19 Phantom Jobs

As a Senior SOC Analyst (L2 & L3) at Fiori Technology Solutions in Bengaluru, India, with over 10 years of experience, you will be part of a 24x7 365 operation, working in a rotating schedule involving all shifts in 10-hour swings, including some Holidays. Your primary responsibilities will include: - Monitoring alerts in various tools, performing initial triage analysis, and incident creation - Working on alerts to resolution or escalation, and simple issue resolution based on documentation or guidance from Team Leader - Receiving and documenting incident and service requests via web tickets, phone calls, or emails and converting them to tickets - Following operational processes, delivering shift turn over reports, and managing incidents with a focus on risk - Participating in escalations, process documentation, and continuous improvement initiatives - Performing all functions from our end client facility in Bangalore and collaborating with worldwide customers and global IT teams To be successful in this role, you should have experience in a large-scale heterogeneous corporate environment. Preferred experience includes 5-10 years in Network Security Monitoring, Splunk Enterprise Tools, Phantom, Carbon Black, Malware Analysis, Phishing, Incident response, Endpoint protection, using SIEM Tools. You should also possess a strong desire to provide world-class support, excellent email communication skills, and the ability to communicate effectively with end users and team mates. Demonstrating strong customer service, verbal, documentation, and listening skills, as well as the ability to access, triage, and determine criticality of issues or incidents, is essential. Previous experience in handling risk tickets is also required. If you meet these qualifications and are interested in joining our team, please send your resume to jobs@fiorit.com.,

Hole ZLD Process. operation and Maintenance. O & M,R.O. of ETP. MEE Operations and Maintenance. COD, BOD, TDS ETC Testing in Lab. All Jobs need to record and maintain it. PM Schedule with 100% compliance. Phantom Process. Completing job reports. Required Candidate profile Knowledge of state safety and structure regulations. Excellent technical design skills. Good communication skills. A keen eye for aesthetics and detail Handle Water Treatment in different situations Perks and benefits Food, Accommodation, Transportation

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:# Objectives:1. Lead the development and implementation of SOAR solutions to automate security incident response and improve incident management efficiency.2. Design and implement scalable SOAR architectures that integrate with existing security infrastructure and tools.3. Mentor a team of SOAR engineers and analysts to ensure successful solution delivery and adoption.4. Collaborate with cross-functional teams to identify security automation opportunities and drive solution adoption.5. Drive continuous improvement of SOAR solutions through data analysis, reporting, and process optimization.6. Develop and execute SOAR strategy and roadmap7. Design and implement Splunk-Phantom SOAR solutions, playbooks, and integrations8. Collaborate with security teams, vendors, and stakeholders9. Analyze data and generate reports to inform SOAR solution improvement10. Ensure compliance with security regulations and industry standards# Requirements:- Strong technical background in security automation, SOAR, and security incident response- Experience with Splunk Phantom SOAR platform- Leadership and team management experience- Excellent communication and collaboration skills- Strong analytical and problem-solving skills Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Phantom (SOAR) and Security Information and Event Management (SIEM).- Tool Proficiency- Splunk and Phantom- Strong understanding of cloud security principles and practices.- Experience with security compliance frameworks such as ISO 27001 or NIST.- Familiarity with incident response and threat management processes.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

A career in our Advisory Service Delivery Centre is the natural extension of PwC's leading-class global delivery capabilities. We provide premium, cost-effective, high-quality services that support process quality and,

We are seeking a skilled Blockchain Developer with practical experience in Solana, Ethereum, and Base networks. The ideal candidate will possess expertise in smart contract development, blockchain integrations, and frontend React integration. You will be responsible for working on decentralized applications (dApps), optimizing smart contract performance, and ensuring seamless communication between smart contracts and web applications. Immediate joiners will be preferred. Your responsibilities will include developing and deploying smart contracts on Solana (Rust), Ethereum/Base (Solidity, Vyper), and working with the Anchor framework for Solana and Hardhat/Foundry for Ethereum development. Moreover, you will integrate smart contracts with React-based frontend applications using web3.js, ethers.js, viem, or Solana's @solana/web3.js. It will also be your duty to optimize gas usage and transaction efficiency for blockchain interactions, design and implement cross-chain interactions between Ethereum, Solana, and Base, and build and maintain backend services for blockchain applications using Node.js, GraphQL, and IPFS. You must ensure the security and auditability of smart contracts by following best practices and testing methodologies, work with wallet integrations (e.g., Metamask, Phantom, Coinbase Wallet), and collaborate with UI/UX teams to ensure a seamless user experience for decentralized applications. Required Skills & Experience - Blockchain & Smart Contracts: - Experience in developing and deploying smart contracts on Solana (Rust, Anchor) and Ethereum/Base (Solidity, Vyper). - Familiarity with Layer 2 solutions (Optimism, Arbitrum, Base) and sidechains. - Experience with NFTs, DeFi protocols, and tokenomics. - Frontend & Web3 Integration: - Strong knowledge of React.js, Next.js, and integrating dApps with ethers.js, web3.js, viem, or solana/web3.js. - Experience with GraphQL, REST APIs, and The Graph Protocol for querying blockchain data. - Security & Performance: - Understanding of smart contract security vulnerabilities (reentrancy, front-running, integer overflow, etc.). - Experience with smart contract auditing tools like Slither, MythX, or Certora. - Tools & Frameworks: - Solana: Anchor, Seahorse - Ethereum: Hardhat, Foundry, Remix - Storage: IPFS, Arweave, Filecoin - Version Control: Git, GitHub, GitLab Good To Have Skills: - Experience with cross-chain messaging protocols (e.g., LayerZero, Wormhole). - Understanding of MEV (Miner Extractable Value) and Flash Loans. - Knowledge of Zero-Knowledge Proofs (ZK-Rollups, zkSync, StarkNet). - Experience with Rust, Go, or TypeScript for blockchain development.,

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :SIEM Engineer with expertise in Splunk to support the deployment, configuration, and ongoing maintenance of the Splunk platform in support of our Cyber Defense and Security Operations. The ideal candidate will help in developing use cases, onboarding log sources, fine-tuning alerts, and ensuring optimal performance of the SIEM environment Roles & Responsibilities:- Deploy, configure, and maintain Splunk infrastructure components (indexers, forwarders, search heads, etc.)- Onboard log sources from various platforms including network devices, endpoints, cloud, and applications.- Create, optimize, and tune correlation rules and alerts to reduce false positives and improve threat detection.- Develop and maintain dashboards, reports, and visualizations for different stakeholders including SOC, IT, and leadership teams.- Perform root cause analysis and troubleshooting of SIEM-related issues.- Design and implement custom Splunk queries and SPL scripts to support detection and investigation.- Collaborate with Security Operations Center (SOC), Threat Intel, and IR teams to improve detection and response capabilities.- Support the integration of SOAR for automation of repetitive security tasks and response actions.- Participate in threat hunting and red/blue team exercises using Splunk.- Ensure Splunk platform is compliant with internal governance and regulatory requirements (e.g., PCI, HIPAA).- Maintain documentation for use cases, onboarding procedures, and dashboards Professional & Technical Skills: - Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience).- 57 years of experience in Cybersecurity with at least 4+ years hands-on with Splunk.- Strong knowledge of Splunk Enterprise and Splunk Enterprise Security (ES).- Proficient in SPL (Search Processing Language).- Familiarity with security frameworks like MITRE ATT&CK, NIST, or ISO27001.- Experience integrating threat intelligence feeds and IOC sources.- Understanding of network protocols, logs, firewalls, IDS/IPS, endpoint security, and cloud platforms (AWS, Azure).- Experience with SOAR tools (e.g., Splunk SOAR, Phantom) is a plus.- Splunk certifications (e.g., Splunk Core Certified User/Power User/Admin) preferred Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required.- Experience with cloud-native logging solutions (e.g., AWS CloudTrail, Azure Sentinel).- Knowledge of scripting languages (Python, PowerShell, Bash).- Exposure to ITSM tools (e.g., ServiceNow) for incident tracking.- Ability to work in a 24x7 security operations environment (if required). Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, designing robust security solutions, and documenting the implementation of cloud security controls. You will also oversee the transition to cloud security-managed operations, ensuring that all processes align with organizational standards and best practices. Engaging in continuous improvement initiatives will be a key part of your role, as you strive to enhance the security posture of the organization while adapting to evolving threats and technologies. Roles & Responsibilities:1. Lead the development and implementation of SOAR solutions to automate security incident response and improve incident management efficiency.2. Design and implement scalable SOAR architectures that integrate with existing security infrastructure and tools.3. Manage and mentor a team of SOAR engineers and analysts to ensure successful solution delivery and adoption.4. Collaborate with cross-functional teams* to identify security automation opportunities and drive solution adoption.5. Drive continuous improvement of SOAR solutions through data analysis, reporting, and process optimization.6. Develop and execute SOAR strategy and roadmap7. Design and implement SOAR solutions, playbooks, and integrations8. Lead and mentor a team of SOAR engineers and analysts9. Collaborate with security teams, vendors, and stakeholders10. Analyze data and generate reports to inform SOAR solution improvement11. Ensure compliance with security regulations and industry standardsRequirements:- Strong technical background in security automation, SOAR, and security incident response- Experience with Splunk Phantom SOAR platform- Leadership and team management experience- Excellent communication and collaboration skills- Strong analytical and problem-solving skills Professional & Technical Skills: - Must Have Skills: Proficiency in Security Operation Automation.- Tool proficiency:Splunk Phantom SOAR platform- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with security automation tools and technologies.- Ability to analyze security incidents and develop effective response strategies. Additional Information:- The candidate should have minimum 3 years of experience in Security Operation Automation.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About the role This position is a member of the STRM - Security Threat and Response Management team which is responsible for security monitoring and response functions for Mastercard, accounting for both physical and cyber security events. Engineer would build new software capabilities, support existing solutions, provide technical oversight and lend its expertise to the program. * Develop and fine-tune detection content in SIEM platform to improve threat detection and response capabilities. * Design and build automated playbooks in SOAR platform for common incident response use cases. * Lead and mentor analysts on detection logic, search optimization, and investigation best practices. * Integrate data sources into Splunk and ensure normalization using CIM (Common Information Model). * Write custom scripts (primarily in Python) for integrations, automation, and enrichment tasks. * Create and maintain documentation for detections, use cases, and automation processes. * Collaborate with Threat Intelligence, Incident Response, and DevSecOps teams to align detection and response efforts. * Continuously assess and improve security posture through automation and process refinement. * Stay current on threat trends, emerging technologies, and advancements in detection and SOAR use cases. All about you * Strong proficiency in Python for scripting, development, and automation. * Solid understanding of security operations, SIEM, and incident response workflows. * Experience in designing detection rules, risk-based alerting, and notable event tuning. * Ability to mentor and guide junior team members on detection logic and investigation strategy. * Familiarity with MITRE ATT&CK framework and applying it to detection development. * Experience integrating various security tools and data sources with Splunk. * Knowledge of REST APIs and building integrations with third-party tools. * Prior experience in Security Engineering, SOC, or Threat Detection roles is plus. * Deep expertise in Splunk Enterprise Security (ES) and Splunk SOAR (formerly Phantom) is plus.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities:- SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization.- Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows.- Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools.- Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization.- Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations.- Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: - Proficiency in scripting and programming Python to develop custom playbooks and integrations.- Strong understanding of security operations, incident response, and threat intelligence workflows.- Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools.- Ability to troubleshoot complex integration and automation issues effectively. Additional Information:- Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent.- Experience with cloud-native SOAR deployments and hybrid environments.- Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001.- A 15 year full-time education is required- 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Your role This position is responsible for administering the Splunk platforms for enterprise Security Information and Event Management (SIEM). The role involves working with asset owners to ensure the timely and efficient collection of computer security events and logs for the purpose of detecting and responding to information security incidents. Maintain all components of a distributed SPLUNK infrastructure including indexer clusters, search head clusters, and deployment servers. Provide overall management of the SPLUNK platform. Standardize SPLUNK forwarder deployment, configuration, and maintenance across Unix and Windows platforms. Troubleshoot SPLUNK server and forwarder problems and issues. Assist internal users in designing and maintaining production-quality dashboards. Monitor the SPLUNK infrastructure for capacity planning. Implement change requests and engineering tasks. Lead technical discussions in customer governance calls. Participate in technical audits. Identify opportunities for automation, standardization, and stabilization. Prepare/update/review run books, SOPs, and knowledge articles. Plan, prepare, and execute change processes and implementations. Perform OS-level performance monitoring and troubleshooting. Monitor and troubleshoot application and database layers (e.g., Apache, Tomcat, MySQL). Administer and maintain a 24/7 highly available Splunk environment. Work closely with clients, technicians, and managerial staff. Experience with Databricks, Kafka, and NiFi is an added advantage. Your profile Splunk Administrator with 4 to 8 years experience Dashboards, reports creation and Monitoring Experience with Splunk Phantom as well, would be given preference Work location Bengaluru,Mumbai,Pune & Hyderabad What Youll Love About Working Here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

We are seeking a skilled Blockchain Developer with practical experience in Solana (Rust + Anchor) and EVM-compatible chains such as Ethereum, Polygon, Base, BSC. The ideal candidate will possess expertise in smart contract development, cross-chain interoperability, and full-stack dApp development with React and Web3 integrations. Your responsibilities will include developing secure, scalable, and user-centric decentralized applications with seamless wallet and blockchain integrations. As an Immediate Joiner, you will be tasked with developing and deploying smart contracts on Solana (Rust + Anchor) and EVM-based networks using Solidity. Additionally, you will build full-stack dApps utilizing React.js/Next.js, Web3.js/Ethers.js, and integrating wallets like MetaMask, Phantom, and WalletConnect. Implementing cross-chain features using LayerZero, Wormhole, or Axelar for bridging, syncing, and wrapped tokens will also be part of your role. You will be responsible for writing secure, gas-optimized contracts, conducting comprehensive testing using tools like Mocha, Jest, Anchor test suite, Hardhat, and Foundry. Integration of backend services with Node.js, GraphQL/REST APIs, PostgreSQL/MongoDB, and Redis (optional) will also be within your scope. Automation of deployments using Docker and CI tools such as GitHub Actions and GitLab CI is expected. Monitoring and troubleshooting on-chain activity using tools like Tenderly, Etherscan APIs, and Solana Explorer will also be part of your responsibilities. Collaboration with frontend and DevOps teams to ensure excellent UI/UX and scalability is crucial. The desired candidate should possess 3+ years of full-stack development experience, at least 1 year of hands-on Solana smart contract development (Rust + Anchor), proficiency in Solidity and EVM tools (Hardhat, Foundry, Truffle), strong knowledge of Web3 wallet integration, blockchain architecture, and RPC interactions. Experience with DeFi, NFTs, DAOs, and decentralized storage (IPFS, Arweave) is preferred. Familiarity with authentication protocols like JWT, OAuth2, and SIWE (Sign-In With Ethereum/Solana), understanding of smart contract vulnerabilities, and Web3 security best practices are required. Experience with zk-rollups (zk-SNARKs, zkSync, StarkNet), exposure to other chains like Cosmos, NEAR, or React Native/mobile dApps, contributions to open-source blockchain projects, knowledge of MEV, gas fee estimation, and bridging mechanics across chains will be an added advantage.,

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accentures overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole DescriptionSupport SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information:- The candidate should have a minimum of 5 years of experience in Splunk- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Industry - Leading NBFC. Designation - Senior Manager / AVP. Role - SOAR Admin. Location - Mumbai. Required Candidate profile Role: Minimum 6 years experience in designing, implementing and managing Security Orchestration, Automation, and Response (SOAR) solutions. Interested can share their CV - bhumika@rightmatch.co.in

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM), Splunk Administration, Splunk Enterprise Security, Splunk Phantom Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Splunk Engineer, you will be working within the Security Engineering & Technology Services team, responsible for understanding, researching, designing, developing, operating, and enhancing security solutions with the products client has acquired for consumption as a service offering across all of client. You will collaborate with Security Operations (mainly Cyber) teams to support in implementation of new technical solutions, on-board new data into Splunk and develop use cases to meet the business requirements Roles & Responsibilities:Building, maintaining, and operating Splunk Enterprise and Splunk Enterprise Security SaaS SolutionBuilding Co-relation searches for Cyber Operation requirementsEvaluating and analysing business requirements and designing suitable solutions, challenging requirements where necessary Managing, co-ordinating and implementing technical project activities and enhancements to services Conducting Incident/ Problem/ Recovery activities Supporting the Joint Operations Centre and incident response teams for detected security events. Creating and maintaining accurate and high-quality documentation Supporting Operational effectiveness auditStructure phased deliverables to link long term vision with time-boxed activities.Support the project delivery phase including testing and training, to ensure the agreed business solutions are delivered successfully.Work closely with developers and testers, to ensure delivery of the functionality on time and with quality. Professional & Technical Skills: Knowledge of Splunk Enterprise architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment servers) , knowledge of Splunk Cloud & SOARKnowledge of Splunk Enterprise Security at administration and use case level Knowledge on on-boarding new data into Splunk, Splunk Forwarders - data ingestion, extraction.Knowledge of the Common Information Model, data models, enrichment, and automationGood experience on Splunk add-Ons installation / configuration to bring security logs into Splunk.Good understanding of the Security Domain.Documentation skills in order to provide high quality documentation for internal customers and technical teams. Additional Information:- The candidate should have a minimum of 8+ years of experience in Security Information and Event Management (SIEM) with 5+ yrs experience on Splunk SIEM.- The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with a proven track record of delivering impactful security solutions.- This position is based at our Pune office with flexible locations as banglore and Chennai. Qualification 15 years full time education

Phantom/SOAR & Python experience with Good Development skills Good in ITIS and Understanding and building playbooks with On-prem multi-site clustering Splunk environment Practical experience in monitoring and tuning Playbooks & Use cases Good knowledge of creating custom apps with dashboards / reports / alerts and demonstrate Understanding of Splunk apps Ownership of delivery for small to large Splunk onboarding projects Ability to automate repetitive tasks and reduce noise Implementing and supporting Phantom with good Python, Red Hat and Windows experience Location: Pan India

Job Information Job Opening ID ZR_1899_JOB Date Opened 29/04/2023 Industry Technology Job Type Work Experience 3-5 years Job Title Phantom/SOAR City Hyderabad Province Telangana Country India Postal Code 500081 Number of Positions 5 Phantom/SOAR & Python experience with Good Development skills Good in ITIS and Understanding and building playbooks with On-prem multi-site clustering Splunk environment Practical experience in monitoring and tuning Playbooks & Use cases Good knowledge of creating custom apps with dashboards / reports / alerts and demonstrate Understanding of Splunk apps Ownership of delivery for small to large Splunk onboarding projects Ability to automate repetitive tasks and reduce noise Implementing and supporting Phantom with good Python, Red Hat and Windows experience Location: Pan India check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk Management Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accenture's overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation – BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole Description: Support SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information: The candidate should have a minimum of 5 years of experience in Splunk This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities: SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization. Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows. Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools. Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization. Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations. Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: Proficiency in scripting and programming Python to develop custom playbooks and integrations. Strong understanding of security operations, incident response, and threat intelligence workflows. Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools. Ability to troubleshoot complex integration and automation issues effectively. Additional Information: Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent. Experience with cloud-native SOAR deployments and hybrid environments. Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001. A 15 year full-time education is required 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Phantom/SOAR & Python experience with Good Development skills Good in ITIS and Understanding and building playbooks with On-prem multi-site clustering Splunk environment Practical experience in monitoring and tuning Playbooks & Use cases Good knowledge of creating custom apps with dashboards / reports / alerts and demonstrate Understanding of Splunk apps Ownership of delivery for small to large Splunk onboarding projects Ability to automate repetitive tasks and reduce noise Implementing and supporting Phantom with good Python, Red Hat and Windows experience