73 Incident Analysis Jobs - Page 3

Project Role : Integration Engineer Project Role Description : Provide consultative Business and System Integration services to help clients implement effective solutions. Understand and translate customer needs into business and technology solutions. Drive discussions and consult on transformation, the customer journey, functional/application designs and ensure technology and business solutions represent business requirements. Must have skills : Network Infrastructures Good to have skills : Incident ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Integration Engineer, you will provide consultative Business and System Integration services to assist clients in implementing effective solutions. Your typical day will involve engaging with clients to understand their needs, facilitating discussions on transformation, and ensuring that the technology and business solutions align with their requirements. You will work collaboratively with various teams to translate customer needs into actionable plans, driving the customer journey and functional designs to achieve optimal outcomes. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate workshops and meetings to gather requirements and feedback from stakeholders.- Develop and maintain documentation related to integration processes and solutions.- Monitor the network infrastructure services and react upon alerts according to the operational procedures.- Conduct first level incident analysis.- Create, assign and follow-up on network infrastructure services incident tickets.- Support out of hours activities, participate to work in shifts (2) and to on-call rotations.- Strictly adhere to corporate processes, standards, policies and operational procedures.- Maintain documentation and operational procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Infrastructures.- Good To Have Skills: Experience with Incident Management.- Strong understanding of network protocols and architectures.- Experience with cloud-based network solutions and services.- Familiarity with network security principles and practices.- Excellent understanding of networking and connectivity technologies, and a general understanding of other IT infrastructure components.- Previous experience in a similar role (3 years).- Knowledge of ITSM and specifically of Incident Management. Additional Information:- The candidate should have minimum 5 years of experience in Network Infrastructures.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

As Security Services Consultant, you are responsible for managing day to day operations of Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. What will you do * Responsible for implementation partner to see project on track along with providing required reports to management and client Handle the project as well as BAU operations while ensuring high level of systems security compliance Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. Analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 4+ years of experience in IT security with at least 3+ Years in SOC. Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM Working knowledge of industry standard risk, governance and security standard methodologies Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting Competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc. Preferred technical and professional experience One or more security certificationsCEH, Security+, GSEC, GCIH, etc., Ability to multitask and work independently with minimal direction and maximum accountability. Intuitive individual with an ability to manage change and proven time management Proven interpersonal skills while contributing to team effort by accomplishing related results as needed Up-to-date technical knowledge by attending educational workshops, reviewing publications

What this job involves: Being a forerunner of quality transport service: Reporting to the Operations Director, you will be at the helm of all things related to the transport network. In essence, you will provide uninterrupted transport service to our clients. Youll do this by ensuring that our fleet is available and on-the-go 24/7. Youll also see to it that backup plans are in place should the need arise. In addition, youll serve as the single point of contact for all transport network-related issues on the clients site. Youll also be in close contact with our clients to better understand their needs, and to develop specific and efficient transport procedures that incur savings in the process. As the go-to person, youll be in charge of ensuring regular vendor meetings and connect sessions. Youll also be on top of training, records and incident reports. Ensuring complete adherence to the Companys audit procedures is also under your mandate. Bringing the team together to deliver the objectives: Does teamwork come naturally to you If so, youre on the right path, as part of your scope is to promote collaboration to achieve our targets. As the person in charge, youll be on top of workload assignmentsmaking sure that responsibilities are delegated to the right team member. Likewise, youll carry out regular meetings to update the team on processes, leaves, and backup plans in place. Youll also conduct one-on-one catch-up sessions with each team member to keep them up to speed on their scope of work, conduct, and career development. Making massive progress across the board: Handling a senior role and a team of experts, theres no other way but up. In this role, youll ensure that progress is constant by sourcing and developing opportunities for the growth of a given account. Likewise, youll encourage team members to participate in training. Also, part of your scope is to make sure that the project meets its financial targets. Youll do this by ensuring that monthly accruals are sent on time and that costs are appropriately calculated and presented to the client. Youll also see to it that invoices are processed within the target date. A customer-service orientation at the core: At JLL, we take pride in our roster of talented experts and innovators in the fieldand we want you to be a part of our global family. If you are a seasoned leader who can easily adapt to a rapidly changing work environment, then you have what it takes to take on this senior role. At the core, the ideal candidate is a customer-centric individual with a flair for vendor management and customer service. Likewise, you must also possess strong planning and organisational skills, as well as exceptional written and oral communication skills. Being professional and possessing a positive attitude at all times may also help you land this job. What is required: Roles & Responsibilities: Managing Transport Daily Service Report (DSR) for PAN India, with consolidated data. Transport spent monthly. Transport Accruals. All locations visit weekly. Budget Vs actual discussion with the finance team. Daily Compliance report generation and sharing with all locations. Monthly compliance performance reports share with management review. All Invoices are validated before updating to Cluster leads and sharing with them for SE approval and finance team approval. Vendor billing, invoice, NDC closer every month monitoring. Transport internal audit planning. Arrival reports sharing with site team monitoring. Regular daily interaction with all location team members. Drivers, Supervisor weekly meeting. Vendor Managers & Proprietor monthly meeting. Chennai GSC, Chennai Sales, Hyderabad, Shamshabad, GSC, SEPFC, APW 1&2, IDF 1,2,3,4,5,8, Avinya Campus, Innovare, RGA, MVI, TBI, Mohali, Gurgaon, IDF 6&7 Rudrapur, Powai Mumbai, Kolkata Transport SLA contract, Meetings, Operations, and reports are to be monitored and updated. IFM meeting SIM meeting regular basis. MMR update for all locations. Monthly Transport committee meeting attending. DVC, NDVC & Contract employees details. Electric Vehicle (EV) vehicle managing and monitoring. Supported CMO audit with relevant documents. Incidents are closely monitored. Meetings with drivers, supervisors and vendor managers are to be conducted and bring awareness to the drivers while driving. Incident analysis with root causes, CAPA with fish bone analysis with corrective and preventive measures monitored and shared. All incidents to be captured and reported to the EHS team with corrective actions. Following statutory and legal compliance 100% and good catches. Every 6 months driver training should be conducted with external trainers. Vintage model vehicles are to be monitored as per SLA standards. Transport PO monitoring all locations. Transport Payment tracker and updates. JLL mandatory Training attending. Transport Benchmarking Interacting with Procurement for transport-related queries and sharing the observations. Transport Productivity. QBR-Supplier data update. All location KMS validation and audit with Grid chart. SPOT cab consolidated report from all locations. Employee transport survey conducted and requested employees to take part in the survey. Employees who gave negative feedback. Those issues are actioned immediately with rectified timely. Vehicle and driver documents expiry reports follow-ups and updates for all locations. Transport Arrival and departure monitoring of all locations. Transport escalation handling. Penalty for non-follow-ups of SLA and any deviations.

WHAT YOULL DO? Daily follow up on all vessels marine related performance and requirements. Monitor and follow daily vessel correspondence and provide feedback/assistance on marine issues. Analyze cargoes of fleet vessels to be loaded and provide proper guidance to Master. Provide any data required for vessel fixtures or any data requested by charterers. Work closely with TSI to improve and follow up on vessel deck maintenance. Ensure that the vessels are prepared for inspection. WHAT YOULL NEED? A minimum of a year experience as a Marine Superintendent onshore or a minimum of 10 years experience at sea with at least a year as a Master. An experience with Bulk vessels. A proven background in the maritime industry. Excellent interpersonal skill WHO YOU ARE? Responsible and diligent team player. Well experienced in a diversified fleet. Well-organized and highly motivated.

We are looking for a content development engineer or L2 level SOC SIEM engineer with hands-on experience in developing new rules, use cases based on various log sources including Cloud Security log sources and integrating various log sources with SIEM Platform. Roles and Responsibilities: Creating and implementing new threat detection content, rules and use cases to deploy in SIEM platform with different data sets like Proxy, VPN, Firewall, DLP, etc. Assisting with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions. Developing custom content based on threat intelligence and threat hunting results. Identifying gaps in the existing security controls and develop/propose new security controls. SIEM Engineering and knowledge of integrating various log sources with any SIEM platform. Custom parsing of logs being ingested into the SIEM Platform 3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc-sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd-strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Preferred : Understanding of MITRE ATT&CK framework. Demonstrable experience in Use case /rule creation on any SIEM Platform. Chronicle Backstory/ YARA / Crowds trike rules is a plus. Location: Pan India

3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Understanding of MITRE ATT&CK framework. Location: Pan India

The primary responsibility of this role is to provide advanced incident analysis and management within our SOC environment, while also leading the development and training of the L1 SOC team in incident analysis, parsers creation, rule views, and report management. The ideal candidate will have a strong background in cybersecurity, incident response, and leadership skills. Responsibilities: Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered. Minimum of 3 years of experience in a SOC environment, with a focus on incident analysis and response. Strong understanding of cybersecurity principles, including threat detection, malware analysis, and vulnerability management. Experience with SIEM platforms (e.g., Securonix, QRadar) and familiarity with creating and managing parsers and rule views. Leadership experience, with the ability to mentor and motivate team members effectively. Excellent communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders.

Advanced Incident Analysis: Utilize advanced tools and techniques to analyze and investigate security incidents detected within the organization's networks and systems. Incident Response: Lead incident response efforts, coordinating with internal and external stakeholders to mitigate and remediate security incidents promptly. Team Leadership: Provide mentorship and guidance to the L1 SOC team, assisting in the development of their skills in incident analysis, parser creation, rule views, and report management. Parser Creation: Develop and maintain parsers to enhance the capability of the SOC's security information and event management (SIEM) system in detecting and correlating security events. Rule View Management: Manage and optimize rule views within the SIEM platform to ensure accurate and timely detection of security threats. Report Management: Oversee the generation and distribution of security reports, including incident reports, trend analysis, and recommendations for improvement. Collaboration: Work closely with other teams within the organization, including IT operations, network engineering, and application development, to improve overall security posture and incident response capabilities.

Job Information Job Opening ID ZR_1924_JOB Date Opened 06/05/2023 Industry Technology Job Type Work Experience 5-8 years Job Title Splunk Content Development City Chennai Province Tamil Nadu Country India Postal Code 600001 Number of Positions 5 We are looking for a content development engineer or L2 level SOC SIEM engineer with hands-on experience in developing new rules, use cases based on various log sources including Cloud Security log sources and integrating various log sources with SIEM Platform. Roles and Responsibilities: Creating and implementing new threat detection content, rules and use cases to deploy in SIEM platform with different data sets like Proxy, VPN, Firewall, DLP, etc. Assisting with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions. Developing custom content based on threat intelligence and threat hunting results. Identifying gaps in the existing security controls and develop/propose new security controls. SIEM Engineering and knowledge of integrating various log sources with any SIEM platform. Custom parsing of logs being ingested into the SIEM Platform Job : 3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc-sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd-strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Preferred : Understanding of MITRE ATT&CK framework. Demonstrable experience in Use case /rule creation on any SIEM Platform. Chronicle Backstory/ YARA / Crowds trike rules is a plus. Location: Pan India check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Job Information Job Opening ID ZR_1902_JOB Date Opened 29/04/2023 Industry Technology Job Type Work Experience 5-8 years Job Title SIEM - Splunk Content Developer City Chennai Province Tamil Nadu Country India Postal Code 600089 Number of Positions 5 3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Understanding of MITRE ATT&CK framework. Location: Pan India check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Job Title Cybersecurity Lead Incident Management Network Security Signature Writing Job Summary The Cybersecurity Lead will manage the Incident Management Network Security Signature Writing team This role involves overseeing incident response and signature development direct stakeholder management team management and project management The ideal candidate will have a strong background in cybersecurity incident response and network security with excellent communication and leadership skills Key Responsibilities Incident Monitoring and Response Monitor security alerts and incidents respond promptly and escalate as needed Threat Analysis and Detection Investigate security incidents develop detection rules and signatures Signature Development Create signatures for vulnerabilities and perform vulnerability hunting Tool Management Deploy configure and manage NDR tools Alert Tuning and Optimization Optimize alerts to reduce false positives Reporting and Documentation Document and report on security incidents Research and Development Stay updated with cybersecurity trends and improve detection capabilities Stakeholder Management Engage with stakeholders and manage escalated issues Team Management Lead and support the team Project Management Oversee projects related to incident response and signature development Preferred Skills Experience with Microsoft Defender or similar endpoint protection solutions Strong understanding of endpoint and network security threat detection and response Proficiency with SIEM platforms and scripting languages Knowledge of network protocols firewall rules and intrusion detection prevention systems Familiarity with advanced persistent threats threat hunting and incident response frameworks Understanding of IPSIDS signatures and Rapid7 recog signatures Good to have malware and threat analysis and CVE hunting This role operates within a 24x7x365 environment requiring flexibility for shifts holidays and on call responsibilities.

Position Summary We are seeking an experienced SOC Analyst to join our Security Operations team. This role demands an individual with a strong technical background in incident analysis, SIEM administration, and rule fine-tuning. The ideal candidate will have experience working with diverse environments, including Windows, Linux, and network security, and will be well-versed in ELK stack management and troubleshooting beats agents. Key Responsibilities 1. Incident Detection and Analysis: o Conduct deep-dive analysis on security incidents, assessing root causes, and recommending solutions. o Proactively monitor and respond to security alerts, managing incident escalation and resolution processes. o Prepare detailed reports and document incidents to support future analysis and security measures. 2. SIEM Administration and Rule Fine-Tuning: o Oversee SIEM configurations, including tuning rules to optimize alerting and reduce false positives. o Conduct SIEM platform upgrades, troubleshoot performance issues, and ensure platform availability. o Collaborate with IT teams to integrate new data sources into SIEM and enhance visibility. 3. System and Network Security: o Perform continuous monitoring and analysis across Windows and Linux systems and network infrastructures. o Utilize tools for traffic analysis, anomaly detection, and threat identification. o Support configurations and policies within the IT and network environment to strengthen security. 4. ELK Stack and Beats Agent Management: o Manage and troubleshoot ELK Stack components (Elasticsearch, Logstash, and Kibana) to ensure seamless data flow. o Perform regular maintenance and troubleshooting of beats agents, ensuring reliable log ingestion and parsing. 5. Security Policies and Compliance: o Contribute to policy updates, ensuring adherence to organizational and industry compliance standards. o Document and enforce security controls aligned with best practices and regulatory requirements. Skills and Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. Experience: o Minimum of 5+ years in SOC operations or a similar cybersecurity role. o Proven experience in SIEM administration, incident analysis, and configuration fine-tuning. o Proficiency in monitoring and troubleshooting Windows and Linux systems and managing network security protocols. o Hands-on experience with the ELK Stack, with expertise in troubleshooting beats agents. Technical Skills: o Familiarity with SIEM tools (e.g., Splunk, QRadar) and network protocols. o Strong command of incident response processes, security frameworks, and best practices. o Knowledge of communication protocols and system integrations for data protection. Certifications (preferred): CISSP, CompTIA Security+, CEH, or similar security certifications. Competencies Strong analytical skills with attention to detail. Excellent verbal and written communication abilities. Ability to work independently and collaboratively in a fast-paced environment. Additional Preferred Skills Knowledge of regulatory compliance standards. Experience in using EDR solutions. Ability to document processes and create incident playbooks. This role offers an opportunity to work on advanced cybersecurity initiatives within a dynamic SOC environment, contributing to enhanced organizational security. Keywords SIEM administration,incident analysis,configuration fine-tuning,Windows,Linux,network security protocols,ELK Stack,troubleshooting beats agents,Splunk,Qradar,EDR solutions,Cybersecurity* Mandatory Key Skills SIEM administration,incident analysis,configuration fine-tuning,Windows,Linux,network security protocols,ELK Stack,troubleshooting beats agents,Splunk,Qradar,EDR solutions,Cybersecurity*

About The Role Key responsibilities Technical Lead JD to drive high Priority/high business Impact Incidents- Role Purpose As a technical lead handling a high-priority incident, your primary responsibilities include rapid diagnosis, devising a remediation strategy, coordinating with other teams, and ensuring efficient implementation of the fix to minimize disruption and restore services. ? Responsibilities: Rapid Diagnosis and Root Cause Analysis: Quickly identify the nature and scope of the incident and categorised the priority of incident. Determine the root cause(s) of the problem. Gather relevant data and information from logs, monitoring tools, and other source Remediation Strategy Development: Develop a plan to address the issue, considering potential impacts and risks. Determine the best course of action for restoring services. Identify necessary resources and dependencies Coordination and Communication: Act as a central point of contact for technical aspects of the incident. Collaborate with other teams (e.g., Data Center, Network, security, EUC, Tools) to ensure a coordinated response. Keep stakeholders informed of the incident's status and progress. Implementation and Monitoring: Oversee the implementation of the remediation plan. Monitor the system to ensure that the issue is resolved, and services are restored with in SLA. Document the incident, its resolution, and lessons learned. Escalation and Decision-Making: Know when to escalate the incident to higher levels of management. Make timely and informed decisions regarding resource allocation and incident resolution. Post-Incident Analysis: Conduct a thorough post-incident review to identify areas for improvement in incident response processes. Preparing RCA and alignment with root cause, Business Impact and business outage. Document lessons learned and implemented changes to prevent similar incidents in the future. Mandatory Skills: Technical Consulting. Experience>10 YEARS. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

6-10 yrs experience in Incident Management preferably or Production support Good communication and collaboration skills Technical skills prefered with Unix and Sql experience with Core Java Proficient in analysing Incidents/issues and troubleshooting with multiple teams Incident Dashboard Monitoring and call Driving with App Managers - Daily 1 call For any P1 and P2 incident, need to drive MIM and Traige call to resolve issue within time frame Incident analysis and Suppression for unwanted one. Daily management reports and PPT based on adhoc request. For P3 incident open a internal call to resolve issue. for P4 Incidents, chase team to resolve it. For Deployment, initiate Start and Completion Notification mail.

B.E./ Diploma Engr/ Diploma in Health & Safety.Plant Inspection (Find Unsafe Condition, Unsafe act),Near miss.Documentation.Upkeep of ETP/STP.Risk & Hazard assessment.Job Safety Analysis.Safety Training for employees.Celebrate Safety Week /Calendar Required Candidate profile . Root Cause Analysis of Incident, accident. Inspection of Fire Hydrant ,fire extinguishers.. Legal Requirement.First aid record.PPE Adherence.Should work in Tier-1, ISO 45001 & 14001 environment

Your Role and Responsibilities* * Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Professional and Technical Expertise* * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience Preferred Professional and Technical Expertise * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 8+ years of IT experience in security with at least 4+ Years in Security Operation centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. in Computer Science or IT * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation * SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting * Ability to multitask and work independently with minimal direction and maximum accountability Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH. * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work. * Intuitive individual with an ability to manage change and proven time management. * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed. * Up-to-date technical knowledge by attending educational workshops, reviewing publications.

We are looking for a content development engineer or L2 level SOC SIEM engineer with hands-on experience in developing new rules, use cases based on various log sources including Cloud Security log sources and integrating various log sources with SIEM Platform. Roles and Responsibilities: Creating and implementing new threat detection content, rules and use cases to deploy in SIEM platform with different data sets like Proxy, VPN, Firewall, DLP, etc. Assisting with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions. Developing custom content based on threat intelligence and threat hunting results. Identifying gaps in the existing security controls and develop/propose new security controls. SIEM Engineering and knowledge of integrating various log sources with any SIEM platform. Custom parsing of logs being ingested into the SIEM Platform Job Requirements: 3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc-sight /QRadar/Nitro ESM/etc. Deep understanding of MITRE ATT&CK Framework. Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools. Good understanding of networking concepts. Experience interpreting, searching, and manipulating data within enterprise logging solutions (e.g. SIEM, IT Service Management (ITSM) tools, workflow, and automation) In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence. Ability to identify gaps in the existing security controls. Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content. Experience on EDR tools like Crowd-strike and good understanding on TTPs like Process Injection. Excellent communication, listening & facilitation skills Ability to demonstrate an investigative mindset. Excellent problem-solving skills. Preferred : Understanding of MITRE ATT&CK framework. Demonstrable experience in Use case /rule creation on any SIEM Platform. Chronicle Backstory/ YARA / Crowds trike rules is a plus. Location: Pan India

IBM Software Support Organization is seeking a Technical Support Professional to join our team! IBM Software Technical Support Engineers take pride in helping customers by solving problems and answering questions both large and small. Support Engineers develop a mastery of our different products and use that knowledge to enable customers to overcome problems while sharing best practices. This important role is a hub within the company. Technical Support Engineers take questions, issues, and feedback from users and work with Solution Architects, Product Management and Engineering to continuously improve our solutions. Additionally, Technical Support Engineers are encouraged and provided the opportunity to hone their technical skills and deepen their knowledge. Areas of responsibility include: Engage on cases effectively in a timely manner working as part of a Global 24X7 team. Work closely with Engineering and Operations on resolving escalated cases. Educate customers to help them become product experts. Write knowledge base articles based on customer questions. Develop and maintain strong customer relationships. Provide technical engineering support, as part of our Technical Support Team, to resolve customer issues by performing diagnostics, performance optimization, incident analysis, solution partner recommendations, and product knowledge transfer. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Passion for customer care and customer satisfaction and self-motivated towards meeting agreed goals. Technical Troubleshooting and Investigative skills on functional, operational and deployment aspects of TRIRIGA Knowledge of Network HAR Files and Database logs and analysis tools to identify performance bottlenecks and Optimize Performance Good spoken and written communication skills along with ability to collaborate with the team, act as a team player and lead Technical Investigations. 7+ years of previous experience in a customer facing Technical Support/Development/SRE/Testing role with experience in TRIRIGA Good knowledge of Cloud technologies (Red Hat OpenShift/Azure/Kubernetes). A successful track record in developing and managing customer relationships. EnglishFluent. Preferred technical and professional experience You would make a great addition to our team if you have great skills in some of the following: Experience in shell scripting and programming languages such as Java, C++. Proficient in Windows/Linux operation system. Experience in Databases including MongoDB, DB2/Oracle/SQL Server. Understanding of the application development projects and Administration knowledge of Application Servers(TWAS, Liberty). Working knowledge or Understanding of web technologies and/or data analytics

* Lead Incident Response (IR): * Act as the Subject matter expert for security incidents. * Analyze and respond to security breaches, perform root cause analysis, and coordinate remediation efforts. * Provide leadership during incident investigations, ensuring rapid and thorough handling. * SOC Automation & Integration: * Leverage Python scripting and Palo Alto XSOAR to automate security processes, streamline incident response, and enhance detection capabilities. * Design, implement, and maintain playbooks within XSOAR to address emerging security threats. * Threat Hunting & Monitoring: * Proactively perform threat hunting activities to detect advanced threats that may bypass existing security solutions. * Leverage both internal and external threat intelligence to identify and mitigate potential security risks. * OSINT Utilization: * Utilize Open-Source Intelligence (OSINT) techniques to gather and analyze publicly available information for early identification of threats. * Collaboration & Communication: * Collaborate with other teams (IT, legal, risk) to align incident response strategies. * Clearly communicate complex security issues to both technical and non-technical stakeholders through reports and presentations. * Provide security awareness training and mentoring to SOC analysts and other team members. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 6+ years of experience in IT security with SOC Operations * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting * Competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc * Expertise in Python scripting and Palo-alto XSOAR

IBM Software Support Organization is seeking a Technical Support Professional to join our team! IBM Software Technical Support Engineers take pride in helping customers by solving problems and answering questions both large and small. Support Engineers develop a mastery of our different products and use that knowledge to enable customers to overcome problems while sharing best practices. This important role is a hub within the company. Technical Support Engineers take questions, issues, and feedback from users and work with Solution Architects, Product Management and Engineering to continuously improve our solutions. Additionally, Technical Support Engineers are encouraged and provided the opportunity to hone their technical skills and deepen their knowledge. Areas of responsibility include: Engage on cases effectively in a timely manner working as part of a Global 24X7 team. Work closely with Engineering and Operations on resolving escalated cases. Educate customers to help them become product experts. Write knowledge base articles based on customer questions. Develop and maintain strong customer relationships. Provide technical engineering support, as part of our Technical Support Team, to resolve customer issues by performing diagnostics, performance optimization, incident analysis, solution partner recommendations, and product knowledge transfer. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Passion for customer care and customer satisfaction and self-motivated towards meeting agreed goals. Technical Troubleshooting and Investigative skills on functional, operational and deployment aspects of TRIRIGA Knowledge of Network HAR Files and Database logs and analysis tools to identify performance bottlenecks and Optimize Performance Good spoken and written communication skills along with ability to collaborate with the team, act as a team player and lead Technical Investigations. 7+ years of previous experience in a customer facing Technical Support/Development/SRE/Testing role with experience in TRIRIGA Good knowledge of Cloud technologies (Red Hat OpenShift/Azure/Kubernetes). A successful track record in developing and managing customer relationships. EnglishFluent. Preferred technical and professional experience You would make a great addition to our team if you have great skills in some of the following: Experience in shell scripting and programming languages such as Java, C++. Proficient in Windows/Linux operation system. Experience in Databases including MongoDB, DB2/Oracle/SQL Server. Understanding of the application development projects and Administration knowledge of Application Servers(TWAS, Liberty). Working knowledge or Understanding of web technologies and/or data analytics

Warm Greetings from SP Staffing!! Role :SOC Analyst Experience Required :8 to 12 yrs Work Location :Bangalore Required Skills, L3 Incident Management Edr SIEM Threat intelligence Interested candidates can send resumes to nandhini.spstaffing@gmail.com