56 Log Management Jobs - Page 3

KEY Capabilities Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc. Perform remote and on-site gap assessment of the SIEM solution. Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Conduct interview with stakeholders, review documents (SOPs, Architecture diagrams etc.) Evaluate SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Understand customer requirements and recommend best practices for SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operations Design and document a SIEM solution to meet the customer needs Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEM Experience in handling big data integration via Splunk Expertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc.) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Experience in installation, configuration and usage of premium Splunk Apps and Add-ons such as ES App, UEBA, ITSI etc Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Work with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification and prioritization recommendations Experience in creating custom commands, custom alert action, adaptive response actions etc. Qualification & experience Minimum of 3 to 6 years experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Must have knowledge of Vulnerability Management, Windows and Linux basics including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting. Good to have below mentioned experience with designing and implementation of Splunk with a focus on IT Operations, Application Analytics, User Experience, Application Performance and Security Management Multiple cluster deployments & management experience as per Vendor guidelines and industry best practices Troubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issues Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline will be an added advantage.

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About the Role We are seeking a skilled SIEM Administrator to manage and optimize different SIEM solutions. The ideal candidate will be responsible for system administration, log integration, troubleshooting, Deployment, Implementation and maintaining security posture for the organization. Key Responsibilities SIEM Administration: Install, configure, maintain, and upgrade SIEM components. (IBM Qradar SIEM, DNIF, Splunk & Securonix). Log Management: Onboard, parse, and normalize logs from various data sources (firewalls, servers, databases, applications, etc.) Custom log source integration and parser development. System Monitoring & Troubleshooting: Ensure SIEM tools are functioning optimally. Monitor & regular health check perform for SIEM tools. troubleshoot system errors and resolve performance issues. Conduct regular performance tuning and capacity planning Perform root cause analysis for system failures & performance issues. Optimize system performance and storage management for SIEM Integration & Automation : Integrate third-party security tools (firewalls, EDR, threat intelligence feeds) with SIEM. Compliance & Audits: Ensure log retention policies comply with regulatory standards. Develop & enforce SIEM access controls & user roles/permissions. Documentation & Training: Document system configurations, SOP s & troubleshooting documents. Prepare monthly/ weekly reports and PPT, onboarding documentation as per business/ client requirement. Dashboard & Report Development: Create & maintain custom dashboards & reports Optimize searches & reports for performance and efficiency. Other Knowledge Base: Hands on experience with Linux OS & Windows OS Basic to mediator level knowledge in networking skills Should be familiar with Azure, AWS or GCP products Required Skills & Qualifications: B.E/B.Tech degree in computer science, Cybersecurity, or related field (preferred). 1-3 years experience as Soc Admin Strong knowledge of SIEM architecture, log sources, and event correlation. Proficiency in log management, regular expressions, and network security concepts. Experience integrating SIEM with various security tools (firewalls, IDS/IPS, antivirus, etc.). Scripting knowledge (Python, Bash, or PowerShell) is a plus. Training or Certificate on Splunk or IBM Qradar Preferred. Soft Skills: Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Ability to work independently and in a team. Must Have Skills: Hands-on experience with SIEM tools like IBM QRadar, Splunk, Securonix, LogRhythm, Microsoft Sentinel, DNIF etc. Proficiency in IBM Qradar & Splunk administration Configuring, maintaining, and troubleshooting SIEM solutions. Log source integration, parsing, and normalization. Strong knowledge of TCP/IP, DNS, HTTP, SMTP, FTP, VPNs, proxies, and firewall rules. Familiarity with Linux and Windows system administration. Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you re passionate about technology and eager to make an impact, we d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.

Key Responsibilities: WebLogic Server Administration: Installation, configuration, tuning, and troubleshooting of Oracle WebLogic Server. Deploy and manage Java-based applications on WebLogic. Perform regular health checks, patching, and upgrades for WebLogic environments. Application Support: Collaborate with development and operations teams to deploy and manage banking applications. Ensure application uptime and minimize downtime through proactive monitoring and alerting. Troubleshoot and resolve WebLogic-related issues in production and non-production environments. Performance Tuning and Optimization: Monitor and analyze the performance of WebLogic and Java applications. Implement and configure performance-enhancing measures such as load balancing, clustering, and JVM tuning. Security and Compliance: Implement and enforce security policies for WebLogic Server, including user authentication, authorization, SSL configurations, and encryption standards. Ensure compliance with internal and regulatory requirements within the banking domain. Disaster Recovery and High Availability: Configure and maintain WebLogic clusters for high availability and failover. Implement disaster recovery plans for WebLogic environments and perform regular DR drills. Log Management and Troubleshooting: Analyze logs for system behavior, performance bottlenecks, and errors. Work with application developers and DBAs to resolve complex issues affecting WebLogic and applications. Collaboration and Documentation: Collaborate with cross-functional teams (DevOps, security, network) to optimize the entire application stack. Create and maintain technical documentation, including standard operating procedures, configuration guides, and troubleshooting steps. Upgrades and Patches: Plan, test, and execute WebLogic server upgrades and patches. Keep abreast of WebLogic and Java updates, applying them as necessary in a controlled and tested manner. Skills & Qualifications: Education: Engineering degree in Computer Science, Information Technology, or a related field is mandatory Experience: Minimum of 5 years of hands-on experience administering Oracle WebLogic Server in large, production environments, preferably within the banking or financial services industry. Strong experience in deploying, monitoring, and troubleshooting Java-based banking applications. Technical Skills: Proficient with Oracle WebLogic Server (10.x, 11g, 12c). Familiarity with Java, Java EE, JMS, and JDBC. Experience with clustering, load balancing, and WebLogic Domain and Server configurations. Expertise in shell scripting, automation tools, and monitoring tools (e.g., Nagios, AppDynamics, Splunk). Experience with databases (Oracle, SQL Server, etc.) and web servers (Apache, IIS). Familiarity with containerization and cloud platforms (AWS, Azure) is a plus. Soft Skills: Excellent troubleshooting, problem-solving, and analytical skills. Strong communication skills and ability to work collaboratively across teams. Ability to manage multiple tasks in a fast-paced, dynamic environment. Familiarity with ITIL and incident management processes. Desirable Skills: Experience with banking applications such as core banking systems, payment processing systems, or financial transaction platforms. Knowledge of enterprise-grade monitoring tools (e.g., Oracle Enterprise Manager). Experience in DevOps practices and CI/CD pipelines. Familiarity with regulatory standards and compliance requirements in the banking domain (e.g., PCI DSS, SOX). Working Environment: The position may require on-call support and occasional after-hours maintenance. Work within a team-oriented environment with collaboration across IT infrastructure, development, and security teams.

Role Overview We are looking for experienced DevOps Engineers (4+ years) with a strong background in cloud infrastructure, automation, and CI/CD processes. The ideal candidate will have hands-on experience in building, deploying, and maintaining cloud solutions using Infrastructure-as-Code (IaC) best practices. The role requires expertise in containerization, cloud security, networking, and monitoring tools to optimize and scale enterprise-level applications. Key Responsibilities Design, implement, and manage cloud infrastructure solutions on AWS, Azure, or GCP . Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, or similar tools. Implement and manage CI/CD pipelines using tools like GitHub Actions, Jenkins, GitLab CI/CD, BitBucket Pipelines, or AWS CodePipeline . Manage and orchestrate containers using Kubernetes, OpenShift, AWS EKS, AWS ECS, and Docker . Work on cloud migrations , helping organizations transition from on-premises data centers to cloud-based infrastructure. Ensure system security and compliance with industry standards such as SOC 2, PCI, HIPAA, GDPR, and HITRUST . Set up and optimize monitoring, logging, and alerting using tools like Datadog, Dynatrace, AWS CloudWatch, Prometheus, ELK, or Splunk . Automate deployment, configuration, and management of cloud-native applications using Ansible, Chef, Puppet, or similar configuration management tools . Troubleshoot complex networking, Linux/Windows server issues , and cloud-related performance bottlenecks. Collaborate with development, security, and operations teams to streamline the DevSecOps process. Must-Have Skills 3 + years of experience in DevOps, cloud infrastructure, or platform engineering. Expertise in at least one major cloud provider : AWS, Azure, or GCP . Strong experience with Kubernetes, ECS, OpenShift , and container orchestration technologies. Hands-on experience in Infrastructure-as-Code (IaC) using Terraform, AWS CloudFormation, or similar tools . Proficiency in scripting/programming languages like Python, Bash, or PowerShell for automation. Strong knowledge of CI/CD tools such as Jenkins, GitHub Actions, GitLab CI/CD, or BitBucket Pipelines . Experience with Linux operating systems (RHEL, SUSE, Ubuntu, Amazon Linux) and Windows Server administration . Expertise in networking (VPCs, Subnets, Load Balancing, Security Groups, Firewalls) . Experience in log management and monitoring tools like Datadog, CloudWatch, Prometheus, ELK, Dynatrace . Strong communication skills to work with cross-functional teams and external customers. Knowledge of Cloud Security best practices, including IAM, WAF, GuardDuty, CVE scanning, vulnerability management . Good-to-Have Skills Knowledge of cloud-native security solutions (AWS Security Hub, Azure Security Center, Google Security Command Center). Experience in compliance frameworks (SOC 2, PCI, HIPAA, GDPR, HITRUST). Exposure to Windows Server administration alongside Linux environments. Familiarity with centralized logging solutions (Splunk, Fluentd, AWS OpenSearch). GitOps experience with tools like ArgoCD or Flux . Background in penetration testing, intrusion detection, and vulnerability scanning . Experience in cost optimization strategies for cloud infrastructure. Passion for mentoring teams and sharing DevOps best practices.

For Soc L3-Position: 7Yrs+ hands on Exp. Ready to work for Rotational shifts.(24*7), Team management & Shift roaster Location: Pune Roles and Responsibilities Key Skills: 1.SIEM tool exp-preferably Arc sight. 2. Log Analysis 3.Incident Response 4.DLP experience 5.Investigation Knowledge 6.Rules creation 7.Alert management. 8.Use case Creation 9.Team management 10.Shift Roaster 11.Monthly reports Key Responsibilities To handle the daily monitoring of information security events. To function as an intrusion analyst by examining security events for context, appropriateness and criticality To act as an information security researcher to provide insight and understanding of new and existing information security threats Key Operational Activities Daily checklists and tasks Log analysis and review Vulnerability management activities Alert analysis Investigation of suspicious security event activity Maintain and enforce adherence to corporate standards, policies and procedures Please share your profile to anwar.shaik@locuz.com

Dear Professional, We are excited to present a unique opportunity at Cognizant, a leading IT firm renowned for fostering growth and innovation. We are seeking talented professionals with 5 to 10 years of experience in Splunk Administration,Splunk Development,Splunk Enterprise Security,Splunk Dashboard Creation,AlertLogic SIEM ,Threat Detection,Incident Response,Log Management,Security Analytics,Compliance Reporting,Real-time Monitoring,Alert Logic MDR,LogRhythm SIEM,LogRhythm Administration,LogRhythm Threat Detection, LogRhythm Incident Response to join our dynamic team. Your expertise in these areas is highly sought after, and we believe your contributions will be instrumental in driving our projects to new heights. We offer a collaborative environment where your skills will be valued and nurtured. To proceed to the next step of the recruitment process, please provide us with the following details with Updated resume to sathish.kumarmr@cognizant.com Please share below details (Mandatory) : Full Name(As per Pan card): Contact number:Email Current Location: Interested Locations: Total Years of experience: Relevant years of experience: Current company: Notice period: NP negotiable: if yes how many days they can negotiate? : If you are Serving any Notice period Means please mention Last date of Working: Current CTC- Expected CTC- Availability for interview on Weekdays ? Highest Qualification? Additionally, we would like to schedule a virtual interview with you on 2nd August 2024. Kindly confirm your availability for the same. We look forward to the possibility of you bringing your valuable experience to Cognizant. Please respond at your earliest convenience. Thanks & Regards, Sathish Kumar M R HR-Cognizant Sathish.KumarMR@cognizant.com