5 Log Parsing Jobs

Job Description Responsible for end-to-end implementation and configuration of SIEM(LogRhythm) and SOAR(Cortex) solutions across customer environments Onboard diverse log sources (cloud, on-prem, endpoint, network) into the LogRhythm SIEM platform and normalize data(Including Supported and Non Supported Devices) Design and implement Standard and Custom detection rules, dashboards, and Reports. Including UEBA, NBA, MITRE, Logsource based and Cross Correlation Usecases Collaborate with SOC, threat intel, TPM and Internal teams to enhance security posture and streamline incident response. Troubleshoot log ingestion and parsing errors. Implement threat intelligence integration to enrich alerts and improve contextual awareness. Ensure compliance with security best practices, frameworks (e.g., MITRE ATT&CK, NIST) Provide documentation, runbooks, LLDs to Operations team as part of Handover Stay current with emerging threats, tools, and technologies in the SIEM/SOAR ecosystem. Collaborate with Assurance team to ensure Smooth handover of projects, follow and adhere to defined Responsibilities Design, implement, and maintain LogRhythm SIEM, Cortex SOAR, and LogRhtyhm UEBA solutions across cloud and on-premise environments. Collaborate with stakeholders to gather and analyze security monitoring and automation requirements. Onboard, parse, and normalize data from diverse log sources including cloud (AWS, GCP, Azure), EDRs, firewalls, proxies, and identity systems. Develop and fine-tune correlation rules, detection use cases, and alerting logic based on attacker TTPs (aligned to MITRE ATT&CK). Configure and customize UEBA models to detect abnormal user and entity behavior (e.g., data exfiltration, lateral movement). Integrate third-party threat intelligence feeds for enrichment and contextual detection. Conduct testing, tuning, and validation of detection and response logic to reduce false positives and improve fidelity. Provide Level 2 support for SIEM/SOAR/UEBA issues during project delivery lifecycle and work closely with SOC, TPM and Customer teams Prepare technical documentation, runbooks and LLDs Continuously monitor industry trends, product updates, and threat intelligence to improve detection coverage. Desired Skill sets Hands-on experience with SIEM platforms Experience with SOAR platforms Proficiency with UEBA solutions Strong understanding of log parsing, normalization, and data onboarding using Syslog, APIs, agents, or collectors. Expertise in developing correlation rules, detection logic, and custom parsers. Experience building and maintaining OOTB SOAR playbooks for automated incident response. Familiarity with behavioral analytics, anomaly detection, and machine learning models in UEBA systems. Knowledge of network protocols, Network logging, OS Logging,endpoint telemetry, and cloud security logging (e.g. VPC flow logs, CloudTrail, Azure Activity Logs). OEM Certifications CEH, Comptia Security+ or similar CSP Security Certifications(Ex. AZ-500)

You should have a Diploma / Bachelors / Masters Degree along with a minimum of 4-5 years of experience in a Security Operations Centre (SOC) or incident response team. It is required to possess at least one valid certification among Security+, CEH, CISSP, OSCP, CHFI, ECSA, GCIH, GCIA, GSEC, GCFA, or Cisco Cyber OPS certification. Being flexible to work in 24/7 shifts is a must. Your responsibilities will include 24/7 monitoring, triaging, and analyzing security events and alerts, as well as conducting malware analysis, including reverse engineering. You should have experience in coordinating incident response and troubleshooting across a global organization. It is important to be familiar with core concepts of security incident response and have a strong knowledge of email security threats and controls. Additionally, you should have a good understanding of Threat Intel and Hunting, network fundamentals, common Internet protocols, and experience in analyzing network traffic using tools like Wireshark. Experience in reviewing system and application logs, investigating security issues within Cloud infrastructure, and using SIEM tools such as Splunk, AlienVault, QRadar, ArcSight or similar is essential. Moreover, you should have experience in creating new detection rules and correlation rules, defining use cases for playbooks and runbooks, understanding log types and log parsing, and a strong passion for information security. A good understanding of CIS requirements is also required for this role.,

You are an experienced professional sought by the Security Operations Centre for the SOC Lead position in Pune (Baner). You should possess expertise in SIEM setup, operational knowledge, and cloud environments. The ideal candidate is highly motivated, inquisitive, and adept at problem-solving. A must-have is knowledge of Incident response and SOAR methodologies. Your primary responsibilities include security event monitoring, management, and response. You must have experience with Open Source SIEM Tools, implementation, and at least one Security Information and Event Management (SIEM) solution. Generating reports, dashboards, and metrics for SOC operations, along with presenting to Senior Management, is part of the role. It is essential to have a deep understanding of security threats, attack methods, and the current threat landscape. Proficiency in identifying common attacks and their SIEM signatures is required. Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and remediation is crucial. Excellent troubleshooting and analytical skills are a must, along with the ability to propose security solutions in business terms. You should be capable of multitasking in a fast-paced environment and have knowledge of containers, orchestration technologies, log parsing, network protocols, and AWS Services for security detection and mitigation. Understanding Operating Systems, Web Servers, databases, and Security devices (firewall/NIDS/NIPS) logs and formats is necessary. With an experience range of 3 - 7 years in IT Infrastructure and Security, you must have prior experience in Cybersecurity & SOC/SIEM, preferably in the Banking and Financial domain. Expertise in Endpoint Security, Network Security, SIEM, SOC Advanced security tools, SOAR platform, Vulnerability Management, SIEM, and building Threat Modeling practice is expected. Strong communication skills are essential for this role. The role offers an opportunity to work with a modern cloud-native security stack, learn and develop in an innovative FinTech environment, receive mentorship and training on advanced threat detection and response practices, be part of a team culture focused on collaboration and technical excellence, and receive a competitive salary and shift allowances.,

Role: S enior SOC Analyst, Alerts & Automation Standard Title: Senior Analyst, Cyber Defence (SOC) Location: Bangalore, India About Us Founded in 2014, Circles is a global technology company reimagining the telco industry with its innovative SaaS platform, empowering telco operators worldwide to effortlessly launch innovative digital brands or refresh existing ones, accelerating their transformation into techcos. Today, Circles partners with leading telco operators across multiple countries and continents, including KDDI Corporation, Etisalat Group (e&), AT&T, and Telkomsel, creating blueprints for future telco and digital experiences enjoyed by millions of consumers globally. Besides its SaaS business, Circles operates three other distinct businesses: Circles.Life: A wholly-owned digital lifestyle telco brand based in Singapore, Circles.Life is powered by Circles SaaS platform and pioneering go-to-market strategies. It is the digital market leader in Singapore and has won numerous awards for marketing, customer service, and innovative product offerings beyond connectivity. Circles Aspire: A global provider of Communications Platform-as-a-Service (CPaaS) solutions. Its cloud-based Experience Cloud platform enables enterprises, service providers and developers to deliver and scale mobile, messaging, IoT, and connectivity services worldwide. Jetpac: Specializing in travel tech solutions, Jetpac provides seamless eSIM roaming for over 200 destinations and innovative travel lifestyle products, redefining connectivity for digital travelers. Jetpac was awarded Travel eSIM of the Year. Circles is backed by renowned global investors, including Peak XV Partners (formerly Sequoia), Warburg Pincus, Founders Fund, and EDBI (the investment arm of the Singapore Economic Development Board), with a track record of backing industry challengers. What You&aposll Do As a Security Incident and SIEM Specialist , you will support Circles SOC team in areas such as cybersecurity incident response, SIEM alert creation, fine-tuning, and noise reduction. Your role includes managing threat intelligence, monitoring security events, investigating incidents, performing forensic analysis, and coordinating global incident response efforts. You will play a key role in enhancing SOC monitoring capabilities by optimizing alert quality and reducing false positives, thereby improving overall SOC efficiency and productivity. What Were Looking For Bachelor&aposs degree in Computer Science, Engineering, or related field (or equivalent experience). 2+ years of hands-on SOC or information security experience in a global IT environment. Experience with SIEM tools (Graylog, Splunk, ELK, Rapid7, LogRhythm, QRadar). Relevant certifications (GCIH, GCIA, Splunk/QRadar) are a plus. Key Responsibilities Triage and analyze security alerts, assess threats, and prioritize based on risk and impact. Execute incident response procedures and document findings clearly. Distinguish false positives from real threats using SIEM and security tools. Understand common attack vectors, TTPs, and apply contextual log analysis. Collaborate with cross-functional teams to ensure effective incident response. Stay updated on emerging threats and security trends. SIEM & Scripting Strong UNIX/Linux skills and proficiency in Bash or Python scripting. Skilled in RegEx, log parsing, pipeline creation, and data normalization. Experience in SIEM tuning, use case development, and alert optimization. Familiar with building and enhancing detection rules and threat analytics. Exposure to AI/ML for noise reduction and threat detection is a plus. Other Requirements Willingness to work in a hybrid setup and 24x7 environment. To all recruitment agencies: Circles will only acknowledge resumes shared by recruitment agencies if selected in our preferred supplier partnership program. Please do not forward resumes to our jobs alias, Circles employees or any other company location. Circles will not be held accountable for any fees related to unsolicited resumes not uploaded via our ATS. Circles is committed to a diverse and inclusive workplace. We are an equal opportunity employer and do not discriminate on the basis of race, national origin, gender, disability or age. Show more Show less

Job Title: ELK Developer Experience Required: 8 - 12 Years Location: Hyderabad, Bangalore (Preferred) Also open to Chennai, Mumbai, Pune, Kolkata, Gurgaon Work Mode: On-site / Hybrid Job Summary: We are seeking a highly experienced ELK Developer with a strong background in designing and implementing monitoring, logging, and visualization solutions using the ELK Stack (Elasticsearch, Logstash, Kibana) . The ideal candidate should also have hands-on expertise with Linux/Solaris administration , scripting for automation, and performance testing. Additional experience with modern DevOps tools and monitoring platforms like Grafana and Prometheus is a plus. Primary Responsibilities: Design, implement, and maintain solutions using ELK Stack Elasticsearch , Logstash , Kibana , and Beats Create dashboards and visualizations in Kibana to support real-time data analysis and operational monitoring Define and apply indexing strategies , configure log forwarding , and manage log parsing with Regex Set up and manage data aggregation, pipeline testing, and performance evaluation Develop and maintain custom rules for alerting, anomaly detection, and reporting Troubleshoot log ingestion, parsing, and query performance issues Automate jobs and notifications through scripts (Bash, PowerShell, Python, etc.) Perform Linux/Solaris system administration tasks: Monitor services and system health Manage memory and disk usage Schedule jobs, update packages, and maintain uptime Work closely with DevOps, Infrastructure, and Application teams to ensure system integrity and availability Must-Have Skills: Strong hands-on experience with the ELK Stack (Elasticsearch, Logstash, Kibana) Proficient in Regex , SQL , JSON , YAML , XML Deep understanding of indexing , aggregation , and log parsing Experience in AppDynamics and related observability platforms Proven skills in Linux/Solaris system administration Proficiency in scripting (Shell, Python, PowerShell, Bash) for log handling, jobs, and notifications Experience in performance testing and optimization Good-to-Have / Secondary Skills: Experience with Grafana and Prometheus for metrics and visualization Knowledge of web and middleware components: HTTP server , HAProxy , Keepalived , Tomcat , NGINX Familiarity with DevOps tools: Git, Bitbucket, GitHub, Helm charts, Terraform, JMeter Programming/Scripting experience in Perl , Java , JavaScript Hands-on with CI/CD tools: TeamCity , Octopus , Nexus Working knowledge of Agile methodologies and JIRA Education: Bachelors or Master’s degree in Computer Science, Engineering, or a related field