7 Phantom Jobs

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM), Splunk Administration, Splunk Enterprise Security, Splunk Phantom Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Splunk Engineer, you will be working within the Security Engineering & Technology Services team, responsible for understanding, researching, designing, developing, operating, and enhancing security solutions with the products client has acquired for consumption as a service offering across all of client. You will collaborate with Security Operations (mainly Cyber) teams to support in implementation of new technical solutions, on-board new data into Splunk and develop use cases to meet the business requirements Roles & Responsibilities:Building, maintaining, and operating Splunk Enterprise and Splunk Enterprise Security SaaS SolutionBuilding Co-relation searches for Cyber Operation requirementsEvaluating and analysing business requirements and designing suitable solutions, challenging requirements where necessary Managing, co-ordinating and implementing technical project activities and enhancements to services Conducting Incident/ Problem/ Recovery activities Supporting the Joint Operations Centre and incident response teams for detected security events. Creating and maintaining accurate and high-quality documentation Supporting Operational effectiveness auditStructure phased deliverables to link long term vision with time-boxed activities.Support the project delivery phase including testing and training, to ensure the agreed business solutions are delivered successfully.Work closely with developers and testers, to ensure delivery of the functionality on time and with quality. Professional & Technical Skills: Knowledge of Splunk Enterprise architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment servers) , knowledge of Splunk Cloud & SOARKnowledge of Splunk Enterprise Security at administration and use case level Knowledge on on-boarding new data into Splunk, Splunk Forwarders - data ingestion, extraction.Knowledge of the Common Information Model, data models, enrichment, and automationGood experience on Splunk add-Ons installation / configuration to bring security logs into Splunk.Good understanding of the Security Domain.Documentation skills in order to provide high quality documentation for internal customers and technical teams. Additional Information:- The candidate should have a minimum of 8+ years of experience in Security Information and Event Management (SIEM) with 5+ yrs experience on Splunk SIEM.- The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with a proven track record of delivering impactful security solutions.- This position is based at our Pune office with flexible locations as banglore and Chennai. Qualification 15 years full time education

Phantom/SOAR & Python experience with Good Development skills Good in ITIS and Understanding and building playbooks with On-prem multi-site clustering Splunk environment Practical experience in monitoring and tuning Playbooks & Use cases Good knowledge of creating custom apps with dashboards / reports / alerts and demonstrate Understanding of Splunk apps Ownership of delivery for small to large Splunk onboarding projects Ability to automate repetitive tasks and reduce noise Implementing and supporting Phantom with good Python, Red Hat and Windows experience Location: Pan India

Job Information Job Opening ID ZR_1899_JOB Date Opened 29/04/2023 Industry Technology Job Type Work Experience 3-5 years Job Title Phantom/SOAR City Hyderabad Province Telangana Country India Postal Code 500081 Number of Positions 5 Phantom/SOAR & Python experience with Good Development skills Good in ITIS and Understanding and building playbooks with On-prem multi-site clustering Splunk environment Practical experience in monitoring and tuning Playbooks & Use cases Good knowledge of creating custom apps with dashboards / reports / alerts and demonstrate Understanding of Splunk apps Ownership of delivery for small to large Splunk onboarding projects Ability to automate repetitive tasks and reduce noise Implementing and supporting Phantom with good Python, Red Hat and Windows experience Location: Pan India check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk Management Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accenture's overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation – BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole Description: Support SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information: The candidate should have a minimum of 5 years of experience in Splunk This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities: SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization. Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows. Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools. Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization. Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations. Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: Proficiency in scripting and programming Python to develop custom playbooks and integrations. Strong understanding of security operations, incident response, and threat intelligence workflows. Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools. Ability to troubleshoot complex integration and automation issues effectively. Additional Information: Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent. Experience with cloud-native SOAR deployments and hybrid environments. Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001. A 15 year full-time education is required 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Requirement Splunk L3 / SME (B3) Expertise Splunk Enterprise / Cloud (Deployment, Administration & Development) Key responsibilities Deployment and configuration of Splunk platform (Enterprise) / Splunk Cloud Demonstrate Splunk Core capabilities to the prospective clients Optimizes Splunk platform architecture for large-scale and distributed deployments Adopt best practices and development standards, and deployment of the same Develops and customizes Splunk apps and dashboards and Builds advanced visualizations Key Skills Administering Production Systems, where Splunk platform is with multiple data sources as Metrics, Windows sources, HEC, ,etc. Migration / upgrade execution for Splunk platform Should perform in-depth diagnostic of incidents on any specific application and identify the root cause of problems Should document resolved issues in an effective manner for knowledge management, cross-train peers with tool usage and assist in creation of best-practices, work independently on multiple assignments, proactively prioritizing focus and effort Should have good hands on knowledge of Deployment , Administration and Development of the Splunk Enterprise platform Implements and maintains Splunk platform infrastructure and configuration Undertakes day-to-day operational and user support & Executes new projects as well as data and user onboarding Experience in integrating other tools like JIRA, ServiceNow, Jenkins, AWS etc. with Splunk using 3rd party app Proficient in writing SPL queries and experience in advanced level dashboarding, scheduled jobs, Data models, Lookups and other knowledge objects Experience in performance optimization of existing dashboards, reports and alerts Experience in MLTK, DB Connect Apps and experience in any one of the scripting tools (Python / Shell) Experience in at least one Premium App like ITSI, ES, Phantom, UBA, Splunk Observability Good to have Skills Experience in scripting, Ansible / Puppet for Run book Automation Fair understanding of AWS cloud and cloud services Splunk certified Professional

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information SOAR Developer JD- Client looking for a strong playbook developer resource for XSOAR/Splunk Phantom/Splunk SOAR who has SOC/CSIRT practical experience along with technical skills for developing playbooks. The resource would be helping to develop playbooks for our existing requirements and also work more directly with our analysts to leveraging their SOC/CSIRT experience to help come up with the best solution to solve the business need. This may require influencing process change on the SOC side to provide the best solution to meet their needs. Looking for well experienced (5+ yrs) XSOAR developer who understand SOC use cases and develop new playbook automations and work on enhancement requests. Palo XSOAR playbook development, Security Incident Response, SOC operations 2. Operation Manger- splunk JD- We are seeking an experienced Operations Manager to oversee and optimize our daily operations. The Operations Manager will be responsible for ensuring that our business processes run smoothly and efficiently, coordinating between various departments, managing resources, and driving continuous improvement initiatives. The ideal candidate will have strong leadership skills, a deep understanding of operational processes, and the ability to implement strategies that enhance productivity and profitability. Key Responsibilities: - Operations Management: - Oversee the day-to-day operations of the organization, ensuring that all processes are running efficiently and effectively. - Monitor key performance indicators (KPIs) to identify areas for improvement and implement strategies to enhance productivity. - Coordinate between departments (e.g., production, logistics, customer service) to ensure seamless operations and the timely delivery of products or services. - Resource Management: - Manage and allocate resources (e.g., personnel, equipment, budget) to optimize operational efficiency and meet organizational goals. - Develop and implement resource management plans to address current and future operational needs. 3. Splunk Content Developer L3 JD- C ontent Development: - Design and develop custom dashboards, reports, and alerts within Splunk to meet the needs of various business units, including IT operations, security, and business intelligence. - Create and optimize complex SPL queries to extract meaningful data and insights. - Develop and maintain data models, saved searches, and macros to streamline content creation and improve performance. - Requirement Gathering: - Work closely with stakeholders to understand their needs and translate business and technical requirements into effective Splunk content. - Collaborate with cross-functional teams to ensure the content aligns with organizational goals and objectives. 4. Splunk Analyst JD The Splunk Analyst will be responsible for the design, implementation, and maintenance of Splunk solutions. This role involves working with large datasets, creating dashboards, alerts, and reports to provide actionable insights, and supporting the organizations IT security, compliance, and operational monitoring needs. Key Responsibilities: - Data Onboarding & Management: - Collect, monitor, and analyze data from various sources by configuring and deploying Splunk forwarders and ingesting data into the Splunk platform. - Optimize Splunk data models and indexes for performance. - Ensure data integrity, proper parsing, and normalization of data. - Dashboard & Report Development: - Design, develop, and maintain Splunk dashboards, alerts, and reports to provide insights into system performance, security events, and operational metrics. - Collaborate with stakeholders to gather requirements and tailor reports/dashboards to meet business needs. - Monitoring & Alerting: - Implement and fine-tune Splunk alerts to proactively monitor for security incidents, performance issues, and anomalies. - Conduct regular system health checks to ensure the stability and performance of the Splunk environment. - Troubleshooting & Support: - Investigate and resolve issues with Splunk performance, data ingestion, and search/query errors. - Provide support to end-users, helping them to use Splunk effectively