408 Qradar Jobs - Page 13

SIEM (Microsoft Sentinel, Wazuh, Splunk, QRadar Azure Security Center multi-cloud environments (AWS, Azure, GCP) SOAR, Azure Sentinel Note: Sentinel One not required

OT Cybersecurity Engineer for Digital Industries Customer Services, India About Siemens Accelerating transformation for industries For us, it all starts and ends with our customers. Maximizing value for them is what drives us! Combining the real world of automation with the digital world of information technology opens up completely new possibilities for our customers in all industries, empowering them to make better decisions and enable them to accelerate their transformation to become a Digital Enterprise. With our unique portfolio, we can make a decisive contribution to sustainable industrial innovation transforming the everyday and creating a better tomorrow for societies and people around the world. Cybersecurity for Industry We give Cybersecurity for Industry the highest priority in successful digitalization, so we place it at the center of our development of innovative products, solutions, and services. We rely on the multilayer Defense in Depth concept strengthened by Zero Trust principles. This ensures reliable and always up-to-date protection on all levels, thanks to three pillars plant security, network security, and system integrity including Industrial Cybersecurity Services. At Digital Industries we create and implement digital manufacturing concepts for our vertical customer based on the Digital Enterprise software suite, TIA, MindSphere, Industrial Edge and Industrial cybersecurity offerings from Digital Industries. Are you passionate about safeguarding critical infrastructure and ensuring the security of industrial control systems? Join our team as a Cybersecurity Engineer and play a pivotal role in protecting our ICS and SIS systems, networks, and information. About The Role Key Responsibilities: Security MeasuresEngineer, implement, and monitor robust security measures to protect ICS and SIS systems, related networks, and sensitive information. System Security RequirementsIdentify and define system security requirements to ensure comprehensive protection. Security ArchitectureDesign and develop detailed cybersecurity architectures and designs, adhering to industry-standard blueprints and best practices. Implementing Backup Solutions and ManagementImplement and manage system backup technologies like Acronis, Veritas, Veeam and other providers, overseeing installation and deployment. Threat Detection and Vulnerability monitoringImplement solution like Claroty or Nozomi at ICS for the customers. Installing remediation to risk score for the customer. Endpoint SecurityDeploy and manage endpoint security and application control solutions from providers like McAfee, as well as SIEM solutions such as McAfee, Splunk, and Q-radar etc. Network SecurityImplement and manage network-based firewalls (e.g., Siemens, Fortinet, Palo Alto, CISCO), network troubleshooting, and intrusion detection products. Network ManagementInstall and manage network management solutions like SiNEC NMS, SolarWinds, WhatsUp Gold etc. Firmware UpdatesConduct firmware updates for various automation control systems, switches, and firewalls. Domain Controller ConfigurationConfigure and deploy domain controller settings and policies to defined computer groups as per approved list for ICS. Host-Based SecurityImplement host-based security technologies, including antivirus, data leakage prevention, host IPS, whitelisting, and anomaly detection. Installation and TestingPerform installation, configuration, and testing activities at both factory and customer sites, with experience in Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT). DocumentationPrepare comprehensive system documentation, including functional design specifications, backup systems documentation, firewall configurations, network diagrams, system architectures, asset inventory, FAT and SAT procedures, and operation & maintenance manuals. Experience 5 to 6 years of experience in working for OT Security systems design, implementation and consulting with at least some experience in industrial automation systems design. Proven experience in cybersecurity, particularly in ICS. Strong understanding of cybersecurity principles and best practices. Proficiency in managing backup technologies, endpoint security, SIEM solutions, and network-based firewalls. Hands-on experience with network management solutions and firmware updates. Ability to configure domain controllers and implement host-based security technologies. Excellent documentation skills and experience with FAT and SAT procedures. Education o Bachelor"™s degree in engineering (Electrical Engineering, Computer Engineering, or related field). A degree in Cybersecurity is preferred. o Valid certification in OT security (e.g., CISSP, GICSP, OSCP) would be additional advantage. Business Travel You will be in the delivery and implementation team and hence should be willing to travel and experience various manufacturing sites across India

Introduction Siemens Healthineers develops MedTech products that support better patient outcomes with greater efficiencies, giving providers confidence that they need to meet the clinical, operational, and financial challenges of a changing healthcare landscape. With 70,000+ employees Siemens Healthineers is one of the world"™s largest suppliers of technology to the healthcare industry. As a global leader in medical imaging, laboratory diagnostics, and healthcare information technology, we have a keen understanding of the entire patient care continuum"”from prevention and early detection to diagnosis and treatment. Brief Description: An Information Security Management system is maintained to address the complex challenges and threats in the rapidly evolving digital landscape and fulfill the organization"™s purpose and values. As an Information Security Professional, you will play an essential role in implementing and maintaining our Information Security requirements in accordance with ISO27001 and other relevant regulatory standards. You will gain expertise in driving implementation of various Information security topics in a cross-collaborative environment. What are my key Responsibilities? Assist the implementation and continuous improvement of the ISO27001 Information Security Management System (ISMS). Conduct regular risk assessments and internal audits to ensure compliance with ISO27001 standards. Ensure adherence to all relevant regulatory requirements as directed by the Global Cybersecurity Governance Organization and country specific cybersecurity requirements. Assist to Develop and maintain policies, procedures, and process documentation to meet the Information Security requirements. Work closely with various departments to collect and analyze operational security measures and help integrate measures into all aspects of operations without the need for follow-ups or reminders. Assist project teams for information security inquiries and incident response. Monitor and respond to security incidents and breaches, ensuring timely resolution and documentation of incidents. Assist with Planning, coordinating, conducting and preparing detailed audit reports for internal and external audits to assess the effectiveness of the information security program. Follow up on audit recommendations to ensure timely implementation of corrective actions. Maintain a comprehensive audit trail for all information security activities and initiatives. What do I need to qualify for this job? Bachelor"™s degree in engineering, Information Security, Computer Science, or a related field with 4-6 years of working experience. Minimum of 2-3 years of hands-on experience in information security, with a focus on implementing ISO27001. Strong understanding of ISO 27001 requirements, information security principles, risk management, IT infrastructure set up and regulatory requirements. Good understanding of ISO 27701 PIMS standards. Proven ability to work independently and collaboratively with cross-functional teams. Excellent communication, presentation and interpersonal skills. Self-directed with an ability to take ownership and accountability of assigned tasks. Familiarity with Software development best practices for ensuring security. Previous experience with Software quality assurance responsibilities will be preferred. Highly Recommended to have completed Lead Implementor certification in ISO 27001 standard . What else do I need to know? Siemens Healthineers is dedicated to equality and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens Healthineers are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow. We are looking forward to receiving your online application. Please ensure you complete all areas of the application form to the best of your ability as we will use the data to review your suitability for the role.

About Zscaler Serving thousands of enterprise customers around the world including 40% of Fortune 500 companies, Zscaler (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the world’s largest security cloud, Zscaler accelerates digital transformation so enterprises can be more agile, efficient, resilient, and secure. The pioneering, AI-powered Zscaler Zero Trust Exchange™ platform, which is found in our SASE and SSE offerings, protects thousands of enterprise customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Named a Best Workplace in Technology by Fortune and others, Zscaler fosters an inclusive and supportive culture that is home to some of the brightest minds in the industry. If you thrive in an environment that is fast-paced and collaborative, and you are passionate about building and innovating for the greater good, come make your next move with Zscaler. At Zscaler, our Customer Success Organization is a global, customer-focused team dedicated to delivering high-impact experiences and identifying innovative solutions. We leverage valuable data and research to provide expert, hands-on support starting from the implementation phase and beyond, ensuring customers achieve their goals and leverage our technology to its fullest potential. Together, we create a customer-centric culture that fosters success, adoption, and continuous growth. We're looking for an experienced DLP Engineer to join our Customer Success team. Reporting to the Product Support Manager, you'll be responsible for: Providing Level II technical support for DLP solutions, including incident resolution, troubleshooting, and root cause analysis Assisting customers with DLP-related issues via phone, email, and remote sessions, ensuring timely and effective resolution Managing and prioritizing support cases, ensuring SLAs are met and customer satisfaction is maintained while resolving the customers’ issues Maintaining detailed documentation of support activities, including case notes, troubleshooting steps, and resolutions Contributing to the development and maintenance of a knowledge base, including creating and updating technical articles and FAQs What We're Looking for (Minimum Qualifications) Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent work experience Minimum of 3-5 years of experience in technical support, with at least 2 years focused on DLP/CASB solutions Proficiency in DLP technologies and tools (e.g., Symantec DLP, McAfee DLP, Forcepoint DLP, etc.) What Will Make You Stand Out (Preferred Qualifications) Relevant certifications (CompTIA Security+, DLP vendor certifications) are a plus #LI-HYBRID #LI-RR1 At Zscaler, we are committed to building a team that reflects the communities we serve and the customers we work with. We foster an inclusive environment that values all backgrounds and perspectives, emphasizing collaboration and belonging. Join us in our mission to make doing business seamless and secure. Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including: Various health plans Time off plans for vacation and sick time Parental leave options Retirement options Education reimbursement In-office perks, and more! By applying for this role, you adhere to applicable laws, regulations, and Zscaler policies, including those related to security and privacy standards and guidelines. Zscaler is committed to providing equal employment opportunities to all individuals. We strive to create a workplace where employees are treated with respect and have the chance to succeed. All qualified applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy or related medical conditions), age, national origin, sexual orientation, gender identity or expression, genetic information, disability status, protected veteran status, or any other characteristic protected by federal, state, or local laws. See more information by clicking on the Know Your Rights: Workplace Discrimination is Illegal link. Pay Transparency Zscaler complies with all applicable federal, state, and local pay transparency rules. Zscaler is committed to providing reasonable support (called accommodations or adjustments) in our recruiting processes for candidates who are differently abled, have long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support.

Managed Services SOC Manager Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

Job Role : SentinelOne Migration Engineer /SIEM Engineer--Work From Home Experience : 5 to 11 Yrs Key Skills: SIEM Administration, SIEM Implementation, SIEM Migration, Integration Notice Period : 0 to 30 days Mode of Work : Remote( 06:00 PM to 03:00 AM IST) Should be willing to work in Second shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Overview: We are seeking a talented and highly motivated SentinelOne Migration SIEM Engineer to join our Dedicated Defense group. As a key member of our team, you will be responsible for deploying and maintaining SentinelOne's AI SIEM to enhance threat detection, response, and overall security posture. This is an exciting opportunity for an individual with expertise in SIEM technologies, aiming to help safeguard critical systems and data from evolving cyber threats. Responsibilities: Integration & Optimization: Integrate and optimize SentinelOne AI SIEM to improve visibility and automate threat detection workflows. Threat Detection: Utilize SentinelOnes AI-powered analytics to dashboard reports and automate critical reporting functions Automation & Playbook Development: Develop automated detection and response playbooks based on SentinelOne data feeds, streamlining incident management and reducing time to resolution. Collaboration & Knowledge Sharing: Work closely with other security and IT teams to share threat intelligence, optimize SIEM use, and contribute to security strategy development. Reporting & Documentation: Develop and maintain dashboards, reports, and documentation related to SentinelOne deployment, performance, and incident metrics. Continuous Improvement: Continuously evaluate SentinelOne's capabilities and other relevant security tools to recommend improvements and refine detection capabilities. Required Qualifications: Bachelors degree in Computer Science, Information Security, or a related field (or equivalent experience). 1+ year of experience working with SentinelOne AI SIEM Hands-on experience with other SIEM platforms (Splunk, IBM QRadar, Microsoft Sentinel, etc.) and integrating them with endpoint security tools. Strong understanding of cybersecurity principles, threat detection, and SIEM management. Proficiency in scripting and automation (Python, PowerShell, etc.). Experience with cloud security (AWS, Azure, GCP) and cloud-native SIEM solutions is a plus. Preferred Qualifications: SentinelOne certification (or equivalent industry certifications). Knowledge of compliance frameworks (e.g., NIST, ISO 27001, GDPR, etc.) and how they apply to security operations. Key Skills: Technical Skills: SentinelOne platform, SIEM tools, security automation, machine learning for cybersecurity, network security. Analytical Skills: Strong ability to analyze large datasets and correlate logs/events. Communication Skills: Excellent verbal and written communication skills for collaborating with cross-functional teams and providing clear reporting. Problem-Solving: Strong troubleshooting skills with the ability to resolve complex security issues quickly and effectively.

Role & responsibilities SOC L2 Qradar : Incident Triage and Escalation : Review security alerts and incidents, determine severity, and escalate to the appropriate teams (e.g., L3, incident response) when necessary. Security Monitoring : Leverage SIEM tools like QRadar to actively monitor security events, correlate data, and detect abnormal patterns or potential threats. Root Cause Analysis : Investigate security incidents thoroughly to identify the root cause, using log analysis and threat intelligence to gain deeper insights. Incident Response : Coordinate and contribute to the response efforts during active security incidents, ensuring rapid mitigation and recovery. Threat Hunting : Proactively search for hidden threats within the network, looking for unusual activity or patterns that may indicate compromise or vulnerabilities. Log Analysis : Deep dive into logs (from firewalls, IDS/IPS, endpoints, etc.) to detect suspicious behavior and correlate events for comprehensive insights. False Positive Reduction : Work on refining SIEM alerts to minimize false positives, improving detection efficiency and alert quality. Collaboration with L3 and Other Teams : Communicate findings and assist L3 analysts or other internal teams with deeper investigations and remediation actions. Documentation and Reporting : Accurately document incidents, their findings, and remediation steps, and generate reports for management and stakeholders. Continuous Learning and Improvement : Stay updated on the latest security threats, attack techniques, and tools, and contribute to improving security processes and detection capabilities.

Job Title: SOC Analyst L1 Company: Aujas Cybersecurity Location: [Thrissur] Experience: 0 -2 Years Employment Type: Full-Time Job Summary: We are hiring an entry-level SOC Analyst (L1) to join our Security Operations Center. The candidate will monitor security events, perform initial analysis, and escalate incidents as per standard procedures. Key Responsibilities: Monitor and analyze security alerts from SIEM tools (e.g.QRadar,Arcsight) Perform basic triage and escalate incidents Support incident response and reporting Work in 24x7 rotational shifts Requirements: Basic knowledge of cybersecurity, networking, and SIEM tools Good communication and analytical skills Willing to work in shifts

Role & responsibilities Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred. Lead and mentor the SOC team, fostering a culture of continuous improvement and collaboration. Oversee the day-to-day operations of the SOC, ensuring efficient incident detection, response, and recovery processes Collaborate with IT and business units to integrate cybersecurity measures into existing and new technology deployments Manage cybersecurity projects, including the selection and implementation of state-of-the-art security tools and technologies. Conduct regular security assessments, penetration testing, and proactive threat hunting to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC. At least 5 years of experience in cybersecurity, with a minimum of 3 years in a leadership role within an SOC environment. Extensive knowledge of and experience with cybersecurity regulations and standards. Proficient in managing and configuring security technologies (e.g., SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools). Demonstrated ability to lead and develop high-performing teams. Excellent problem-solving, communication, and presentation skills. Must be a flexible to work in US Shift

SOC T1 Analyst What you will do Let’s do this. Let’s change the world. In this vital role you will responsible for the initial response to security events and incidents within a 24/7 Cybersecurity Operations Center (CSOC). This role involves following established procedures to investigate security events, providing feedback to improve processes, and assisting in the incident response lifecycle. Additionally, the associate will participate in knowledge-sharing sessions and correlate security alerts across platforms. Roles & Responsibilities: Follow established procedures to triage, investigate and respond to security events and incidents. Provide feedback to senior analysts to improve, review, and optimize existing procedures and documentation. Correlate security alerts from various platforms based on common elements. Participate in and lead CSOC Tier 1 knowledge-sharing and learning sessions. Assist incident responders in coordinating the response, containment, eradication, recovery, and lessons learned phases of the incident response lifecycle. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelor’s degree with 1 to 3 yeras of experience in Security Operations or related field OR Diploma with 4 to 7 year of experience in Security Operations or related field Solid understanding of security technologies and their core functionality Experience in analyzing cybersecurity threats with up-to-date knowledge of attack vectors and the cyber threat landscape. Ability to prioritize tasks effectively and solve problems efficiently in a diverse, global team environment. Good knowledge of Windows and/or Linux systems. Preferred Qualifications: Familiarity with CSOC operations and incident response procedures. Experience with security alert correlation across different platforms. Professional Certifications: CompTIA Security+ (preferred) CEH (preferred) GSEC (preferred) MTA Security Fundamentals (preferred) Soft Skills: Strong communication and collaboration skills, especially when working with global teams. Ability to prioritize and manage tasks in high-pressure situations. Critical thinking and problem-solving abilities in cybersecurity contexts. A commitment to continuous learning and knowledge sharing. Work Hours: This position requires you to work a later shift and may be assigned a second or third shift schedule. Candidates must be willing and able to work during evening or night shifts, as required. Potential Shifts (subject to change based on business requirements)Second Shift2:00pm – 10:00pm IST; Third Shift10:00 pm – 7:00 am IST. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation. AtAHEAD, we prioritize creating a culture of belonging,where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD. We are an equal opportunity employer,anddo not discriminatebased onan individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, maritalstatus,or any other protected characteristic under applicable law, whether actual or perceived. We embraceall candidatesthatwillcontribute to the diversification and enrichment of ideas andperspectives atAHEAD. Requirements: Proficient with Active Directory and related concepts Familiar with access control methods (RBAC/ABAC) Working knowledge of identity lifecycle management processes and challenges Hands-on experience with cybersecurity tools that function in the following spacesPAM / PIM / IAM, DLP, SOAR (XSIAM), Microsoft Security, AWS Security, Red Teaming / AppSec, Isolated Recovery Environments (IREs) Experience with identity federation and SSO solutions PAM experience or familiarity with specific vendor tools Able to speak to PAM best practices Understanding of the principle of least privilege, separation of duties Experience with REST API and app integration Experience configuring, guiding, or overseeing access review and certification, role management Past participation in identity steering committee Understanding of PIM, JIT, conditional access Familiarity with US compliance and regulatory frameworks that inform identity requirements Qualifications: 6+ years of working knowledge of one or more Identity-Based Security SolutionsOkta, Sailpoint, Delinea, BeyondTrust, CyberArk, etc. Any of the following preferred but not required Security+, CISSP, any vendor-specific certifications related to Identity products Willingness to travel to support client projects and shadowing opportunities (50+ % of the time) Why AHEAD: Through our daily work and internal groups like Moving Women AHEAD and RISE AHEAD, we value and benefit from diversity of people, ideas, experience, and everything in between. We fuel growth by stacking our office with top-notch technologies in a multi-million-dollar lab, by encouraging cross department training and development, sponsoring certifications and credentials for continued learning. USA Employment Benefits include - Medical, Dental, and Vision Insurance - 401(k) - Paid company holidays - Paid time off - Paid parental and caregiver leave - Plus more! See benefits https://www.aheadbenefits.com/ for additional details. The compensation range indicated in this posting reflects the On-Target Earnings (OTE) for this role, which includes a base salary and any applicable target bonus amount. This OTE range may vary based on the candidates relevant experience, qualifications, and geographic location.

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk Management Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accenture's overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation – BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole Description: Support SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information: The candidate should have a minimum of 5 years of experience in Splunk This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

https://zrec.in/jXrSD?source=CareerSite

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Senior (CTM – Threat Detection & Response) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBAMinimum of Splunk Power User CertificationGood knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc.Perform remote and on-site gap assessment of the SIEM solution.Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulationsConduct interview with stakeholders, review documents (SOPs, Architecture diagrams etc.) Evaluate SIEM based on the defined criteria and prepare audit reportsGood experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment.Understand customer requirements and recommend best practices for SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operationsDesign and document a SIEM solution to meet the customer needsExperience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsersVerification of data of log sources in the SIEM, following the Common Information Model (CIM)Experience in parsing and masking of data prior to ingestion in SIEMProvide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolutionAssist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sourcesAssist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEMExperience in handling big data integration via SplunkExpertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systemsHands-on experience in development and customization of Splunk Apps & Add-OnsBuilds advanced visualizations (Interactive Drilldown, Glass tables etc.)Build and integrate contextual data into notable eventsExperience in creating use cases under Cyber kill chain and MITRE attack frameworkCapability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications.Experience in installation, configuration and usage of premium Splunk Apps and Add-ons such as ES App, UEBA, ITSI etcSound knowledge in configuration of Alerts and Reports.Good exposure in automatic lookup, data models and creating complex SPL queries.Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirementWork with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification and prioritization recommendationsExperience in creating custom commands, custom alert action, adaptive response actions etc. Qualification & experience: Minimum of 3 to 6 years’ experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting.Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary.Must have knowledge of Vulnerability Management, Windows and Linux basics including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting.Good to have below mentioned experience with designing and implementation of Splunk with a focus on IT Operations, Application Analytics, User Experience, Application Performance and Security ManagementMultiple cluster deployments & management experience as per Vendor guidelines and industry best practicesTroubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issuesCertification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantageCertifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Key Responsibilities Design and deliver cybersecurity training programs (online or in-person) Create course materials, labs, and assessments aligned with industry standards Train students on cybersecurity fundamentals, ethical hacking, SOC analysis, SIEM tools, network security, and more Stay current with the latest cybersecurity trends, tools, and threats Support students during practical sessions, helping troubleshoot and explain real-world scenarios Evaluate student progress and provide constructive feedback Customize training content for different audiences (entry-level to advanced) Maintain records of attendance, assessments, and certifications Required Skills & Qualifications Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field (or equivalent experience) 2+ years of hands-on cybersecurity experience (SOC, penetration testing, incident response, etc.) Experience in teaching, training, mentoring, or technical presentations Strong knowledge of: Network security concepts Ethical hacking tools (e.g., Kali Linux, Metasploit) Security frameworks (e.g., NIST, MITRE ATT&CK) SIEM tools (e.g., Splunk, QRadar) Excellent communication and presentation skills Industry certifications preferred: CompTIA Security+, CEH, CISSP, CISA, or similar Job Types: Full-time, Part-time Pay: ₹15,000.00 - ₹20,000.00 per month Schedule: Evening shift Monday to Friday Morning shift Rotational shift Weekend availability Work Location: In person

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Technical Services Implementation Engineer (L2) is a developing subject matter expert, responsible for ensuring that client solution requirements are resolved in line with Service Level Agreements (SLA). This role performs configurations, action installations and attend to break/fix events. What You'll Be Doing Key Responsibilities: B.E. /B. Tech in Computer Science/ Electronics /ECE / EE / ECS / IT Engineering/MCA/BCAAt least one SIEM solution certifications with one or more SIEM/ Security solutions (i.e., RSA NetWitness, Splunk ES, Elastic ELK, HP ArcSight, IBM QRadar Log Rhythm). At least one L3 level security certifications viz. CCIE/CISSP/CISA/CCNP etc. Minimum 7 years of experience in handling security related products& services in an organization and out of total experience, 5 years of minimum experience should be as an L2 in SOC management. Person should have adequate knowledge of Check point firewall and IPS and Cisco firewall and IPS, McAfee IPS, Web Application Firewall, DDOS and other security devicesAdministration of SIEM environment (eg: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration management, change management, report management, manage backup and recovery etc)Construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables)Integration of customized threat intelligence content feeds provided by the Threat Intelligence & Analytics serviceIdentifies possible sensor improvements to prevent incidentsCollects/updates threat intelligence feeds from various sourcesCreates situational awareness briefingsCo-ordinates with the different departments for incident analysis, containment and remediationLiaise with Security monitoring team to discover repeatable process that lead to new content developmentProvides engineering analysis and architectural design of technical solutionsDevice integration, Creation of Co relation rules and Parser developmentSound analytical and troubleshooting skillsGood Team Management and co-ordination skills Academic Qualifications and Certifications: Bachelor's degree or equivalent in Computer Science / Information Technology Degree or equivalent together with specialized training in new technologies and legacy systems or equivalent. Required Experience: Moderate level of experience in a technical implementation engineering or similar role. Demonstrated experience engaging with clients and conducting presentations. Demonstrated project administration and documentation experience. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Job Description: Senior Security Solutioning Architect Responsible for Security solution development, competitive costing, commercial proposition integration and business case alignment of Enterprise Security Services solutions supporting client business, applications and/or information technology environments. Have experience to influence client evaluation criteria and decision making. Solution scope includes ongoing delivery of services, Security and compliance requirements, services startup and transition, initial people, technology and process transformation as well as ongoing refresh, meeting client's specifications, strategic direction, technology context, and business needs. Confidently articulates all aspects of solution and convincingly communicates value to the stakeholders & client. Works individually, in teams or as leader, to determine customer requirements in complex and often ambiguous outsourced environments. Interacts effectively with team, pursuit leaders, internal governance and business leadership to advance sales efforts. Responsibilities: Opportunity Analysis: Understands which security offerings best address customer needs and business requirements Ongoing qualification of solution merits. Solution Design and Development: Provides security solutions to meet client requirements and is able to adapt to new requirements. Address Security and Compliance requirement. Identifies and evaluates value- add alternatives, solutions to those alternatives. Optimizes security solutions plus broader customer IT strategy. Takes end to end view of solution, ensuring elements within their responsibility deliver against the defined business outcomes, using standard components. Works with financial analysts to validate results versus applicable criteria. Captures and highlights Risks and any associated costs. Models multiple offerings/components of security domains. Understands interaction of deal variables (compliance, volumes, services, service level agreements, locations, and more) between tower components. Delivers and owns, accurate financial models that are logically structured and reflect the technical solution. Solution Leadership: Experience in Directing solution activities, decisions. Ability to lead service element integration within tower, tower sub-component volume tradeoffs. Provides security solutions to meet client needs inclusive of Regulatory and Compliance requirement and is able to adapt to new requirements. Solution-Pursuit Integration Anticipates, communicates and solutions to optimize inter-tower dependencies, overlaps, staff sharing, and more. Effectively integrates client tools, process adoption and delivery startup/transition need. Clearly defines all risks through governance process and works to mitigate. Client/Customer/Account Relationship Understands and addresses CISO / CxO issues. Applies consultative selling techniques to advance opportunities. Participates in/supports negotiation of technical contract elements. Provides solution advice, drives proposals, presentations, and other customer communications during pursuit. Input to security offering teams to bring in changes to offerings as per latest security trends and compliance needs. Education and Experience Required: Total experience of 12+ years in IT Security, mainly on security pre-sales, solution selling Technical university or Bachelor preferred Good exposure to Pre-Sales role involved in Cyber Security Solutioning and understands the Security Market Involvement in architecting and proposing the cyber security solutions to customer, experience in Managed Security Services market Knowledge and Skills: Demonstrates a broad knowledge of outsourcing services and solutions, with expertise in area of specialization. Preferably having any one of Security certifications like – CISSP, CCSP, CISA AND Security Product certifications. ITIL and PMP certifications are good to have. List of security domains on which solutioning exposure is required. Should be master in few (atleast in one) of the security domains backed up hand-on experience in both delivery and pre-sales. SIEM - MS Sentinel / SUMO / Splunk / QRadar IDM – Sailpoint / Forgerock / CyberArk / Microsoft / Broadcom / Okta APT Solution – Micorsoft / FireEye / PaloAlto / Checkpoint MDR / EDR Solution - Crowdstrike / Carbon black / Microsoft Endpoint Security - Symantec / McAfee / Trend Micro / Microsoft Network Security – PaloAlto / Checkpoint / Fortinet / Cisco GRC tools Cloud Security Good understanding of Security Risk & Compliance domain, Regulatory and Compliance requirements Awareness of Security Alliance partner offerings and directions, current industry news. Demonstrates thought leadership in Security domain. Demonstrates ability to work as the lead for components of large complex projects. Has in-depth understanding of the product and services portfolio roadmaps of multiple business units. Experience to handle POCs Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here .

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role We are seeking a highly skilled Security Analyst (Level 2) to join our MSSP SOC team. The ideal candidate will have expertise in SIEM (Splunk, QRadar), XDR/EDR solutions, and security analysis with hands-on experience in investigating and responding to security alerts. This role requires proficiency in reviewing and analyzing Level 1 alerts, providing detailed recommendations, and engaging with customers for incident handling. The candidate should also have basic SIEM administration knowledge and Python scripting skills for troubleshooting and playbook development. Key Responsibilities Threat Detection & Response: Analyze and investigate security alerts, events, and incidents generated by SIEM, XDR, and EDR solutions.Incident Investigation & Handling: Conduct in-depth security incident investigations, assess impact, and take appropriate actions. Incident Escalation & Communication: Escalate critical incidents to Level 3 analysts or senior security teams while maintaining detailed documentation.Content Management: Develop and fine-tune correlation rules, use cases, and alerts in SIEM/XDR platforms to improve detection accuracy.Malware Analysis: Perform basic malware analysis and forensic investigation to assess threats.Customer Request Handling: Collaborate with customers to address security concerns, provide recommendations, and respond to inquiries.SIEM Administration: Assist in the administration and maintenance of SIEM tools like Splunk or QRadar, ensuring smooth operations.Automation & Playbooks: Utilize Python scripting for automation, troubleshooting, and playbook development to enhance SOC efficiency.Reporting & Documentation: Prepare detailed reports on security incidents, trends, and mitigation strategies. Basic Qualifications B.E/B. Tech degree in computer science, Information Technology, Masters in Cybersecurity3+ years of experience in a SOC or cybersecurity operations role.Strong knowledge of SIEM tools (Splunk, QRadar) and XDR/EDR solutions.Hands-on experience in threat detection, security monitoring, and incident response.Knowledge of network security, intrusion detection, malware analysis, and forensics.Basic experience in SIEM administration (log ingestion, rule creation, dashboard management).Proficiency in Python scripting for automation and playbook development.Good understanding of MITRE ATT&CK framework, security frameworks (NIST, ISO 27001), and threat intelligence.Strong analytical, problem-solving, and communication skills.Ability to work in a 24x7 SOC environment (if applicable) Preferred Qualifications Certified SOC Analyst (CSA)Certified Incident Handler (GCIH, ECIH)Splunk Certified Admin / QRadar Certified AnalystCompTIA Security+ / CEH / CISSP (preferred but not mandatory Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.

Security Operations Centre (SOC) - Lead Location: Pune(Aundh/Baner),India (On-site, In-House SOC)Department: Security Operations CenterExperience: 4–6 YearsWork Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview:We are looking for an experienced and technically strong SOC Lead / Senior Engineer who will own and manage the core administration, tuning, detection engineering, and incident response infrastructure within the Security Operations Center. This is a hands-on technical role for someone who thrives in a high-paced, cloud-first environment and has expertise in SIEM (QRadar), XDR (CrowdStrike), DLP (Netskope), Deception (Canary), TIP/SOAR, and AWS Security. Key Responsibilities:Monitor, investigate, and close security incidents using QRadar SIEM, with deep expertise in offense triage and management.Administer and fine-tune configurations across multiple security platforms including QRadar, CrowdStrike XDR, Netskope DLP, Canary, Sysdig/Falco, and G-Suite Security to ensure optimal performance.Architect and deploy new SIEM content such as correlation rules, filters, dashboards, active lists, reports, and trends based on threat intelligence and business needs.Lead use case design and development for new detections based on the evolving threat landscape and attack techniques (MITRE ATT&CK alignment).Own the log onboarding lifecycle, including parsing, normalization, and enrichment for diverse AWS services and third-party SaaS platforms.Manage SLAs for incident detection, escalation, and resolution; ensure robust reporting and analytics for SOC operations.Conduct advanced threat hunting, packet-level analysis, and proactive detection activities using telemetry and behavioral analytics.Integrate and manage SOAR and TIP tools to drive automation and enrichment in incident response workflows.Lead vulnerability assessments and penetration testing activities in collaboration with infrastructure and DevSecOps teams.Develop and test incident response plans (IRPs) and playbooks for high-impact scenarios like ransomware, insider threats, and data exfiltration.Stay abreast of the latest threats, vulnerabilities, and exploits; conduct periodic threat briefings and internal knowledge transfers.Maintain detailed documentation of configurations, security procedures, SOPs, incident reports, and audit logs.Mentor junior SOC analysts and provide technical guidance during critical incidents and escalations.Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management.Experience in Designing and deploying use cases for SIEM and other security devices.Continuously monitor security alerts and events to identify potential security incidents or threats. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary.Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.).Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation.Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats.Ensure all actions are compliant with internal policies, security standards, and regulatory requirements.Required Skills & Experience:Minimum 4 years of experience in SOC operations, including administrative expertise in SIEM platforms (preferably QRadar).Strong hands-on knowledge of SIEM tuning, content development, threat detection, and incident handling.Expertise in 3 or more of the following: SIEM (QRadar), XDR (CrowdStrike), SOAR/TIP Platforms, DLP (Netskope), Cloud Security (AWS), Deception Technology (Canary)Experience with network traffic analysis, packet capture tools, and deep dive investigations.Strong analytical, problem-solving, and decision-making skills.Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS Controls.Preferred Qualifications:Professional certifications such as GCIA, GCED, GCIH, CEH, CCSP, AWS Security Specialty, or QRadar Certified Specialist.Prior experience in managing an in-house 24x7 SOC or leading shift teams.What We Offer:Work on a modern cloud-native security stack in a dynamic FinTech environment.Opportunity to lead security engineering and detection strategy for critical financial platforms.Be part of a tight-knit, expert-level team with a strong learning and innovation culture.Competitive salary, performance-based incentives, and growth opportunities.

Job Title: SOC Manager Location: Mumbai Experience: 5+ for L2 role, 8+ SOC Manager role Industry: Cybersecurity / Managed Security Service Provider (MSSP) Job Summary We are seeking a highly skilled and experienced SOC Manager to lead our Security Operations Center. The ideal candidate must have hands-on experience working in or managing operations for a Managed Security Services Provider (MSSP). You will be responsible for overseeing day-to-day SOC operations, leading a team of analysts, and ensuring proactive monitoring, detection, and response to security threats across client environments. Key Responsibilities Lead and manage 24x7 SOC operations, including Tier 1, Tier 2, and Tier 3 analysts. Develop and implement SOC processes, playbooks, and incident response procedures. Oversee threat intelligence, detection engineering, and use case development. Ensure SLAs and KPIs are met across all MSSP service deliveries. Collaborate with client stakeholders to communicate threat landscape, incidents, and security posture. Act as an escalation point during critical incidents and ensure proper incident lifecycle management. Evaluate and optimize SIEM, SOAR, and threat detection platforms. Conduct regular risk assessments, gap analysis, and SOC maturity evaluations. Mentor and upskill SOC team members to maintain high performance. Required Skills & Qualifications Bachelor’s degree in Computer Science, Information Security, or related field. Mandatory experience in an MSSP environment handling multiple client environments. Strong understanding of security operations, SIEM, SOAR, IDS/IPS, endpoint protection, firewalls, and threat intel platforms. Proficient in incident detection, analysis, containment, eradication, and recovery. Hands-on experience with tools like Splunk, QRadar, ArcSight, IBM Resilient, CrowdStrike, etc. In-depth knowledge of MITRE ATT&CK, NIST, ISO 27001, and other security frameworks. Excellent leadership, communication, and stakeholder management skills. Relevant certifications preferred: CISSP, CISM, CEH, GCIA, GCIH, or SOC-related certifications. Nice to Have Experience in managing global SOCs or distributed teams. Exposure to compliance requirements such as GDPR, PCI-DSS, HIPAA, etc. Knowledge of scripting (Python, Bash) or automation tools to improve SOC efficiency. Skills: firewalls,stakeholder management,mssp operations,endpoint protection,threat intelligence,soc leadership,soc,platforms,communication,management,soar,ids/ips,splunk,cybersecurity,leadership,iso 27001,ibm resilient,mitre att&ck,operations,nist,bash,crowdstrike,python,incident detection,security,skills,arcsight,security operations,qradar,siem

About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience Role & responsibilities: The candidate should be hands-on in managing Security Operations, SOC, Identify access management, Risk Management Should have worked on Blueprinting and Designing of SOC frameworks and implementation of SOC/SIEM solution and Enterprise Architecture Should be hands-on on security processes with good client and Market facing experience in India geography Should have worked on Designing, solutioning and Implementation of Cyber Security Frameworks - Security Operations Strategy, Vulnerability Management - Application & Infrastructure and Threat Intelligence and Analytics Preferred candidate profile : Should have worked on the below - M&A experience - Actively monitoring, analyzing & escalating SIEM alerts based on correlation rules, Active threat hunting on network flow, user behavior and threat intelligence Candidate should have expert level domain knowledge (Cyber Security), Threat Hunting, SIEM - Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm/Qradar ), Ability to Comprehend Logs (HTTP, SMTP, Network), Operating systems and servers, Organizes Technical Sessions / Talks. Candidate should able to familiar with python Scripting & Windows Active Directory (Optional). Vulnerability Management Services - External & internal Vulnerability scanning, VMS tool Qualys & Kenna Administration, Application server & Vulnerability scanning Candidate should have expert level domain knowledge (Cyber Security), Vulnerability scans and recognizing vulnerabilities in security systems, Network analysis tools to identify vulnerabilities, Develop insights about the context of an organizations threat environment, Risk management processes, Network attack and a network attacks relationship to both threats and vulnerabilities. Candidate should have advance level understanding of Impact/risk assessments. Security Operations and Management experience - SOC Experience in Identity access, privilege access, vulnerability management Client facing - front end with the client- focused on engagements + Sales, BD + Capability Development Qualification: B.Tech / M.Tech/ MCA professional with 9-12 years of experience in the relevant role Should have strong hands on MS Power Point and MS Project Hands on experience and certification in any one SIEM (IBM QRadar, ArcSight, Azure Sentinel, Splunk) Security Certifications like CISSP, CISM, GIAC, Security+ etc Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Cybersecurity Specialist Summary Apply Now vijayawada Full-Time 5+ Years Industry IT/Security Responsibilities Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. About The Role Develop and manage security measures for networks, systems, and applications. The role includes conducting regular security audits and responding to security incidents. Qualifications Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. Skills Expertise in network security, firewalls, and intrusion detection systems. Proficiency in SIEM tools like Splunk or QRadar. Strong knowledge of compliance standards (ISO, NIST). Experience with vulnerability assessment and penetration testing.

DevOps Engineer Summary Apply Now Full-Time 4-6 years Responsibilities Automate and streamline deployment processes using CI/CD tools. Manage and monitor cloud infrastructure and services. Implement security measures and compliance in DevOps processes. Collaborate with development and operations teams to improve system performance. Troubleshoot and resolve infrastructure and deployment issues. Qualifications Automate and streamline deployment processes using CI/CD tools. Manage and monitor cloud infrastructure and services. Implement security measures and compliance in DevOps processes. Collaborate with development and operations teams to improve system performance. Troubleshoot and resolve infrastructure and deployment issues. Skills Strong knowledge of firewalls, VPNs, IDS/IPS, and security protocols. Experience with SIEM tools (Splunk, QRadar). Proficiency in risk assessment and management. Understanding of compliance standards (ISO, NIST, GDPR). Excellent analytical and problem-solving abilities.

About The Role : Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience Requirements 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Req ID: 313359 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a AD - Systems Engineering Specialist to join our team in Noida, Uttar Pradesh (IN-UP), India (IN). Role Responsibilities Incidents response of Active Directory, Azure AD, and OS/server tickets Group policy administration and implementation Reporting and review of all connectivity, synchronization, replication within Active Directory DNS health and performance Sites and services - Missing or incorrectly assigned subnets NTP Reporting, configuration and accuracy Monitoring/reporting/reviewing all metrics and changes around netlogon, NTDS Database partitions, DNS settings, SRV records, Trust relationships Review of domain controllers, application, and security events to find any issues or trends Work with security teams to respond to emergency or critical vulnerabilities, patching or changes as required Response to NON-AD or believed to be AD related issues such as 3rd party application authentication issues, windows/RDP login issues, LDAP query issues, Kerberos errors, NTP errors. Windows Server OS maintenance, Patching, Upgrades, Hardware tickets, troubleshooting On-call rotation Required to have flexibility in schedules - First, Second, Third shifts available Required Qualifications 5+ years of relevant experience Strong knowledge of Active Directory, Window Server OS, Network, Firewall Basic understanding of Azure AD, Azure SSO, Azure MFA Strong knowledge of Group Policy VMware Basic understanding Strong troubleshooting skills Basic PowerShell Commands/scripting Preferences Ideally certifications from one of the followingSecurity+, Microsoft, AWS Strong Azure AD, Azure SSO, Azure MFA skills Advanced PowerShell scripting Undergraduate degree Strong understanding of networking technologies Advanced knowledge of network security that pertains to communications, computer system environments and related infrastructures About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies.Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us atus.nttdata.com NTT DATA endeavors to make https://us.nttdata.comaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here. Job Segment System Administrator, Consulting, Database, Technology