23 Nbad Jobs

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Should have knowledge of it Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection):Should have knowledge of it Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Should have knowledge of it Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection):Should have knowledge of it Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Tool Knowledge: SIEM (RSA Net witness) WAF, PAM ANTI-APT, NBAD, Deception (Minimum experience in 2plus tools . Experience: Minimum of 3 years of experience in cybersecurity and SOC Proficient in Incident Management and Response In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc. Responsible for working in a 24x7 Security Operations Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices Provide threat and vulnerability analysis as well as security advisory services Knowledge of various tools such as SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, ServiceNow Ticketing Toolset, Web Security, AV, UBEA, and Advanced SOC Required administration skills in SIEM and other security solutions Creation of rules and dashboards in the SIEM platform Tuning of detections based on SOC input and detection noise SIEM upgrades, patches, onboarding of log sources, etc. Onboarding of sites in WAF and analysis of packets and logs to identify attack patterns and network issues Must have work experience in user onboarding in PAM, troubleshooting access- related issues, and performing DC/DR drills Correlation of MITRE ATT&CK Framework and Cyber Kill Chain, and performing manual threat hunting Min 4 years of experience in SOC, Edu: Engineer (BE/B.Tech)/MCA/ M.Tech/M. E./PhD(Computers/IT/Electronics) Certifications Must: CEH/CCNA/CCNA Security

You will be joining a leading Indian telecom company operating in 18 countries and serving over 300 million customers and 1 million+ businesses. The company values a customer-first mindset and a user-centric approach. Your role will require you to be experienced in SIEM platforms such as QRadar, Splunk, and ArcSight, with knowledge of UEBA, NBAD, and SOAR. You should be skilled in incident management, network troubleshooting, and comfortable working in 24x7 SOC environments. Your responsibilities will include having a technical understanding and working knowledge of SIEM platforms, along with exposure to UEBA, NBA, NBAD, and SOAR. It is essential to have experience with industry-standard SIEM platforms like QRadar, Splunk, RSA, Seceon, Arcsight, etc. You will need to adhere to processes and procedures, possess general network knowledge, and be proficient in TCP/IP troubleshooting. Additionally, you should be able to trace down an endpoint on the network based on ticket information. Good customer communication skills are essential, along with working knowledge of SIEM incident management and providing customer updates. Experience in Managed SOC Services is a must, and you should be prepared to work across 24x7 shifts. Hands-on experience in SIEM platforms and the mentioned technologies is required for this role. It would be beneficial to have industry certifications on SIEM Platform, CCNA, CEH, MCSE, and others as preferred skills.,

As a Security Analyst, you will be responsible for ensuring the security of our network infrastructure by implementing various security measures and strategies. With 4-7 years of experience in Information security or a related field, you will play a crucial role in safeguarding our network resources against potential threats. Your educational background should include a Bachelor's or Master's degree in Computer Science, Information Technology, or a related field. Additionally, possessing certifications such as CCNA-Security, CCNP-Security, OEM Certification, etc., will be advantageous in this role. Your key responsibilities will include mitigating Denial of Service (DOS) attacks by implementing DOS tools, identifying malicious traffic, and implementing strategies to ensure uninterrupted network services. You will also utilize Network-Based Anomaly Detection (NBAD) techniques to monitor network traffic for unusual patterns or behavior, thereby detecting potential security threats in real-time. A strong understanding of network security devices such as firewalls, proxies, SIEM, IPS/IDS is essential. You will be required to deploy network firewalls, enforce security policies, monitor logs, and respond to security incidents effectively to safeguard our network assets. Moreover, your ability to identify and mitigate network vulnerabilities will be crucial in maintaining a secure network environment. In summary, as a Security Analyst, your expertise in network security, coupled with your experience and certifications, will be instrumental in ensuring the integrity and security of our network infrastructure.,

As a Manager, Information Security Incident Response at NTT DATA, you will be responsible for leading the Information Security Incident Response Management team. Your role will involve ensuring that your team is well-equipped to detect and monitor threats and suspicious activities affecting the organization's technology domain. You will serve as the escalation point for incident workflows and actively participate in delivering security measures through analytics and threat hunting processes. Your primary responsibilities will include managing a team of security professionals while fostering a collaborative and innovative team culture focused on operational excellence. You will be expected to have at least 10 years of experience in SOC, with a minimum of 4 years as a SOC Manager. Additionally, you should have 4+ years of experience in SIEM (Splunk) and hold a CISM/CISSP certification. Your role will also involve troubleshooting technical issues to ensure project success, implementing changes to align with client demands, and providing guidance to the team to achieve specific objectives. You will be responsible for developing and executing a timeline for the team to achieve its goals, monitoring incident detection and closure, and presenting regular metrics and reports. Furthermore, you will be required to conduct periodic DR drills, design SIEM solutions to enhance security value, and conduct root-cause analysis for security incidents. It will be vital for you to ensure that the SIEM system is optimized for efficient performance, align reports SIEM rules and alerts with security policies, and compliance reports requirements. You will also collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. To qualify for this role, you should have a Bachelor's degree or equivalent in Information Technology, Computer Science, or a related field, along with industry certifications such as CISSP or CISM. You should possess advanced experience in the Technology Information Security industry, prior experience working in a SOC/CSIR, and advanced knowledge of tools, techniques, and processes used by threat actors. Additionally, you should have practical knowledge of indicators of compromise (IOCs), end-point protection, enterprise detention, response software, SIEM, and IPS technologies. This is an on-site working position at NTT DATA, where diversity and inclusion are embraced, and you will have the opportunity to continue growing, belonging, and thriving in a collaborative environment. NTT DATA is an Equal Opportunity Employer, and your career progression here will involve seizing new opportunities, expanding your skills, and preparing for future advancements within the global team.,

We are seeking an experienced Pega Lead Decisioning Architect to lead and support the migration, design, and implementation of next-best-action decisioning (NBAD) capabilities across customer channels. This role requires a deep understanding of Pegas decisioning architecture, 1:1 Operations Manager, and application overlays. You will work closely with business and technology stakeholders to ensure successful parallel runs, cutovers, and best-practice adherence in a banking environment. Key Responsibilities: Provide consultancy and architecture review for NBAD migration , including context setting, solution design, and testing. Offer recommendations and share best practices for Pega decisioning to ensure compatibility , scalability , and optimal performance . Lead and support parallel run strategies and cutover activities in collaboration with channel teams. Advise on 1:1 Operations Manager usage, application overlays, and BOE system setup to ensure alignment with enterprise models. Troubleshoot and guide resolution of technical and decisioning issues in a multi-application setup. Provide expert support to project teams within the HKT hour framework and contribute to key architectural decisions. Required Skills & Expertise: 8+ years of hands-on experience in Pega Decisioning and application architecture. Successfully implemented multi-level decisioning and multi-application architecture in at least one large-scale project. Deep knowledge of 1:1 Operations Manager , Application Overlays , and associated troubleshooting techniques. Experience advising on BOE setup and 1:1 operational models . Solid understanding of parallel run strategies and providing effective cutover support for digital channels. Strong communication and stakeholder management skills, particularly in banking or financial services. Preferred Qualifications: Pega Certified Decisioning Architect (PCDA) or Lead System Architect (CLSA) preferred. Experience with enterprise-level Pega CDH (Customer Decision Hub) deployments. Background in banking domain projects , especially those involving migration or modernization of decisioning platforms. Familiarity with agile methodologies and project support best practices.

Job Description: SIEM, SOAR, UEBA, and NBAD Specialist Certifications: Certified Ethical Hacker (CEH) - mandatory. Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Roles and Responsibilities Incident Analysis, Incident co-ordination & Response ,Remote Incident Response, Forensics Artifact handling & Analysis, Malware Analysis, Insider Threat Case Support, Sensor Tuning & Maintenance, Custom Signature/ Rules Creation, Scripting & Automation, Audit Collection &Storage, Product Assessment & Deployment and Risk Assessment , Response Planning, Mitigation, Recovery Planning, Communicating Emergency Alerts &Warnings to relevant/designated stakeholders , Endpoint Threat Detection and remediation. Take SOAR action on identified malicious communications, Monitor and alert any abnormalities identified, Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to L3 and other relevant/designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders. Should have knowledge of below technologies UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. Required Qualifications:

Role: Pega Lead Decisioning Architect Experience: 8+years Relevant: 7+years Work Location: Pune/Hyderabad Detailed JD (Roles and Responsibilities): Provide consultancy and review NBAD migration including context setting, NBAD design & testing and etc.. Provide recommendation/ Share best practices based on existing Pega decision making to ensure the compatibility and performance. Provide consultancy and review on Parallel run and Cutover support by Channels. Desired/ Secondary skills: Implemented Multi Level Decisioning and Multi App in at least one of the projects. Working experience with 1:1 Operations Manager, Application Overlays and able to troubleshoot. Review to advise on 1:1 operation model & BOE system setup is required. Provide recommendation/ Share best practices based on existing Pega decision making to ensure the compatibility and performance. Provide consultancy and review on Parallel run and Cutover support by Channels Provide project support according to HKT hour Domain: Banking Interested candidates please share your cv to prasannna@rocklietechchamp.com or contact me on 8125455480

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources.Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD,PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis.Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities.Identify log sources and examine system logs to reconstruct event histories using forensic techniques.Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging.Maintain and support the operational integrity of SOC toolsets.Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans.Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively.Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive.Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Workplace type : On-site Working

Your day at NTT DATA The Manager, Information Security Incident Response is a management role, responsible for managing the Information Security Incident Response Management team. This role ensures their team is equipped and enabled to detect and monitor threats and suspicious activity affecting the organization's technology domain. This role serves as the escalation point for incidents workflows and participates in the delivery of security measures through analytics and threat hunting processes. The Senior Manager, Information Security Incident Response manages a team of security professionals whilst fostering a collaborative and innovative team culture focused on operational excellence. What youll be doing Key Responsibilities: 10+ Years of experience in SOC. 4+ Years of experience as a SOC Manager. 4+ Years of experience in SIEM (Splunk) CISM/CISSP Certification is must. Good understanding about SOAR/UEBA/NBAD/XDR. Strong Exp in EDR and email fishing, Ransomware alerts. Troubleshooting technical issues to ensure project success. End-end integration of all soc solutions health check as per the signoff Implementing changes to align with Client demands and specifications. Providing guidance, direction, and instructions to the team to achieve specific objectives. Developing and executing a timeline for the team to achieve its goals. Monitoring incident detection and closure. Presenting regular metrics and reports. Identifying new alert requirements. Ensuring services meet SLA parameters. Conducting periodic DR drills. Following up with departments to close various reports/incidents and escalating long outstanding issues. Designing SIEM solutions to enhance security value, service management, and scalability. Identify, resolve, and conduct root-cause analysis for security incidents which is essential for maintaining a proactive and responsive security posture. Develop and document incident response procedures. Ensuring the SIEM system is optimized for efficient performance is vital. This includes handling data volume effectively and maintaining responsiveness for timely threat detection and response. Align reports SIEM rules and alerts with security policies and compliance reports requirements ensures that the system contributes to overall security and regulatory adherence. Developing customized and dashboards provides meaningful insights into the LICs security posture, aiding in decision-making and monitoring. Integration with other solutions/devices (including security solutions) to enhance overall security monitoring and incident response capabilities, creating a more comprehensive security infrastructure. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the systems reliability and effectiveness. Academic Qualifications and Certifications: Bachelors degree or equivalent in Information Technology, Computer Science or related field. Industry Certifications such as CISSP, CISM preferred. Required Experience: Advanced experience in a Technology Information Security Industry. Advanced prior experience working in a SOC/CSIR. Comprehension and practical knowledge of the Cyber Threat Kill Chains. Advanced knowledge of Tools, Techniques and Processes (TTP) used by threat actors. Advanced practical knowledge of indicators of compromise (IOCs). Advanced experience with End Point Protection and Enterprise Detention and Response Software. Advanced experience or knowledge of SIEM and IPS technologies. Advanced experience with Wireshark, tcpdump, Remnux, decoders for conducting payload analysis. Knowledge of malware analysis, hacking techniques, latest vulnerabilities, and security trends. Preferably an interest, or knowledge of, or experience with SIEM and IPS technologies. Advanced knowledge of network technologies including routers, switches, firewalls Advanced prior demonstrated experience managing and leading a team in a related field. Workplace type On-site Working

Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is Must.

Key Responsibilities: Min 4+ Years exp in Soc along with SIEM (Splunk). Min 2 years Hands on exp in Splunk. Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Active CEH certification is Must. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties.

Job Description: SIEM, SOAR, UEBA, and NBAD Specialist Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Roles and Responsibilities Incident Analysis, Incident co-ordination & Response, Remote Incident Response, Forensics Artifact handling & Analysis, Malware Analysis, Insider Threat Case Support, Sensor Tuning & Maintenance, Custom Signature/ Rules Creation, Scripting & Automation, Audit Collection & Storage, Product Assessment & Deployment and Risk Assessment , Response Planning, Mitigation, Recovery Planning, Communicating Emergency Alerts & Warnings to relevant/designated stakeholders , Endpoint Threat Detection and remediation. Take SOAR action on identified malicious communications, Monitor and alert any abnormalities identified, Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to L3 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders. Should have knowledge of below technologies UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 1.5+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory .

Minimum 3 years’ experience working in a large-scale IT environment with focus on Cyber / Information Security. Areas of expertise should include Pre-Sales support, Service & Solution delivery, part of program management (Transition & Transformation) Required Candidate profile Knowledge in SIEM, SOAR, Threat Hunting, EDR, Deception, NTA, NBAD, UEBA. Handson experience on leading analytical platforms like Splunk, IBM QRadar, Hunters, Sumo Logic, Sentinel. Certification:CISSP

Summary: Lead SOC technologies and Management, shall be responsible for ensuring the day-to-day operations and maintenance of the organization's security. Strengthen security posture and ensure the control effectiveness of security systems within an organization. Collaborate with diverse teams to ensure the seamless functioning of the Solutions, optimization of the security infrastructure and controls. Responsibilities: Ensure the day-to-day operations and maintenance of the organization's cyber security infrastructure and controls to protect systems, networks, and data. Ensure coverage and effectiveness of security operations and deployed solutions. Ensure optimum security, availability, performance, and capacity of security solutions under management. Configuration, Monitoring & Troubleshooting of SIEM, SOAR, UEBA, NBAD, Threat Intel, Deception etc. Responsible for Firmware upgrades, closing of Audit points/Vulnerabilities, Creation of Security Policies, Fine tuning of exiting Policies, Configuration Backups, Event Log Monitoring, Threat Intel integration, Signature finetuning etc. Ensure & maintain up-to-date documentation - SOPs, Architecture digrams etc. to remove dependency on people. Manage configuration changes and deployments according to established change management processes, ensuring minimal disruption and adherence to best practices. Ensure hardening, latest stable version and security patches of security devices and solutions Track EOL/EOS and ensure that there no technology obsolescence. Ensure resolution of incidents and outages, coordinating with internal teams and external vendors to restore service within agreed-upon SLAs. Handle escalations and run the smooth operations of security solutions. Identify & analyse pain areas in existing security operations & implement improvements Handle operational issues which require design/technical inputs. Ensure compliance with regulatory requirements, security policies, and security frameworks such as ISO 27001, NIST, or CIS Publish the relevant dashboards and status updates. Escalate deviations and violations in a timely manner. Remain current with organizations security policies, latest security advisories/threats, industry best practices and developments in cyber security, and recommend and implement best practices and technologies to mitigate emerging threats. Education: B.E/ B.Tech, MCA (Computer/IT)/B.Sc (Computer/IT) or degree in relevant field. Experience: Candidate should have 6+ years of experience preferably in Banking and Technology organization Knowledge: Sound experience in managing SOC technologies and operations in a large and complex environment. Should have sound understanding & knowledge of various SOC technologies & techniques like SIEM, SOAR, UEBA, NBAD, Threat Intel, Deception etc. Should have hands on experience on SOC platform administration, LOG Source integration, Playbook, Usecase engineering, incident response techniques and technologies. Finetune, configuring and thresholds for SIEM and vulnerability tools. Should have knowledge & understanding of IT infrastructure & networking technologies, operations and security principles. Ability to analyze endpoint, network, and application logs. Knowledge of various security methodologies and technical security solutions. Should prepare and implement the use cases for SOC monitoring team able to provide proactive threat hunting to detect incidents. Should have sound understanding about Threat Hunting, Mitigation and Response. Strong understanding of Regulatory security guidelines & master directions and security frameworks such as ISO 27001, NIST, or CIS. Should be well versed with ITIL and ITSM practices. Skills: Exceptional analytical, conceptual thinking, Troubleshooting and problem-solving skills. Strong leadership, negotiation, and conflict resolution skills. Detail-oriented with a focus on quality and accuracy in project/service deliverables Should have strong written, verbal and presentation skills. Ability to perform under pressure, influence stakeholders and work closely with them to determine acceptable solutions.

Job Description: Security Engineer NBAD L2 Location: Mumbai Client Site (Santa Cruz) Work Mode: Work from Office Payroll: NTT Budget: 13 LPA (Including 5% variable) Notice Period: Immediate to 45 days only Relocation: Allowed, but no relocation allowance/accommodation will be provided Requirement Brief : Total experience of 3+ years out of which minimum 2 years of experience in NBAD. Minimum experience of 1 years as L2 level. Only look for candidates who are expert on Security (NBAD) Proposed OEM Level Certification must. Key Responsibilities: Implement NBAD solutions within the network infrastructure and ensure proper configuration. Continuously monitor network traffic for anomalies and suspicious behaviour. Respond to alerts and incidents identified by the NBAD system, investigate root causes, and initiate appropriate actions. Maintain and update NBAD systems, ensuring they remain effective against evolving threats. Document configurations, incidents, and solutions for future reference and reporting. Develop test plans and strategies for evaluating the performance and accuracy of NBAD systems. Execute various testing methodologies, including functional, regression, and performance testing. Identify and report any issues or defects in the NBAD system, working closely with the development team for resolution. Validate that the NBAD system meets the specified requirements and delivers accurate results. Implement test automation where possible to streamline testing processes.

Role: SOC Analyst - L3 Job Type: Full Time, Permanent Location: Pune (Onsite) Experience Required: 5+ years of experience in network and IT security field, managing SOC systems and operations (defining strategy around security monitoring, incident management, regulatory compliance, process improvement etc.) Qualification: Certifications in Cyber security/Information Security/Networking, Degree in Computer Science / Applications. CTC: 16 LPA to 20 LPA Primary Abilities SIEM SOAR UEBA NBAD/NDR Endpoint Security Threat Hunting Threat Analysis Team Leading Client Interaction Responsibilities: Lead and mentor junior SOC analysts Conduct in-depth investigations into complex security incidents Identify and analyses emerging threats and vulnerabilities Develop and implement security incident response plans Participate in vulnerability assessments and penetration tests Provide technical guidance and support to other security teams Stay up to date on the latest security threats and trends Communicate effectively with technical and non-technical audiences Represent the SOC in meetings with stakeholders Drive end-to-end implementation of the SIEM and SOAR Solutions. Expertise in SOC team building. Any other responsibility area as identified necessary for execution of required SOC services. Drive customer monthly governance meetings Drive the technical discussion with new or existing customers. About Company Innspark is the fastest-growing Deep-tech Solutions company that provides next-generation products and services in Cybersecurity and Telematics. The Cybersecurity segment provides out-of-the-box solutions to detect and respond to sophisticated cyber incidents, threats, and attacks. The solutions are powered by advanced Threat Intelligence, Machine Learning, and Artificial Intelligence that provides deep visibility of the enterprises security. We have developed and implemented solutions for a wide range of customers with highly complex environments including Government Organizations, Banks & Financial institutes, PSU, Healthcare Providers, Private Enterprises. Website : https://innspark.in/

Experience :- 4 - 6 Yrs Location:- CBD Belapur Skills :- Hands on experience on UEBA such as Gurucul GRA, Rapid 7 Insight IDR, IBM QRadar, NBAD and PCAP solutions such as Vehere NDR and CISOC, Stealthwatch, RSA Pacets, etc. solutions (combination of any 2 at least) Should have strong knowledge on SIEM Solutions like IBM Qradar, RSA Netwitness, LogRythm, etc. Job Responsibilities:- Managing SIEM platform (H/W, OS & application) Device integrations, trouble shooting skills Use case creation, fine tuning & reviews Ability to investigate incidents Incident Management, response & handling escalations Good command over Linux Managing open tickets, discussing issues with OEM Should be good in communication skills to interact with different stake holders Creation of reports & dashboards Provide data related to various compliance requirements and audits. Certification if any :- CEH, EC-CSA, GIAC