6 Playbooks Jobs

Position : ServiceNow CSM Architect Shift Timing: AEST (Australian Eastern Standard Time, AEST Time Zone) Experience: Minimum 10 Years Notice Period: Immediate to 15 Days Only Mandatory E xperience ServiceNow CSM expertise with architecture and implementation of Case Management, Playbooks, Virtual Agent, AWA, Communities, FSM, Flow Designer, IntegrationHub, Performance Analytics, REST/SOAP APIs, Agile/Scrum delivery, and strong stakeholder management. Job Description Key Responsibilities The ServiceNow CSM Architect will be responsible for the design, architecture, and implementation of scalable and efficient Customer Service Management (CSM) solutions within the ServiceNow platform. The ideal candidate will have deep CSM expertise and the ability to align platform capabilities with business goals. Core Responsibilities: Lead architecture and end-to-end design of CSM solutions: Case Management, Playbooks, Virtual Agent, AWA, Communities, Knowledge Management, and FSM. Collaborate with stakeholders to gather requirements and translate them into scalable technical solutions. Define and maintain CSM roadmap and architecture aligned with platform capabilities. Provide architectural leadership across the project lifecyclefrom discovery to deployment. Create and review architecture documents, high-level designs, and integration specs. Ensure compliance with ServiceNow best practices in performance, security, and scalability. Support integrations with external platforms (CRM, contact centre tools, customer portals). Enforce platform governance, standards, and development best practices. Mentor development teams and assist with complex configurations/customizations Qualifications and Skills Bachelor's degree in Computer Science, IT, or a related field. 8+ years of ServiceNow experience with 3+ years in an architect role. Strong hands-on experience with ServiceNow CSM implementations. Proficiency in Flow Designer, Integration Hub, Virtual Agent, Predictive Intelligence, and Performance Analytics. Experience in REST/SOAP API integrations. Excellent stakeholder interaction, presentation, and documentation skills. Certifications Required: ServiceNow Certified System Administrator (CSA) ServiceNow Certified Implementation Specialist CSM Preferred experience with: Experience Designer, Employee Centre Industry-specific CSM configurations (e.g., telecom, public sector) Agile/Scrum project delivery Soft Skills Strong problem-solving and analytical thinking. Excellent communication both written and verbal. Leadership ability with strong stakeholder influence. Email: Sam@hiresquad.in

Job Summary: We are looking for a skilled Microsoft Sentinel SIEM Engineer to join our Cybersecurity Operations team. The ideal candidate will be responsible for the deployment, configuration, integration, and operational support of Microsoft Sentinel as a core SIEM platform, ensuring efficient threat detection, incident response, and security monitoring. Key Responsibilities: Design, implement, and manage Microsoft Sentinel for enterprise security monitoring. Develop and maintain analytic rules (KQL-based) and detection use cases aligned with MITRE ATT&CK. Integrate various log sources (on-prem and cloud) including Microsoft 365, Azure, AWS, endpoints, firewalls, etc. Create and manage playbooks using Azure Logic Apps for automated incident response. Monitor data connectors and ensure log ingestion health and optimization. Conduct threat hunting and deep dive analysis using Kusto Query Language (KQL). Optimize performance, cost, and retention policies in Sentinel and Log Analytics workspace. Collaborate with SOC analysts, incident responders, and threat intelligence teams. Participate in use case development, testing, and fine-tuning of alert rules to reduce false positives. Support compliance and audit requirements by producing relevant reports and documentation. Required Skills & Qualifications: 3+ years of experience working with Microsoft Sentinel SIEM. Strong hands-on experience with KQL (Kusto Query Language) . Solid understanding of log ingestion from different sources including Azure, O365, Defender, firewalls, and servers. Experience with Azure Logic Apps for playbook creation and automation. Familiarity with incident response workflows and threat detection methodologies. Knowledge of security frameworks such as MITRE ATT&CK, NIST, or ISO 27001 . Microsoft certifications such as SC-200 (Microsoft Security Operations Analyst) or AZ-500 are preferred. Good to Have: Experience with Defender for Endpoint, Defender for Cloud, Microsoft Purview. Knowledge of other SIEM platforms (e.g., Splunk, QRadar) for hybrid environments. Scripting experience (PowerShell, Python) for automation and integration. Certifications (Preferred but not mandatory): SC-200 : Microsoft Security Operations Analyst AZ-500 : Microsoft Azure Security Technologies CEH , CompTIA Security+ , or equivalent

Job Title: ServiceNow SecOps Engineer Experience: 3+ Years Employment Type: Full-Time Industry: IT Services & Consulting Functional Area: IT Security / Cybersecurity / ServiceNow Job Description: We are seeking a dynamic and experienced ServiceNow Security Operations (SecOps) Engineer with 3+ years of hands-on experience in implementing and supporting Security Incident Response, Vulnerability Response, and Threat Intelligence modules. The ideal candidate will have a strong background in cybersecurity workflows, integrations, and automation within the ServiceNow platform. Key Responsibilities: Implement, configure, and support ServiceNow SecOps modules : Security Incident Response (SIR) Vulnerability Response (VR) Threat Intelligence (TI) Configuration Compliance (optional) Integrate ServiceNow SecOps with security tools such as Tenable, Qualys, Splunk, QRadar, MISP , and Threat Intel feeds using REST APIs or IntegrationHub. Build and customize playbooks, workflows, and automation using Flow Designer or Workflow Editor. Maintain integration between CMDB and SecOps , ensuring asset-vulnerability mapping and incident correlation. Customize vulnerability scoring algorithms and support remediation planning with stakeholders. Develop and maintain dashboards, reports, and KPIs for security operations. Collaborate with SOC teams, IT teams, and developers to streamline threat and vulnerability management processes. Perform routine upgrades, patching, and configuration audits for the SecOps suite. Participate in incident triage and threat hunting activities as required. Required Skills: 3+ years of hands-on experience with ServiceNow SecOps modules . Strong knowledge of cybersecurity concepts , frameworks (NIST, MITRE), and response workflows. Experience in ServiceNow scripting (Business Rules, Script Includes, Glide APIs). Working knowledge of REST API integrations , JSON parsing, and MID Server configurations. Familiarity with SIEM and vulnerability scanners (e.g., Splunk, Tenable, Qualys). Good understanding of CMDB , CI relationships, and data quality practices. Strong communication and problem-solving skills. ITIL v4 and/or ServiceNow Certified Implementation Specialist SecOps (preferred). Education: Bachelors degree in Computer Science, Information Security, or related field. Relevant certifications are a plus: ServiceNow Certified Implementation Specialist SecOps CEH, Security+, or equivalent

KEY Capabilities Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc. Perform remote and on-site gap assessment of the SIEM solution. Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Conduct interview with stakeholders, review documents (SOPs, Architecture diagrams etc.) Evaluate SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Understand customer requirements and recommend best practices for SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operations Design and document a SIEM solution to meet the customer needs Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEM Experience in handling big data integration via Splunk Expertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc.) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Experience in installation, configuration and usage of premium Splunk Apps and Add-ons such as ES App, UEBA, ITSI etc Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Work with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification and prioritization recommendations Experience in creating custom commands, custom alert action, adaptive response actions etc. Qualification & experience Minimum of 3 to 6 years experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Must have knowledge of Vulnerability Management, Windows and Linux basics including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting. Good to have below mentioned experience with designing and implementation of Splunk with a focus on IT Operations, Application Analytics, User Experience, Application Performance and Security Management Multiple cluster deployments & management experience as per Vendor guidelines and industry best practices Troubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issues Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline will be an added advantage.

Your key responsibilities Architecting and implementation of Defender XDR. Perform as the subject matter expert on Microsoft Defender for the customer, use the capabilities of the solution in the daily operational work for the end customer. Securing overall cloud environments by applying cybersecurity tools and best practices Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements. Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Skills and attributes for success Hands-on experience with Microsoft Defender and related technologies (e.g., Windows Defender, Microsoft Defender XDR, Defender for cloud). Ability to work independently and collaboratively in a fast-paced environment, with a strong commitment to customer service and teamwork. Expertise in use case management in Defender XDR Create and maintain documentation related to Microsoft Defender configuration, policies, procedures, and incident response playbooks. Expertise in Microsoft Intune for AV policy creation and deployment Knowledge in Cloud technologies such as Azure, AWS Strong technical knowledge in Windows Server/Linux Identify opportunities for performance optimization and efficiency improvements within Microsoft Defender solutions, and implement changes as needed Scripting knowledge (Python, Bash, PowerShell) Extensive knowledge of different security threats Good knowledge and experience in Security Monitoring Good knowledge and experience in Cyber Incident Response To qualify for the role, you must have B. Tech./ B.E. with sound technical skills Strong command on verbal and written English language. Demonstrate both technical acumen and critical thinking abilities. Strong interpersonal and presentation skills. Certification in Azure (SC-200, SC-100, SC-900,AZ-500) (any other cloud vendor certification i

Role & responsibilities Lead security incident response in a cross-functional environment and drive incident resolution. Lead and develop Incident Response initiatives that improve customer capabilities to effectively respond and remediate security incidents. Perform digital forensic investigations and analysis of a wide variety of assets including endpoints. Perform log analysis from a variety of sources to identify potential threats. Build automation for response and remediation of malicious activity. Write complex search queries in the EDR as well as SIEM tools for hunting the adversaries. Works on SOAR cases, automation, workflow & Playbooks. Integrating and working on Identity solutions. Developing SIEM use cases for new detections specifically on identity use cases Working experience in Microsoft On-prem and Entra ID solutions Good knowledge in Active Directories and Tier 0 concepts Very good knowledge of operating systems, processes, registries, file systems, and memory structures and experience in host and memory forensics (including live response) on Windows, macOS and Linux. Experience investigating and responding to both external and insider threats. Experience with attacker tactics, techniques, and procedures (MITRE ATT&CK) Experience analyzing network and host-based security events Preferred candidate profile Domain SOC, Lead- Incident Response Interested can share me there resume in recruiter.wtr26@walkingtree.in