include overseeing and managing all backup and recovery operations, proactively identifying and mitigating risks, serving as the company's subject matter expert for global backups and recovery environments, and maintaining a project-oriented approach. You will guide technical staff, drive projects and initiatives, provide expert support for complex problems, ensure operating standards are adhered to, identify opportunities for improvements, deliver technology evaluations and proposals, and perform capacity planning analysis and reporting. You should have at least 5+ years of experience in a high technical level position and 2+ years of experience leading a global team of backup administrators. It is essential to have knowledge of backup, recovery, and data availability processes, including experience in on-prem and Cloud environments. Strong communication skills, problem-solving abilities, and experience in creating processes and documentation are required. Additionally, familiarity with commercial backup offerings of major vendors, data protection for databases such as SQL Server and Oracle, multi-cloud environment backups, ITIL Service Design, and defining backup/recovery processes are desirable skills. Being adaptable to other IT infrastructure tasks within the defined business requirements and having a flexible approach to working hours in a global organization are also important aspects of this role.,

JD: 2+ Years of Industry experience, daily hands-on activities of the incident response and analysis. Must be good in managing Incident Responses. Good understanding of cybersecurity concepts, threat types, and attack vectors. Familiarity with SIEM tools (e.g., Splunk, QRadar), firewalls, and endpoint protection. Knowledge of TCP/IP, DNS, HTTP, and other networking protocols. Strong analytical and communication skills. Willingness to work in rotational shifts, including nights and weekends. Monitor security alerts and events from SIEM, IDS/IPS, antivirus, and other security tools. Perform initial triage of security incidents to assess severity and potential impact. Escalate confirmed incidents to L2 analysts with relevant context and evidence. Assist in gathering logs, screenshots, and other artifacts for incident documentation. Follow predefined playbooks and standard operating procedures (SOPs) for incident handling. Maintain accurate and timely records of all incident-related activities. Support evidence collection and ensure logs are preserved for further analysis. Coordinate with internal IT teams for basic containment actions (e.g., isolating endpoints). Participate in shift-based operations to ensure 24x7 monitoring coverage. Role & responsibilities Preferred candidate profile 2+ Years of Industry experience, daily hands-on activities of the incident response and analysis. Must be good in managing Incident Responses. Good understanding of cybersecurity concepts, threat types, and attack vectors. Familiarity with SIEM tools (e.g., Splunk, QRadar), firewalls, and endpoint protection. Please fill below forms if you are interested for the same https://forms.cloud.microsoft/r/v0S2BXfWim

What this job involves: Being a forerunner of quality transport service: Reporting to the Operations Director, you will be at the helm of all things related to the transport network. In essence, you will provide uninterrupted transport service to our clients. Youll do this by ensuring that our fleet is available and on-the-go 24/7. Youll also see to it that backup plans are in place should the need arise. In addition, youll serve as the single point of contact for all transport network-related issues on the clients site. Youll also be in close contact with our clients to better understand their needs, and to develop specific and efficient transport procedures that incur savings in the process. As the go-to person, youll be in charge of ensuring regular vendor meetings and connect sessions. Youll also be on top of training, records and incident reports. Ensuring complete adherence to the Companys audit procedures is also under your mandate. Bringing the team together to deliver the objectives: Does teamwork come naturally to you If so, youre on the right path, as part of your scope is to promote collaboration to achieve our targets. As the person in charge, youll be on top of workload assignmentsmaking sure that responsibilities are delegated to the right team member. Likewise, youll carry out regular meetings to update the team on processes, leaves, and backup plans in place. Youll also conduct one-on-one catch-up sessions with each team member to keep them up to speed on their scope of work, conduct, and career development. Making massive progress across the board: Handling a senior role and a team of experts, theres no other way but up. In this role, youll ensure that progress is constant by sourcing and developing opportunities for the growth of a given account. Likewise, youll encourage team members to participate in training. Also, part of your scope is to make sure that the project meets its financial targets. Youll do this by ensuring that monthly accruals are sent on time and that costs are appropriately calculated and presented to the client. Youll also see to it that invoices are processed within the target date. A customer-service orientation at the core: At JLL, we take pride in our roster of talented experts and innovators in the fieldand we want you to be a part of our global family. If you are a seasoned leader who can easily adapt to a rapidly changing work environment, then you have what it takes to take on this senior role. At the core, the ideal candidate is a customer-centric individual with a flair for vendor management and customer service. Likewise, you must also possess strong planning and organisational skills, as well as exceptional written and oral communication skills. Being professional and possessing a positive attitude at all times may also help you land this job. What is required: At JLL, Roles & Responsibilities: Managing Transport Daily Service Report (DSR) for PAN India, with consolidated data. Transport spent monthly. Transport Accruals. All locations visit weekly. Budget Vs actual discussion with the finance team. Daily Compliance report generation and sharing with all locations. Monthly compliance performance reports share with management review. All Invoices are validated before updating to Cluster leads and sharing with them for SE approval and finance team approval. Vendor billing, invoice, NDC closer every month monitoring. Transport internal audit planning. Arrival reports sharing with site team monitoring. Regular daily interaction with all location team members. Drivers, Supervisor weekly meeting. Vendor Managers & Proprietor monthly meeting. Chennai GSC, Chennai Sales, Hyderabad, Shamshabad, GSC, SEPFC, APW 1&2, IDF 1,2,3,4,5,8, Avinya Campus, Innovare, RGA, MVI, TBI, Mohali, Gurgaon, IDF 6&7 Rudrapur, Powai Mumbai, Kolkata Transport SLA contract, Meetings, Operations, and reports are to be monitored and updated. IFM meeting SIM meeting regular basis. MMR update for all locations. Monthly Transport committee meeting attending. DVC, NDVC & Contract employees details. Electric Vehicle (EV) vehicle managing and monitoring. Supported CMO audit with relevant documents. Incidents are closely monitored. Meetings with drivers, supervisors and vendor managers are to be conducted and bring awareness to the drivers while driving. Incident analysis with root causes, CAPA with fish bone analysis with corrective and preventive measures monitored and shared. All incidents to be captured and reported to the EHS team with corrective actions. Following statutory and legal compliance 100% and good catches. Every 6 months driver training should be conducted with external trainers. Vintage model vehicles are to be monitored as per SLA standards. Transport PO monitoring all locations. Transport Payment tracker and updates. JLL mandatory Training attending. Transport Benchmarking Interacting with Procurement for transport-related queries and sharing the observations. Transport Productivity. QBR-Supplier data update. All location KMS validation and audit with Grid chart. SPOT cab consolidated report from all locations. Employee transport survey conducted and requested employees to take part in the survey. Employees who gave negative feedback. Those issues are actioned immediately with rectified timely. Vehicle and driver documents expiry reports follow-ups and updates for all locations. Transport Arrival and departure monitoring of all locations. Transport escalation handling. Penalty for non-follow-ups of SLA and any deviations.

Software Testing Manager About the Team: ZTrust revolutionizes user onboarding with seamless Omnichannel Identity & Access Management, ensuring swift, effortless, and secure app access. It simplifies security across applications, while making password policy creation a breeze. Bid farewell to complexity and embrace efficiency with ZTrust. What you can look forward to as Software Testing Manager (m/f/d): Second-line support for Service Desk and OPS, special care first-line support for field test customers (FT engineers) & Thorough incident analysis Inter-departmental escalation of problems (R&D, hosting, customizing & integration) Evaluate functional analysis documents, create and maintain training documentation & Train Service Desk on new features before every major release Update and maintain knowledge base and service trees with known issues and guidelines Define customer acceptance criteria, create and update test scripts for new software features and validate new software and hardware in field test environment Report, follow up and escalate issues with R&D, hosting, customizing & integration & Plan and execute occasional field visits at field test customers for new software or hardware Approve or disapprove the release of new features, changes and hosting setup & Communicate and coordinate the extended field test rollout Your profile as Software Testing Manager (m/f/d): Communicative and customer-oriented & Team player, strong cooperation skills Highly analytical, precise, eye for details & Planning and coordination skills Experience with incident handling / problem resolution management & Experience with software and hardware development Experience with ICT and electronics & Good English speaking and writing skills Knowledge in Regression , smoke, integration, UI testing & Knowledge in automation testing is an added advantage Why should you choose ZF Group in India? Innovative Environment: ZF is at the forefront of technological advancements, offering a dynamic and innovative work environment that encourages creativity and growth. Diverse and Inclusive Culture: ZF fosters a diverse and inclusive workplace where all employees are valued and respected, promoting a culture of collaboration and mutual support. Career Development: ZF is committed to the professional growth of its employees, offering extensive training programs, career development opportunities, and a clear path for advancement. Global Presence: As a part of a global leader in driveline and chassis technology, ZF provides opportunities to work on international projects and collaborate with teams worldwide. Sustainability Focus: ZF is dedicated to sustainability and environmental responsibility, actively working towards creating eco-friendly solutions and reducing its carbon footprint. Employee Well-being: ZF prioritizes the well-being of its employees, providing comprehensive health and wellness programs, flexible work arrangements, and a supportive work-life balance. Be part of our ZF team as Software Testing Manager and apply now! Contact Sowmya Nagarathinam

IBM Software Support Organisation is seeking a Technical Support Professional to join our team! IBM Software Technical Support Engineers take pride in helping customers by solving problems and answering questions both large and small. Support Engineers develop a mastery of our different products and use that knowledge to enable customers to overcome problems while sharing best practices. This important role is a hub within the company. Technical Support Engineers take questions, issues, and feedback from users and work with Solution Architects, Product Management and Engineering to continuously improve our solutions. Additionally, Technical Support Engineers are encouraged and provided the opportunity to hone their technical skills and deepen their knowledge. Areas of responsibility include: Engage on cases effectively in a timely manner working as part of a Global 24X7 team. Work closely with Engineering and Operations on resolving escalated cases. Educate customers to help them become product experts. Write knowledge base articles based on customer questions. Develop and maintain strong customer relationships. Provide technical engineering support, as part of our Technical Support Team, to resolve customer issues by performing diagnostics, performance optimisation, incident analysis, solution partner recommendations, and product knowledge transfer. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Passion for customer care and customer satisfaction and self-motivated towards meeting agreed goals. Good spoken and written communication skills along with ability to collaborate with the team and act as a team player. 3+ years of previous experience in a customer facing technical support/development role with experience in Maximo Asset Management/Maximo Application Suite software and good knowledge of Cloud technologies (Red Hat OpenShift/Azure/Kubernetes). A successful track record in developing and managing customer relationships. EnglishFluent. Preferred technical and professional experience You would make a great addition to our team if you have great skills in some of the following: Experience in shell scripting and programming languages such as Java, C++. Understanding about Mobile technologies. Proficient in Windows/Linux operation system. Experience in Databases including MongoDB, DB2/Oracle/SQL Server. Understanding of the application development projects and Administration knowledge of Application Servers(WebSphere/WebLogic). Working knowledge or Understanding of web technologies and/or data analytics.

Your Role and Responsibilities* * Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Professional and Technical Expertise* * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience Preferred Professional and Technical Expertise * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Description of the environment RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 Poles: RISK ORM Framework, RISK ORM Technology & Transversal Risks and RISK ORM Network. RISK ORM Network is made up of all the Operational Risk Officers (OROs) acting as the second line of defence (LoD2) within the Groups operational entities (Poles, Business Lines, Functions, Transversal Activities). In this context, the Head of RISK ORM ICT & COE , whose missions are presented below, reports hierarchically to ISPL CRO and Functionally to the Head of RISK ORM NETWORK The Head of RISK ORM ICT & COE role contributes with his/her team to establish ICT risk profiles for the IT perimeters in ISPL, identify and reduce risks on activities with an ICT risk, and the activities delegated to third-party service providers. The role also contributes to the Groups operational resilience oversight, LOD2 action plans (PCA) monitoring, anti-fraud activities, technical security reviews, supervisory affairs, risk profile, and governance initiatives, and thus improve the efficiency of the overall activities for the Bank. As the Head of RISK ORM COE - Contributes to protect the Bank by delivering the following operational risk services (per the RISK ORM S.A RISK ISPL services agreement) described in the main missions of this document. Manage and develop the related following Teams in close link with the related Onshore Heads of OROs: CoE ICT Controls Extension Program (CICEP), RISK ORM Operational Resilience, Cyber & Payment Systems Risk Tech & Automation Center, RISK ORM Framework on Supervisory Affairs, Governance & Group Risk Profile, CoE Outsourcing Controls Extension Program (COCEP). Implement and manage the relevant governance enabling transparency of deliverables with Local and the related Onshore Heads of OROs. As the Head of RISK ORM ICT ( ORO & Extended ORO) : Contributes to protect the Bank through governance and oversight of ICT risk profile through RCSA, independent assessments, incident management and permanent control action processes Perform the ORO missions statement on ICT risks in close link with the related Onshore Heads of OROs and manage ISPL RISK ORM ICT ORO teams for the following perimeters: ISPL CIB IT, ISPL ITG International, which includes ITG, IPS IT, CPBS IT, ISPL Transversal IT functions (e.g. ALMT IT, Market risk IT and IT CCCO) The mutualized Execution Platform (CICEP, COCEP ORO ICT pooling) teams play a key role in assessing the Banks ICT and Outsourcing risk posture. By ensuring, through LoD2 controls, it contributes to the measurement of the effectiveness of the mechanisms implemented through the execution of controls and facilitates the production of indicators to proactively propose a common understanding of the ICT, and third-party risks. Key success of the role relies on building trusted partnerships with stakeholders and particularly with the RISK ORM Framework, Network, IT Group, TPRM, and related Onshore Heads of OROs. Responsibilities for RISK ORM CoE Manage the CoE ICT Controls Execution Platform (CICEP): Implement the CICEP ICT LOD2 controls review methodology and supporting guidelines. Perform end-to-end reviews of LoD2 ICT permanent controls in-line with the CICEP RACI. Validate yearly plan with Business Units (BU) stakeholders, including presentation of the scope and Ensure the validated LoD2 Control Plan is available in 360RiskOp. Perform the controls, review evidence, and action plans and Inform stakeholders (BU ORO, BU 1LOD etc.) of assessment progress. Present assessment findings to related Onshore Heads of OROs and Issue assessment reports . Execute the CICEP Standard Operating Procedures (SOP), and standard templates if required to perform LOD2 controls (aligned to RISK0414) on Verification, Re-performance, and Direct controls testing. Manage the CoE Outsourcing Controls Execution Platform (COCEP): Manage the Common Outsourcing Controls Execution Platform (COCEP) activities relying on existing best practices of the Common ICT LoD2 Control Execution Platform (CICEP) model: Implement and structure the COCEP roles, responsibilities, and governance. Manage the industrialisation and the practice of the COCEP. Execute LoD2 controls on outsourcing GCL (RISK0418). Lead and manage the COCEP team to perform their missions. Oversee the process of the outsourcing register data quality of regulatory reporting. Support related Onshore heads of OROs in definition of their entity Outsourcing the Risk profile. Perform Platform reporting: Produce a periodic report analysing the ICT and outsourcing operational risk management including the data quality indicators improvements and the LoD2 controls results analysis, Act as the secretary of the CICEP and COCEP steering committees process chaired by the Head of RISK ORM Network, Produce operational reporting (link with RISK ORM COE ISPL reporting stream). Contribute to the regular governance meetings. Issue periodic reports to related Onshore Heads of OROs, (i) on the service related to the CICEP and COCEP, through dedicated indicators (ii) on missions, including suggestions for Permanent Control Actions (PCAs). Participate and Support Operational Resilience program : Implementation of Group Operational resilience Policy at Territory/Region Level, including: Risk Oversight, Check and challenge, Response to Regulatory exams, Education and Awareness, Risk Opinion, Lead and participate in 1Lod Risk Assessment, IT Continuity Assessments for the Entity / Territory / Region, Participation and contribution to the Crisis Management exercise at Region and Group Level. Cyber Resilience and Fraud: Management of and contribution to Group communities related to Operational Resilience, Cyber Resilience and Cyber Fraud, Supporting and contributing to Group cyber anti-fraud program / projects. Third Party Technology Risk Management : Independent Assessment on TPTRM across different Group entities, Reviews of regulatory requirements impacting Third Party Technology Risk Management, Risk Opinion, review, check & challenge for baseline documents, procedures and policies, Check & challenge. Participate and Support Cyber & Payment Systems Risk Tech & Automation Center: PCA reviews: Oversight and monitoring of Permanent Control Actions, Validation of actions / evidences for action closure. Support, contribute and collaborate on the Technical Reviews/Testing Missions per the CPSRT annual Plan: Penetration Testing, Application Security Reviews, Technical Security Reviews, Payments Security reviews, Infrastructure Testing, Thematic Reviews, Support Regulatory reviews/inspections. Support Supervisory Affairs, Governance & Group Risk Profile: Policy and procedure reviews: Establish regular governance channels with 1LoD management regarding ICT risk framework policies, procedures and requirements, Provide RISK ORM Framework managers regular updates on the progress of ICT risk policies and procedures, Ensure RISK ORM involvement and high quality on the check and challenge of all new and updated 1LOD ICT risk framework policies, procedures and requirement, Consolidate and submit 2LOD check and challenge according to agreed due dates for each procedure. Participate to the RISK ID and Group ICAAP submission yearly Process : Attend kick-off meetings , Establish a project plan to ensure contributors are engaged and project timeline is met, Coordinate validation of material risks lists with Group CORO and ensure submission of the draft and final RISK ID and ICAAP contributions in accordance with the timeline. Responsibilities for RISK ORM ICT ( ORO & Extended ORO ): As described in the standard ORO mission statement, perform, if relevant and for the related supervised perimeter, ORO Mission contributing to the reinforcement of the second line of defence in terms of technological risks Supervise the deployment of the operational risk management framework for technological risks Pilot the major transformation programs, especially those linked to a recommendation from the Supervisor or to compliance with a regulatory provision (e.g. Control Monitoring Program, Third Party Risk Management, operational resilience, Cyberfraud Program, Cyberprogram, Data Leakage Protection Program). Ensure that operational risk regulations, norms, guidelines and methodologies are understood and implemented over time including, but not limited to: Governance: Contribute to ISPL ICC and support other territory/regional ICC (within scope of perimeters) to articulate the ICT risk profile of the pole/metier. Build ICT risk profiles through the execution of RCSA of the perimeters described above Carry out and supervise Independent analysis; Perform incident analysis; Ensure the use of Group operational risk management tools (e.g., 360 RiskOp) and related reporting; Build, in the framework of the associated Governance for technological risks : ICT RISK opinion, based notably on (i) 2nd level controls and independent analysis carried out, (ii) the robustness of the system put in place by the first line of defence which may, if necessary, lead to permanent control actions; A qualitative and quantitative monitoring of ICT historical incidents, including in particular an analysis of the most important of them and supervision of the associated action plans concerning the Technological risks (cyber-attacks, data integrity risks, ICT change risks (Projects and IT organisation, vulnerability management, identity & access management, ), risks linked to Cloud, digital assets & emerging technologies, AI, data leakage, Given the growing level of technology in Group's operational processes, contributes to the reinforcement of the second line of defence in terms of technological risks Ensure that the Governance relating to the management of operational risks (e.g. internal control committee) includes technological risk profiles. Strengthen the involvement of the second line of defence in the preparation of the Information Systems Strategic Committees (CSSI) and the major projects committees (CGP) and ensure their follow-up Develop the supervision of the identification and assessment of technological risks by the first line of defence including in particular: Technological risk assessment exercises achievement; The identification of critical and vital IT assets, and the assessment of the impacts of the risks relating to these assets on the Business processes The identification of critical third parties, and the assessment of the technological risks associated with their services as well as the impacts of the latter on the Business processes. Deployment of the methodology adopted by the Group in terms of operational resilience, in particular with regard to activities vital to the Group; Continuously improve the supervision of the collection of technological incidents within, ensuring that they are correctly documented and filled in the corresponding tools; Contribute to the implementation of second level controls in terms of technological risk Contribute to the development of Cyber and Operational Resilience communities Managerial Responsibilities . Active Team player with positive attitude to bring the team together irrespective of team responsibilities. Provide conducive work environment for a healthy working atmosphere in a competitive environment. Upskilling team members basis the skill matrix and PDP follow through. Promote training awareness, recognize team members, value their contribution, and provide opportunities for growth and mobility. Fair dealing with staff members on day-to-day business deliverables and ensure administrative aspects including attendance, training and continuous feedback are totally intact. Hiring team members with the right skill set, resolving conflicts, boost the team morale, create back up for perpetual succession and sustainable business delivery. Key stakeholder management with Beneficiaries, local management and 1st LOD is mandatory. Technical Qualification and Behavioural Competencies. Demonstrate experience of interacting or managing complex and multicultural organization & teams Demonstrate experience on leading or participating to Complex Program management at Regional or Group level ( like Operational resilience or Mutualized platform ) Good Knowledge of operational risks procedure & tooling and a strong Lod2 control or IT audit experience is important Good Knowledge of technological risks and their mitigant : cyber-attacks risks scenario , data integrity risks, IT risks related to changes (IT projects and organization, vulnerability management, access and identity, ), risks related to Cloud, digital assets and emerging technologies, data protection & leakage, etc. Knowledge of Outsourcing Risks and regulatory environment is a plus Good Knowledge of IT (tools, languages, architecture) following past experiences in a team in charge of technological processus or its supervision. Good Knowledge of BNPParibas Group, the different entity of the Group, RISK Organization and business is an important plus At least 10 years of relevant experience in risk management, control function, preferably with relevant exposure to consulting or audit background. Knowledge and experience in financial services, including end-to-end process flows and associate risks and controls, knowledge of banking products in the area of Corporate & Institutional Banking is an advantage -

About this role: Wells Fargo is seeking a Senior Information Security Engineer. In this role, you will: Lead or participate in computer security incident response activities for moderately complex events Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security Review and correlate security logs Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Required Qualifications: 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: 4+ years of demonstrated information security applications and systems experience 4+ years of demonstrated experience leveraging security technologies such as SIEM for security incident analysis 2+ years of demonstrated experience with at least one scripting language (preferably JavaScript and its frameworks Python) working on automation and engineering projects Proficiency in detection engineering developing and maintaining effective detection rules and correlation logic. Correlation searches, rules, alerts. Behavioral detections (e.g., brute-force, privilege escalation). Anomaly detections (e.g., unusual logon patterns, entropy-based detections). Hands-on experience with parsing configurations (props, transforms, regex, normalization techniques). Expertise in log source onboarding , source categorization, and enrichment. Strong understanding of security event types (firewall, endpoint, identity, cloud, SaaS logs). Familiarity with common attack vectors (credential abuse, privilege escalation, lateral movement). Knowledge of threat detection frameworks like MITRE ATT&CK, NIST, CIS . Ability to work with threat intelligence feeds to build contextual detections. Experience with log analysis , anomaly detection , and statistical detection methods. Proficient in developing content for SIEMs such as Splunk, Sentinel, QRadar, ArcSight, Elastic, etc. Optimize search performance and false positive tuning of existing detection rules. Maintain deployment workflows for apps, configurations, and detection packages across the SIEM infrastructure. Work with security analytics teams to develop data models or normalized schemas (CIM or equivalent). Job Expectations: Knowledge and understanding of banking or financial services industry Should possess understanding of security and threat landscape relevant to cloud technologies Excellent verbal, written, and interpersonal communication skills Strong ability to identify anomalous behavior on endpoint devices and/or network communications Advanced problem solving skills, ability to develop effective long-term solutions to complex problems Relevant certifications such as Splunk Certified Admin, Splunk Enterprise Security Certified Admin.

Position Summary We are seeking an experienced SOC Analyst to join our Security Operations team. This role demands an individual with a strong technical background in incident analysis, SIEM administration, and rule fine-tuning. The ideal candidate will have experience working with diverse environments, including Windows, Linux, and network security, and will be well-versed in ELK stack management and troubleshooting beats agents. Key Responsibilities 1. Incident Detection and Analysis: o Conduct deep-dive analysis on security incidents, assessing root causes, and recommending solutions. o Proactively monitor and respond to security alerts, managing incident escalation and resolution processes. o Prepare detailed reports and document incidents to support future analysis and security measures. 2. SIEM Administration and Rule Fine-Tuning: o Oversee SIEM configurations, including tuning rules to optimize alerting and reduce false positives. o Conduct SIEM platform upgrades, troubleshoot performance issues, and ensure platform availability. o Collaborate with IT teams to integrate new data sources into SIEM and enhance visibility. 3. System and Network Security: o Perform continuous monitoring and analysis across Windows and Linux systems and network infrastructures. o Utilize tools for traffic analysis, anomaly detection, and threat identification. o Support configurations and policies within the IT and network environment to strengthen security. 4. ELK Stack and Beats Agent Management: o Manage and troubleshoot ELK Stack components (Elasticsearch, Logstash, and Kibana) to ensure seamless data flow. o Perform regular maintenance and troubleshooting of beats agents, ensuring reliable log ingestion and parsing. 5. Security Policies and Compliance: o Contribute to policy updates, ensuring adherence to organizational and industry compliance standards. o Document and enforce security controls aligned with best practices and regulatory requirements. Skills and Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. Experience: o Minimum of 5+ years in SOC operations or a similar cybersecurity role. o Proven experience in SIEM administration, incident analysis, and configuration fine-tuning. o Proficiency in monitoring and troubleshooting Windows and Linux systems and managing network security protocols. o Hands-on experience with the ELK Stack, with expertise in troubleshooting beats agents. Technical Skills: o Familiarity with SIEM tools (e.g., Splunk, QRadar) and network protocols. o Strong command of incident response processes, security frameworks, and best practices. o Knowledge of communication protocols and system integrations for data protection. Certifications (preferred): CISSP, CompTIA Security+, CEH, or similar security certifications. Competencies Strong analytical skills with attention to detail. Excellent verbal and written communication abilities. Ability to work independently and collaboratively in a fast-paced environment. Additional Preferred Skills Knowledge of regulatory compliance standards. Experience in using EDR solutions. Ability to document processes and create incident playbooks. This role offers an opportunity to work on advanced cybersecurity initiatives within a dynamic SOC environment, contributing to enhanced organizational security.

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Integration Engineer Project Role Description : Provide consultative Business and System Integration services to help clients implement effective solutions. Understand and translate customer needs into business and technology solutions. Drive discussions and consult on transformation, the customer journey, functional/application designs and ensure technology and business solutions represent business requirements. Must have skills : Network Infrastructures Good to have skills : Incident ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Integration Engineer, you will provide consultative Business and System Integration services to assist clients in implementing effective solutions. Your typical day will involve engaging with clients to understand their needs, facilitating discussions on transformation, and ensuring that the technology and business solutions align with their requirements. You will work collaboratively with various teams to translate customer needs into actionable plans, driving the customer journey and application designs to achieve optimal outcomes. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate workshops and meetings to gather requirements and feedback from stakeholders.- Develop and maintain documentation related to integration processes and solutions.- Monitor the network infrastructure services and react upon alerts according to the operational procedures.- Conduct first level incident analysis.- Create, assign and follow-up on network infrastructure services incident tickets.- Support out of hours activities, participate to work in shifts (2) and to on-call rotations.- Strictly adhere to corporate processes, standards, policies and operational procedures.- Maintain documentation and operational procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Infrastructures.- Good To Have Skills: Experience with Incident Management.- Strong understanding of network protocols and architectures.- Experience with cloud-based integration solutions.- Familiarity with API management and integration platforms.- Excellent understanding of networking and connectivity technologies, and a general understanding of other IT infrastructure components.- Previous experience in a similar role (3 years).- Knowledge of ITSM and specifically of Incident Management. Additional Information:- The candidate should have minimum 5 years of experience in Network Infrastructures.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Integration Engineer Project Role Description : Provide consultative Business and System Integration services to help clients implement effective solutions. Understand and translate customer needs into business and technology solutions. Drive discussions and consult on transformation, the customer journey, functional/application designs and ensure technology and business solutions represent business requirements. Must have skills : Network Infrastructures Good to have skills : Incident ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Integration Engineer, you will provide consultative Business and System Integration services to assist clients in implementing effective solutions. Your typical day will involve engaging with clients to understand their needs, facilitating discussions on transformation, and ensuring that the technology and business solutions align with their requirements. You will work collaboratively with various teams to translate customer needs into actionable plans, driving the customer journey and functional designs to achieve optimal outcomes. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate workshops and meetings to gather requirements and feedback from stakeholders.- Develop and maintain documentation related to integration processes and solutions.- Monitor the network infrastructure services and react upon alerts according to the operational procedures.- Conduct first level incident analysis.- Create, assign and follow-up on network infrastructure services incident tickets.- Support out of hours activities, participate to work in shifts (2) and to on-call rotations.- Strictly adhere to corporate processes, standards, policies and operational procedures.- Maintain documentation and operational procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Infrastructures.- Good To Have Skills: Experience with Incident Management.- Strong understanding of network protocols and architectures.- Experience with cloud-based network solutions and services.- Familiarity with network security principles and practices.- Excellent understanding of networking and connectivity technologies, and a general understanding of other IT infrastructure components.- Previous experience in a similar role (3 years).- Knowledge of ITSM and specifically of Incident Management. Additional Information:- The candidate should have minimum 5 years of experience in Network Infrastructures.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

As Security Services Consultant, you are responsible for managing day to day operations of Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. What will you do * Responsible for implementation partner to see project on track along with providing required reports to management and client Handle the project as well as BAU operations while ensuring high level of systems security compliance Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. Analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 4+ years of experience in IT security with at least 3+ Years in SOC. Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM Working knowledge of industry standard risk, governance and security standard methodologies Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting Competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc. Preferred technical and professional experience One or more security certificationsCEH, Security+, GSEC, GCIH, etc., Ability to multitask and work independently with minimal direction and maximum accountability. Intuitive individual with an ability to manage change and proven time management Proven interpersonal skills while contributing to team effort by accomplishing related results as needed Up-to-date technical knowledge by attending educational workshops, reviewing publications

What this job involves: Being a forerunner of quality transport service: Reporting to the Operations Director, you will be at the helm of all things related to the transport network. In essence, you will provide uninterrupted transport service to our clients. Youll do this by ensuring that our fleet is available and on-the-go 24/7. Youll also see to it that backup plans are in place should the need arise. In addition, youll serve as the single point of contact for all transport network-related issues on the clients site. Youll also be in close contact with our clients to better understand their needs, and to develop specific and efficient transport procedures that incur savings in the process. As the go-to person, youll be in charge of ensuring regular vendor meetings and connect sessions. Youll also be on top of training, records and incident reports. Ensuring complete adherence to the Companys audit procedures is also under your mandate. Bringing the team together to deliver the objectives: Does teamwork come naturally to you If so, youre on the right path, as part of your scope is to promote collaboration to achieve our targets. As the person in charge, youll be on top of workload assignmentsmaking sure that responsibilities are delegated to the right team member. Likewise, youll carry out regular meetings to update the team on processes, leaves, and backup plans in place. Youll also conduct one-on-one catch-up sessions with each team member to keep them up to speed on their scope of work, conduct, and career development. Making massive progress across the board: Handling a senior role and a team of experts, theres no other way but up. In this role, youll ensure that progress is constant by sourcing and developing opportunities for the growth of a given account. Likewise, youll encourage team members to participate in training. Also, part of your scope is to make sure that the project meets its financial targets. Youll do this by ensuring that monthly accruals are sent on time and that costs are appropriately calculated and presented to the client. Youll also see to it that invoices are processed within the target date. A customer-service orientation at the core: At JLL, we take pride in our roster of talented experts and innovators in the fieldand we want you to be a part of our global family. If you are a seasoned leader who can easily adapt to a rapidly changing work environment, then you have what it takes to take on this senior role. At the core, the ideal candidate is a customer-centric individual with a flair for vendor management and customer service. Likewise, you must also possess strong planning and organisational skills, as well as exceptional written and oral communication skills. Being professional and possessing a positive attitude at all times may also help you land this job. What is required: Roles & Responsibilities: Managing Transport Daily Service Report (DSR) for PAN India, with consolidated data. Transport spent monthly. Transport Accruals. All locations visit weekly. Budget Vs actual discussion with the finance team. Daily Compliance report generation and sharing with all locations. Monthly compliance performance reports share with management review. All Invoices are validated before updating to Cluster leads and sharing with them for SE approval and finance team approval. Vendor billing, invoice, NDC closer every month monitoring. Transport internal audit planning. Arrival reports sharing with site team monitoring. Regular daily interaction with all location team members. Drivers, Supervisor weekly meeting. Vendor Managers & Proprietor monthly meeting. Chennai GSC, Chennai Sales, Hyderabad, Shamshabad, GSC, SEPFC, APW 1&2, IDF 1,2,3,4,5,8, Avinya Campus, Innovare, RGA, MVI, TBI, Mohali, Gurgaon, IDF 6&7 Rudrapur, Powai Mumbai, Kolkata Transport SLA contract, Meetings, Operations, and reports are to be monitored and updated. IFM meeting SIM meeting regular basis. MMR update for all locations. Monthly Transport committee meeting attending. DVC, NDVC & Contract employees details. Electric Vehicle (EV) vehicle managing and monitoring. Supported CMO audit with relevant documents. Incidents are closely monitored. Meetings with drivers, supervisors and vendor managers are to be conducted and bring awareness to the drivers while driving. Incident analysis with root causes, CAPA with fish bone analysis with corrective and preventive measures monitored and shared. All incidents to be captured and reported to the EHS team with corrective actions. Following statutory and legal compliance 100% and good catches. Every 6 months driver training should be conducted with external trainers. Vintage model vehicles are to be monitored as per SLA standards. Transport PO monitoring all locations. Transport Payment tracker and updates. JLL mandatory Training attending. Transport Benchmarking Interacting with Procurement for transport-related queries and sharing the observations. Transport Productivity. QBR-Supplier data update. All location KMS validation and audit with Grid chart. SPOT cab consolidated report from all locations. Employee transport survey conducted and requested employees to take part in the survey. Employees who gave negative feedback. Those issues are actioned immediately with rectified timely. Vehicle and driver documents expiry reports follow-ups and updates for all locations. Transport Arrival and departure monitoring of all locations. Transport escalation handling. Penalty for non-follow-ups of SLA and any deviations.

WHAT YOULL DO? Daily follow up on all vessels marine related performance and requirements. Monitor and follow daily vessel correspondence and provide feedback/assistance on marine issues. Analyze cargoes of fleet vessels to be loaded and provide proper guidance to Master. Provide any data required for vessel fixtures or any data requested by charterers. Work closely with TSI to improve and follow up on vessel deck maintenance. Ensure that the vessels are prepared for inspection. WHAT YOULL NEED? A minimum of a year experience as a Marine Superintendent onshore or a minimum of 10 years experience at sea with at least a year as a Master. An experience with Bulk vessels. A proven background in the maritime industry. Excellent interpersonal skill WHO YOU ARE? Responsible and diligent team player. Well experienced in a diversified fleet. Well-organized and highly motivated.

We are looking for a content development engineer or L2 level SOC SIEM engineer with hands-on experience in developing new rules, use cases based on various log sources including Cloud Security log sources and integrating various log sources with SIEM Platform. Roles and Responsibilities: Creating and implementing new threat detection content, rules and use cases to deploy in SIEM platform with different data sets like Proxy, VPN, Firewall, DLP, etc. Assisting with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions. Developing custom content based on threat intelligence and threat hunting results. Identifying gaps in the existing security controls and develop/propose new security controls. SIEM Engineering and knowledge of integrating various log sources with any SIEM platform. Custom parsing of logs being ingested into the SIEM Platform 3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc-sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd-strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Preferred : Understanding of MITRE ATT&CK framework. Demonstrable experience in Use case /rule creation on any SIEM Platform. Chronicle Backstory/ YARA / Crowds trike rules is a plus. Location: Pan India

3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Understanding of MITRE ATT&CK framework. Location: Pan India

The primary responsibility of this role is to provide advanced incident analysis and management within our SOC environment, while also leading the development and training of the L1 SOC team in incident analysis, parsers creation, rule views, and report management. The ideal candidate will have a strong background in cybersecurity, incident response, and leadership skills. Responsibilities: Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered. Minimum of 3 years of experience in a SOC environment, with a focus on incident analysis and response. Strong understanding of cybersecurity principles, including threat detection, malware analysis, and vulnerability management. Experience with SIEM platforms (e.g., Securonix, QRadar) and familiarity with creating and managing parsers and rule views. Leadership experience, with the ability to mentor and motivate team members effectively. Excellent communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders.

Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities.