275 Logrhythm Jobs - Page 8

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMS-TDR Senior As part of our EY-cyber security team, who shall work as SME for Microsoft Sentinel solutions in TDR team The opportunity We’re looking for Senior Consultant with expertise in Cloud Security solutions. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Architecting and implementation of cloud security monitoring platforms MS Sentinel Provide consulting to customers during the testing, evaluation, pilot, production, and training phases to ensure a successful deployment. Perform as the subject matter expert on Cloud Security solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer. Securing overall cloud environments by applying cybersecurity tools and best practices Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills And Attributes For Success Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities. Expertise in content management in MS Sentinel Good knowledge in threat modelling. Experience in creating use cases under Cyber kill chain and Mitre attack framework Expertise in integrating critical devices/applications including unsupported (in-house built) by creating custom parsers Below mentioned experiences/expertise on Sentinel Develop a migration plan from Splunk/QRadar/LogRhythm to MS Sentinel Deep understanding of how to implement best practices for designing and securing Azure platform Experiencing advising on Microsoft Cloud Security capabilities across Azure platform Configure data digestion types and connectors Analytic design and configuration of the events and logs being digested Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks Experience in other cloud native security platforms like AWS and GCP is a plus Scripting knowledge (Python, Bash, PowerShell) Extensive knowledge of different security threats Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Certification in Azure (any other cloud vendor certification is a plus) Ideally, you’ll also have People/Project management skills. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Your role This position is responsible for administering the Splunk platforms for enterprise Security Information and Event Management (SIEM). The role involves working with asset owners to ensure the timely and efficient collection of computer security events and logs for the purpose of detecting and responding to information security incidents. Maintain all components of a distributed SPLUNK infrastructure including indexer clusters, search head clusters, and deployment servers. Provide overall management of the SPLUNK platform. Standardize SPLUNK forwarder deployment, configuration, and maintenance across Unix and Windows platforms. Troubleshoot SPLUNK server and forwarder problems and issues. Assist internal users in designing and maintaining production-quality dashboards. Monitor the SPLUNK infrastructure for capacity planning. Implement change requests and engineering tasks. Lead technical discussions in customer governance calls. Participate in technical audits. Identify opportunities for automation, standardization, and stabilization. Prepare/update/review run books, SOPs, and knowledge articles. Plan, prepare, and execute change processes and implementations. Perform OS-level performance monitoring and troubleshooting. Monitor and troubleshoot application and database layers (e.g., Apache, Tomcat, MySQL). Administer and maintain a 24/7 highly available Splunk environment. Work closely with clients, technicians, and managerial staff. Experience with Databricks, Kafka, and NiFi is an added advantage. Your profile Splunk Administrator with 4 to 8 years experience Dashboards, reports creation and Monitoring Experience with Splunk Phantom as well, would be given preference Work location Bengaluru,Mumbai,Pune & Hyderabad What Youll Love About Working Here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Dear Candidate, TCS has always been a proud pioneer in nurturing tech talent like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role: Presales Security Consultant Desired Skill Set Any: Cybersecurity Presales, Technical Pre-sales support, Security Engineering, Presales Solution Development Experience Range: 12+ years Joining Location: PAN India Job Description: 1. Experience in responding to RFP/RFI/RFQ (Proposal writing, Solution creation, effort estimation, content writing) and customer defense presentations etc is preferred. 2. Candidates having proven track record in Cyber security Pre-Sales support / solution development/Solution Architect role in any two of the below areas: a. SOC/MDR/EDR/XDR solutions using (i.e. Sentinel, QRadar, Splunk, Rapid-7 , Google Chronical, LogRhythm SIEM/SOAR Threat Intel etc) b. Vulnerability Management for Infrastructure and Application Security (VAPT, SAST, DAST, SCA, Penetration Testing, Red Teaming, Threat Hunting) c. Network Security – ZTNA, Firewalls/IDS/IPS, Automation, WAF Management, Micro segmentation, DDoS etc d. Data protection (DLP) endpoints/ network / Cloud e.g. MS purview, force point, Proofpoint, Trellix, Symantec e. Identity and Access Management - IGA, WAM, PAM, SSO, MFA etc using Azure AD, CyberArk, SailPoint, Ping Identity, Okta etc f. Experience in solution development in Cloud Security / Governance, Risk and Compliance (GRC) 3.Lead end-to-end Security conversations, shares best practices and key competitor knowledge across solution areas, and evaluates opportunities to make recommendations on pursuit or withdrawal. 4. Understand customer’s cybersecurity initiatives, compete landscape as well as gaps between current and desired cybersecurity posture. Capture the opportunity of customers journey to balance the need for cybersecurity and employee productivity with the right process and visibility. Demo and whiteboard the cybersecurity solutions and the relevant security architecture. Lead and orchestrate to drive an end-to-end value selling from discovery to demonstrating and proving business value. 5. Engage cybersecurity partners to help scale and accelerate the sales cycle 6. Construct and present tailored presentations/proposals to clients based on their requirements Qualifications: 1.Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field 2.12+ years of experience in cyber security, with a focus on security engineering or technical pre-sales support 3.Relevant certifications (e.g., CISSP, CISM, CEH, or similar) are a plus Thanks & Regards, Priscilla Nancy D HR TAG – Cyber Security Tata Consultancy Services

Bachelors degree in Computer Science, Information Security, or related field; or equivalent practical experience. Experience in a SOC or cybersecurity analyst role. Proficient in using Microsoft Sentinel, MS Unified SecOps/XDR, and other SIEM/EDR platforms. Strong knowledge of KQL and experience creating detection rules. Hands-on experience handling alerts and incidents from MDE & MDO. Ability to perform advanced analysis of logs, network flows, and security telemetry. Excellent problem-solving, analytical, and communication skills. Certifications such as CompTIA Security+, CEH, or equivalent are preferred. Mandatory Skills: Security Information Event Management. Experience: 5-8 Years.

Job requisition ID :: 85979 Date: Jul 10, 2025 Location: Delhi Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a Consultant in our Cybersecurity Team, you’ll build and nurture positive working relationships with both internal teams and external clients, with the goal of exceeding client expectations. We are currently seeking a skilled LogRhythm Engineer to manage, maintain, and enhance our LogRhythm SIEM platform, ensuring effective monitoring, detection, and response to security incidents. The ideal candidate will have strong experience in LogRhythm administration, threat detection, and SOC operations, providing continuous security improvements and operational support to the SOC team. Key Responsibilities: LogRhythm Administration: Install, configure, and manage LogRhythm components, including log sources, custom parsers, and correlation rules. Log Source Management: Onboard and manage log sources from network devices, servers, applications, and security tools to ensure accurate log ingestion and parsing. Use Case & Rule Development: Develop and fine-tune correlation rules, alarms, and custom use cases to detect malicious or anomalous activity. Threat Detection & Monitoring: Monitor, analyze, and respond to security events and incidents identified by LogRhythm. Performance Tuning: Optimize LogRhythm performance, including log throughput, storage, and tuning for high-EPS environments. Integration & Automation: Extend LogRhythm capabilities through API integrations and automation with other tools (e.g., firewalls, EDR, DLP). Incident Response Support: Assist the SOC team with investigations and root cause analysis using LogRhythm data and tools. Dashboards & Reporting: Create and maintain dashboards and reports for operational, compliance, and executive audiences. Compliance & Audit Support: Ensure alignment with regulatory standards (e.g., GDPR, HIPAA, PCI-DSS) in SIEM operations. Troubleshooting & Maintenance: Resolve issues related to log ingestion, parser errors, system performance, and general administration. System Upgrades & Patching: Plan and execute upgrades, patching, and system maintenance activities to ensure reliability and security. Desired Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or a related field — or equivalent hands-on experience. 2+ years of hands-on experience with LogRhythm SIEM, including installation, configuration, and rule tuning. Strong understanding of SIEM operations, event correlation, log management, and security monitoring. Experience working in a Security Operations Center (SOC), with knowledge of threat detection and incident response. Proficiency with scripting and automation (e.g., Python, Bash, PowerShell) is a plus. Familiarity with security technologies such as firewalls, IDS/IPS, EDR, DLP, etc. Knowledge of security frameworks and standards such as MITRE ATT&CK, NIST, ISO 27001, etc Preferred Certifications IBM Log Rhythm SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Mumbai/Gurgaon/Hyderabad/Bangalore Professional is required to work from office Your role as Consultant We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Purpose of the Role As a Senior Information Security Analyst supporting the Yum! Cybersecurity team, you will act as a primary escalation point within the SOC for the SIEM platform and major incident investigations. This is a global role that supports over 53,000 restaurants across 150+ countries. The role involves responding to, researching, and addressing complex network security events while collaborating with brand Security and IT teams, as well as third-party service providers. Occasional on-call duties may be required. Responsibilities Investigate and resolve escalated security alerts using enterprise SIEM platforms (e.g., QRadar). Document investigations thoroughly, communicate with stakeholders, and ensure full resolution of issues. Gather, analyze, and summarize threat intelligence for internal stakeholders. Identify SIEM tuning opportunities and develop new use cases. Provide oversight for threat and vulnerability management and communicate risk observations to leadership. Collaborate with Subject Matter Experts across Security Services to optimize processes and improve the security service model. Partner with the Log Collection and Platform team to implement automation and efficiency measures. Lead brand collaboration calls to communicate detection trends, resolution statuses, and follow-up actions. Minimum Requirements: BTECH / Degree in Cybersecurity, Information Technology, or equivalent experience. 8-10 Years experience in a high-performance SOC or cybersecurity operations environment. 2-3 years of foundational IT experience (e.g. service desk, network operations, etc) ertifications such as GCIH, GSOC, GMON, GSEC, CCNA, Security+, or Network+ preferred. Experience with enterprise-grade SIEM platforms (e.g., QRadar, LogRhythm, CrowdStrike). Strong technical knowledge in IDS/IPS, firewalls, routers, and endpoint security. Familiarity with frameworks such as the Cyber Kill Chain. Demonstrated experience with threat analysis, event triage, and incident root-cause identification. Strong interpersonal and communication skills across technical and non-technical audiences. Experience with red/blue team or tabletop exercises. Time management and critical thinking in high-pressure environments. Preferred Requirements

Work Location : BangaloreGrade : A1-A2Shift : Rotational ShiftS Description: o Acknowledge, analyse, and validate incidents triggered from correlated events through SIEM solutiono Acknowledge, analyse, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.o Collection of necessary logs that could help in the incident containment and security investigationo Escalate validated and confirmed incidents to SOC Leado Undertake first stages of false positive and false negative analysiso Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.o Open incidents in ITSM Platform to report the alarms triggered or threats detected. Analyst should properly include for each incident on SIEM all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol and the SLA.o Track and update incidents and requests based on client’s updates and analysis resultso Report infrastructure issues to the IT support team.o Other duties related to the position Essential Skillso Knowledge and hands-on experience in the management of McAfee EDR, CrowdStrike, ENS, DLP, CASB and other security productsoExperience in Security Information Event Management (SIEM) tools like LogRhythm and McAfee, creation of basic co-relation rules, and administration of SIEMo Should have expertise on TCP/IP network traffic and event log analysiso Knowledge of ITIL disciplines such as Incident, Problem and Change Management Expectations:o Exp 0-4 years SOC Engineer will be responsible for monitoring, reporting, and escalating events to our SOC Managero The primary function of this position is to monitor the analytics tools, perform alert management, and initial incident qualificationo This role reports to the SOC Managero Bachelor’s degree with Cybersecurity as a majoro Joining time / Notice Period: Immediate joiningo Shift Timings: Rotational Shifts (100% working from Bangalore office)

Location : BangaloreGrade : A1-A2Salary: Up to INR 9,00,000 Description:oAcknowledge, analyse, and validate incidents triggered from correlated events through SIEM solutionoAcknowledge, analyse, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.oCollection of necessary logs that could help in the incident containment and security investigationoEscalate validated and confirmed incidents to SOC LeadoUndertake first stages of false positive and false negative analysisoUnderstand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.oOpen incidents in ITSM Platform to report the alarms triggered or threats detected. Analyst should properly include for each incident on SIEM all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol and the SLA.oTrack and update incidents and requests based on client’s updates and analysis resultsoReport infrastructure issues to the IT support team.oOther duties related to the position Essential SkillsoKnowledge and hands-on experience in the management of McAfee EDR, CrowdStrike, ENS, DLP, CASB and other security productsoExperience in Security Information Event Management (SIEM) tools like LogRhythm and McAfee, creation of basic co-relation rules, and administration of SIEMoShould have expertise on TCP/IP network traffic and event log analysisoKnowledge of ITIL disciplines such as Incident, Problem and Change Management Expectations:oExp 0 - 4 years SOC Engineer will be responsible for monitoring, reporting, and escalating events to our SOC Manager.oThe primary function of this position is to monitor the analytics tools, perform alert management, and initial incident qualification.oThis role reports to the SOC Manager.oBachelor’s degree with CEH certificationoJoining time / Notice Period: Immediate joiningoShift Timings: Rotational Shifts (100% working from Bangalore office)3 must havesSOC 4/5SIEM 3/5ITIL 3/5

About the Role We are seeking a skilled SIEM Administrator to manage and optimize different SIEM solutions. The ideal candidate will be responsible for system administration, log integration, troubleshooting, Deployment, Implementation and maintaining security posture for the organization. Key Responsibilities SIEM Administration: Install, configure, maintain, and upgrade SIEM components. (IBM Qradar SIEM, DNIF, Splunk & Securonix). Log Management: Onboard, parse, and normalize logs from various data sources (firewalls, servers, databases, applications, etc.) Custom log source integration and parser development. System Monitoring & Troubleshooting: Ensure SIEM tools are functioning optimally. Monitor & regular health check perform for SIEM tools. troubleshoot system errors and resolve performance issues. Conduct regular performance tuning and capacity planning Perform root cause analysis for system failures & performance issues. Optimize system performance and storage management for SIEM Integration & Automation : Integrate third-party security tools (firewalls, EDR, threat intelligence feeds) with SIEM. Compliance & Audits: Ensure log retention policies comply with regulatory standards. Develop & enforce SIEM access controls & user roles/permissions. Documentation & Training: Document system configurations, SOP’s & troubleshooting documents. Prepare monthly/ weekly reports and PPT, onboarding documentation as per business/ client requirement. Dashboard & Report Development: Create & maintain custom dashboards & reports Optimize searches & reports for performance and efficiency. Hands on experience with Linux OS & Windows OS Basic to mediator level knowledge in networking skills Should be familiar with Azure, AWS or GCP products Basic Qualifications B.E./B.Tech in Computers or related field (preferred). 4+ Years of Experience in SOC Administration. Strong knowledge of SIEM architecture, log sources, and event correlation. Preferred Qualifications Proficiency in log management, regular expressions, and network security concepts. Experience integrating SIEM with various security tools (firewalls, IDS/IPS, antivirus, etc.) Scripting knowledge (Python, Bash, or PowerShell) is a plus. Training or Certificate on Splunk or IBM Qradar Preferred. Experience with SIEM tools like IBM QRadar, Splunk, Securonix, LogRhythm, Microsoft Sentinel, DNIF etc. Proficiency in IBM Qradar & Splunk administration. Configuring, maintaining, and troubleshooting SIEM solutions. Strong analytical and problem-solving skills. Excellent communication and documentation abilities.

Job Title: L2 Engineer – Security Operations Center (SOC ) Company Name : Amyntor Infosec Private Limited Location: Trivandrum Department: Cyber Security Experience: 2-4 Years About Us: Amyntor Infosec is a leading provider of IT infrastructure and cybersecurity solutions, specializing in delivering high-impact projects to organizations across industries.We are seeking a dynamic and detail-oriented Level 2 SOC Analyst to join our cybersecurity operations team. This role is critical in strengthening our threat detection and incident response capabilities. The ideal candidate will be responsible for conducting in-depth analysis of security events, escalating sophisticated threats, and contributing to the creation and optimization of security playbooks. If you are passionate about defending digital infrastructure, possess strong analytical skills, and are eager to be part of a collaborative and fast-paced environment, we invite you to be a key player in our mission to proactively safeguard our clients and operations. About the Role: We are seeking a skilled and proactive L2 SOC Engineer to strengthen our cybersecurity operations team. The role demands technical excellence across incident management , security control implementation , and playbook development , with opportunities for direct client engagement during presales and project execution phases. We offer a dynamic environment with performance-linked incentives , overtime payments , and opportunities for career advancement. Key Responsibilities: Act as the Level 2 escalation point for security events across SIEM, EDR, IDS/IPS, and Firewall ecosystems. Lead or support the end-to-end implementation of SOC environments , including platform setup (SIEM, SOAR, log onboarding), use-case development, integration of security tools, and operational runbook creation. Implement security controls — technical, administrative, and operational — as per client risk profiles and project requirements. Collaborate internally with presales teams by providing technical inputs during solution design and client proposal stages. Develop, document, and maintain incident response playbooks and standard operating procedures (SOPs). Investigate escalated incidents, perform root cause analysis, and coordinate remediation actions. Continuously tune detection rules, optimize use-cases, and enhance threat detection strategies. Mentor and guide L1 SOC Analysts, fostering a culture of continuous learning and operational excellence. Proactively recommend improvements in client security posture based on real-time threat intelligence and gap assessments. Required Skills and Experience: Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related field. 2–4 years of hands-on experience in a SOC environment. Strong working knowledge of security platforms such as Wazuh , Splunk, QRadar, LogRhythm, or other SIEMs. Expertise in implementation of cybersecurity controls across technical, administrative, and operational domains. Good understanding of security standards, including MITRE ATT&CK, NIST Cybersecurity Framework, and ISO 27001. Ability to develop structured, actionable playbooks and process documentation. Strong problem-solving skills, analytical thinking, and an ability to perform under pressure. Relevant certifications (CEH, CompTIA Security+, CySA+, or equivalent) are preferred. Preferred Skills: Prior client-facing experience — in presales engagements, project implementations, or cybersecurity consulting — will be considered an added advantage. Experience in tuning SIEM use cases and detection logic for optimized threat detection. Strong communication skills to effectively convey technical findings to diverse audiences. Passion for security innovation, threat hunting, and continuous process improvements. Compensation and Benefits: Competitive Base Salary benchmarked to the cybersecurity market. Performance-Based Incentive Mechanisms linked to client satisfaction and incident response efficiency. Overtime Payment for work performed beyond standard hours. Paid cybersecurity certifications and specialized learning programs. Career advancement pathways into Threat Intelligence, Forensics, Security Architecture, and other specialized roles. Dynamic, innovation-driven work environment with exposure to leading-edge cybersecurity tools and practices. Why Join Us? Deliver mission-critical security services that protect and empower client organizations. Gain exposure across multiple industries, technologies, and security challenges. Be part of a results-driven team that values expertise, collaboration, and continuous growth. Note : Kindly read the Job Description fully before applying for this post Job Types: Full-time, Permanent Pay: ₹35,000.00 - ₹40,000.00 per month Benefits: Cell phone reimbursement Commuter assistance Schedule: Day shift Fixed shift Morning shift Supplemental Pay: Overtime pay Performance bonus Ability to commute/relocate: Technopark, Thiruvananthapuram, Kerala: Reliably commute or planning to relocate before starting work (Required) Education: Bachelor's (Required) Experience: Cybersecurity: 2 years (Required) SoC: 1 year (Required) Willingness to travel: 50% (Preferred) Work Location: In person

Job requisition ID :: 85978 Date: Jul 10, 2025 Location: Delhi CEC Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Y our potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a Consultant in our Cybersecurity Team, you’ll build and nurture positive working relationships with both internal teams and external clients, with the goal of exceeding client expectations. We are currently seeking a skilled LogRhythm Engineer to manage, maintain, and enhance our LogRhythm SIEM platform, ensuring effective monitoring, detection, and response to security incidents. The ideal candidate will have strong experience in LogRhythm administration, threat detection, and SOC operations, providing continuous security improvements and operational support to the SOC team. Key Responsibilities: LogRhythm Administration: Install, configure, and manage LogRhythm components, including log sources, custom parsers, and correlation rules. Log Source Management: Onboard and manage log sources from network devices, servers, applications, and security tools to ensure accurate log ingestion and parsing. Use Case & Rule Development: Develop and fine-tune correlation rules, alarms, and custom use cases to detect malicious or anomalous activity. Threat Detection & Monitoring: Monitor, analyze, and respond to security events and incidents identified by LogRhythm. Performance Tuning: Optimize LogRhythm performance, including log throughput, storage, and tuning for high-EPS environments. Integration & Automation: Extend LogRhythm capabilities through API integrations and automation with other tools (e.g., firewalls, EDR, DLP). Incident Response Support: Assist the SOC team with investigations and root cause analysis using LogRhythm data and tools. Dashboards & Reporting: Create and maintain dashboards and reports for operational, compliance, and executive audiences. Compliance & Audit Support: Ensure alignment with regulatory standards (e.g., GDPR, HIPAA, PCI-DSS) in SIEM operations. Troubleshooting & Maintenance: Resolve issues related to log ingestion, parser errors, system performance, and general administration. System Upgrades & Patching: Plan and execute upgrades, patching, and system maintenance activities to ensure reliability and security. Desired Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or a related field — or equivalent hands-on experience. 2+ years of hands-on experience with LogRhythm SIEM, including installation, configuration, and rule tuning. Strong understanding of SIEM operations, event correlation, log management, and security monitoring. Experience working in a Security Operations Center (SOC), with knowledge of threat detection and incident response. Proficiency with scripting and automation (e.g., Python, Bash, PowerShell) is a plus. Familiarity with security technologies such as firewalls, IDS/IPS, EDR, DLP, etc. Knowledge of security frameworks and standards such as MITRE ATT&CK, NIST, ISO 27001, etc Preferred Certifications IBM Log Rhythm SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Mumbai/Gurgaon/Hyderabad/Bangalore Professional is required to work from office Your role as Consultant We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job requisition ID :: 85980 Date: Jul 10, 2025 Location: Delhi Designation: Assistant Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a Consultant in our Cybersecurity Team, you’ll build and nurture positive working relationships with both internal teams and external clients, with the goal of exceeding client expectations. We are currently seeking a skilled LogRhythm Engineer to manage, maintain, and enhance our LogRhythm SIEM platform, ensuring effective monitoring, detection, and response to security incidents. The ideal candidate will have strong experience in LogRhythm administration, threat detection, and SOC operations, providing continuous security improvements and operational support to the SOC team. Key Responsibilities: LogRhythm Administration: Install, configure, and manage LogRhythm components, including log sources, custom parsers, and correlation rules. Log Source Management: Onboard and manage log sources from network devices, servers, applications, and security tools to ensure accurate log ingestion and parsing. Use Case & Rule Development: Develop and fine-tune correlation rules, alarms, and custom use cases to detect malicious or anomalous activity. Threat Detection & Monitoring: Monitor, analyze, and respond to security events and incidents identified by LogRhythm. Performance Tuning: Optimize LogRhythm performance, including log throughput, storage, and tuning for high-EPS environments. Integration & Automation: Extend LogRhythm capabilities through API integrations and automation with other tools (e.g., firewalls, EDR, DLP). Incident Response Support: Assist the SOC team with investigations and root cause analysis using LogRhythm data and tools. Dashboards & Reporting: Create and maintain dashboards and reports for operational, compliance, and executive audiences. Compliance & Audit Support: Ensure alignment with regulatory standards (e.g., GDPR, HIPAA, PCI-DSS) in SIEM operations. Troubleshooting & Maintenance: Resolve issues related to log ingestion, parser errors, system performance, and general administration. System Upgrades & Patching: Plan and execute upgrades, patching, and system maintenance activities to ensure reliability and security. Desired Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or a related field — or equivalent hands-on experience. 2+ years of hands-on experience with LogRhythm SIEM, including installation, configuration, and rule tuning. Strong understanding of SIEM operations, event correlation, log management, and security monitoring. Experience working in a Security Operations Center (SOC), with knowledge of threat detection and incident response. Proficiency with scripting and automation (e.g., Python, Bash, PowerShell) is a plus. Familiarity with security technologies such as firewalls, IDS/IPS, EDR, DLP, etc. Knowledge of security frameworks and standards such as MITRE ATT&CK, NIST, ISO 27001, etc Preferred Certifications IBM Log Rhythm SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Mumbai/Gurgaon/Hyderabad/Bangalore Professional is required to work from office Your role as AM We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job Title: L2 Engineer – Security Operations Center (SOC ) Company Name : Amyntor Infosec Private Limited Location: Trivandrum Department: Cyber Security Experience: 2-4 Years About Us: Amyntor Infosec is a leading provider of IT infrastructure and cybersecurity solutions, specializing in delivering high-impact projects to organizations across industries.We are seeking a dynamic and detail-oriented Level 2 SOC Analyst to join our cybersecurity operations team. This role is critical in strengthening our threat detection and incident response capabilities. The ideal candidate will be responsible for conducting in-depth analysis of security events, escalating sophisticated threats, and contributing to the creation and optimization of security playbooks. If you are passionate about defending digital infrastructure, possess strong analytical skills, and are eager to be part of a collaborative and fast-paced environment, we invite you to be a key player in our mission to proactively safeguard our clients and operations. About the Role: We are seeking a skilled and proactive L2 SOC Engineer to strengthen our cybersecurity operations team. The role demands technical excellence across incident management , security control implementation , and playbook development , with opportunities for direct client engagement during presales and project execution phases. We offer a dynamic environment with performance-linked incentives , overtime payments , and opportunities for career advancement. Key Responsibilities: Act as the Level 2 escalation point for security events across SIEM, EDR, IDS/IPS, and Firewall ecosystems. Lead or support the end-to-end implementation of SOC environments , including platform setup (SIEM, SOAR, log onboarding), use-case development, integration of security tools, and operational runbook creation. Implement security controls — technical, administrative, and operational — as per client risk profiles and project requirements. Collaborate internally with presales teams by providing technical inputs during solution design and client proposal stages. Develop, document, and maintain incident response playbooks and standard operating procedures (SOPs). Investigate escalated incidents, perform root cause analysis, and coordinate remediation actions. Continuously tune detection rules, optimize use-cases, and enhance threat detection strategies. Mentor and guide L1 SOC Analysts, fostering a culture of continuous learning and operational excellence. Proactively recommend improvements in client security posture based on real-time threat intelligence and gap assessments. Required Skills and Experience: Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related field. 2–4 years of hands-on experience in a SOC environment. Strong working knowledge of security platforms such as Wazuh , Splunk, QRadar, LogRhythm, or other SIEMs. Expertise in implementation of cybersecurity controls across technical, administrative, and operational domains. Good understanding of security standards, including MITRE ATT&CK, NIST Cybersecurity Framework, and ISO 27001. Ability to develop structured, actionable playbooks and process documentation. Strong problem-solving skills, analytical thinking, and an ability to perform under pressure. Relevant certifications (CEH, CompTIA Security+, CySA+, or equivalent) are preferred. Preferred Skills: Prior client-facing experience — in presales engagements, project implementations, or cybersecurity consulting — will be considered an added advantage. Experience in tuning SIEM use cases and detection logic for optimized threat detection. Strong communication skills to effectively convey technical findings to diverse audiences. Passion for security innovation, threat hunting, and continuous process improvements. Compensation and Benefits: Competitive Base Salary benchmarked to the cybersecurity market. Performance-Based Incentive Mechanisms linked to client satisfaction and incident response efficiency. Overtime Payment for work performed beyond standard hours. Paid cybersecurity certifications and specialized learning programs. Career advancement pathways into Threat Intelligence, Forensics, Security Architecture, and other specialized roles. Dynamic, innovation-driven work environment with exposure to leading-edge cybersecurity tools and practices. Why Join Us? Deliver mission-critical security services that protect and empower client organizations. Gain exposure across multiple industries, technologies, and security challenges. Be part of a results-driven team that values expertise, collaboration, and continuous growth. Note : Kindly read the Job Description fully before applying for this post Job Types: Full-time, Permanent Pay: ₹35,000.00 - ₹40,000.00 per month Benefits: Cell phone reimbursement Commuter assistance Schedule: Day shift Fixed shift Morning shift Supplemental Pay: Overtime pay Performance bonus Ability to commute/relocate: Technopark, Thiruvananthapuram, Kerala: Reliably commute or planning to relocate before starting work (Required) Education: Bachelor's (Required) Experience: Cybersecurity: 2 years (Required) SoC: 1 year (Required) Willingness to travel: 50% (Preferred) Work Location: In person

The Associate Analyst will provide intrusion/incident monitoring and detection utilizing customer provided data sources, audit and monitoring tools at both the government and enterprise level. An Associate Threat Analyst is required to be flexible and adapt to change quickly. The Associate Threat Analyst will work closely with our Threat Analyst to service customers through our Managed Detection and Response offering. How you’ll make an impact Analyze, document and report on potential security incidents identified in customer environments. Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets. Provide triage on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc. Perform knowledge transfers, document, and triage client’s issues regarding mitigation of identified threats Provide ongoing recommendations customers on best practices Actively research current threats and attack vectors being exploited in the wild Utilize defined SOP’s and KB’s Performs other duties as assigned Complies with all policies and standards What we’re looking for 1-2 years of working with Incident Ticketing Systems (i.e. ServiceNow, Remedy, Remedy Force, Heat, etc.). required Desire to gain full-time professional experience in the Information Security field Excellent time management, reporting, communication skills, and ability to prioritize work Ability to generate comprehensive written reports and recommendations Write professional emails Previous experience as a point of escalation in a technical environment Customer interactions and working through various issues Base knowledge of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM, and AV Ability to work customer’s environments to report on critical security events Ability to troubleshoot technical problems and ask probing questions to find the root cause or a problem Queue management Data analysis using SIEM, Database tools such as Elastic, and Excel Experience troubleshooting security, network, and or endpoints IDS monitoring/analysis with tools such as Sourcefire and Snort Experience with SIEM platforms preferred (QRadar, LogRhythm, Exabeam, Securonix, and Splunk) Familiarity with web-based attacks and the OWASP Top 10 at a minimum Attack vectors and exploitation Mitigation, Active Directory Direct (E.g. SQL Injection) versus indirect (E.g. cross-site scripting) attacks Familiarity with SANS top 20 critical security controls Understand the foundations of enterprise Windows security including: Windows security architecture and terminology Common system hardening best practices Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS) Experience in monitoring at least one commercial AV solution such as (but not limited to) Carbon Black, CrowdStrike, McAfee/Intel, Symantec, Sophos or Trend Micro Ability to identify common false positives and make suggestions on tuning Malware, Denial of Service Attacks, Brute force attacks Understanding of base malware propagation and attack vectors Propagation of malware in enterprise environments Experience with malware protection tools such as FireEye a plus. Understanding of malware mitigation controls in an enterprise environment. Network Based Attacks / System Based Attacks Familiarity with vulnerability scoring systems such as CVSS Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks Eligibility to obtain security clearance Shift flexibility, including the ability to provide on call support when needed Ability to work greater than 40 hours per week as needed This role is Work from Office role What you can expect from Optiv A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups . Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice . If you sign up to receive notifications of job postings, you may unsubscribe at any time.