8.0 - 10.0 years

0 Lacs

bengaluru, karnataka, india

On-site

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you'd like, where you'll be supported and inspired by a collaborative community of colleagues around the world, and where you'll be able to reimagine what's possible. Join us and help the world's leading organizations unlock the value of technology and build a more sustainable, more inclusive world. Your Role We are seeking a highly skilled and experienced SOC Lead / L3 Analyst with deep expertise in SIEM platform engineering , log integration , security incident management , and advanced threat detection with 8+ years of experience for Bangalore location . The ideal candidate will lead critical security incidents, guide junior analysts, and contribute to the strategic evolution of security operations through technology evaluations and process enhancements. Design, implement, and manage SIEM platforms including log ingestion, parsing, normalization, and correlation. Develop and maintain SIEM dashboards, alerts, and reports to support threat detection and compliance. Oversee production management of SIEM infrastructure ensuring high availability and performance. Integrate logs from diverse sources including network devices, endpoints, cloud platforms, and applications. Collaborate with engineering and operations teams to ensure seamless SIEM deployment and maintenance. Lead and manage high-priority and critical security incidents, ensuring timely resolution and documentation. Provide expert guidance to L1/L2 SOC analysts on complex investigations and escalations. Conduct forensic analysis, threat hunting, and deep-dive investigations using tools like EDR, IPS, DLP, etc. Contribute to the development and refinement of incident response runbooks and playbooks. Align detection strategies with frameworks such as MITRE ATT&CK and other industry standards. Identify and close security gaps through mitigation strategies and track remediation efforts to closure. Your Profile Collaborate with regional SOC and CERT teams for coordinated incident response and threat intelligence sharing. Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight, Sentinel). Strong knowledge of security technologies: EDR, IPS, DLP, forensic tools, threat intelligence platforms and familiarity with MITRE ATT&CK, NIST, ISO 27001, and other security frameworks. Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.

Posted 1 day ago

Apply

Azure Sentinel Security Engineer Acesoft Labs

3.0 - 7.0 years

9 - 13 Lacs

Bengaluru

Hybrid

Azure Sentinel Security Engineer Responsibilities: Logging and Auditing: Monitor and audit cloud infrastructure using Azure Sentinel. Automated Workflows: Develop and maintain automated workflows for security operations. Threat Intelligence: Integrate threat intelligence feeds into Sentinel analytics and SOAR. Incident Response: Develop incident response use cases and remediation recommendations. Log Integration: Integrate security logs into Azure Log Analytics Workspace. Collaboration: Work collaboratively with team members and stakeholders to ensure effective communication and project success. Documentation: Maintain comprehensive documentation related to Azure Sentinel configurations and processes. Technical Knowledge: Expertise in Azure Sentinel, Defender, and other Microsoft security tools. Proficiency in scripting languages such as Python or PowerShell. Strong knowledge of Azure security services and governance. Creation of Sentinel Playbooks & dashboards for platform monitoring. Ingesting of various types of Syslog data, Network devices via Api's etc. along with appropriate DCRs. Experience with device onboarding, developing SIEM content and using KQL (Kusto Query Language). Develop and maintain relevant custom scripts/connectors for various device integration. Familiarity in working & Creation of new SOC Run Books. Experience in other SIEM tools like ArcSight/Qradar/Splunk. Certifications such as Microsoft Certified: Azure Security Engineer Associate or similar. Share your resume to : sowmya.v@acesoftlabs.com

Posted 2 months ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.