891 Qradar Jobs - Page 14

About The Opportunity Netrix Global team is looking for an experienced Senior Security Engineer to join our growing security team. In this role, you'll be defending our clients and infrastructure against evolving cyber threats. You'll work collaboratively within a global SOC environment, helping detect, investigate, and respond to incidents-while also contributing to threat hunting, process improvement, and security automation initiatives. It's a role for someone with a deep curiosity for cybersecurity, a proactive mindset, and a desire to improve enterprise security at scale. If you're motivated by continuous learning and thrive in fast- paced environments, we'd love to talk to you. How You Will Make An Impact Act as a senior member of the Security Operations Center (SOC), independently handling and resolving incidents, while driving lessons learned and continuous improvement. Collaborate with global teams and develop best practices around processes, tools, and awareness. Perform in-depth analysis of complex security logs, SIEM events, and correlated data to identify, assess, and remediate threats. Maintain and improve existing security tools, create and refine use cases, and tailor configurations based on evolving threat intelligence. Conduct penetration testing, vulnerability assessments, and guide remediation efforts. Take a proactive approach to identifying risks, potential issues, and opportunities for improving the security posture of the organization. Contribute to 24/7 SOC capabilities, ensuring effective detection and response coverage. Participate in compliance and audit-related efforts by helping ensure system and policy adherence. Support SOAR platform integration and automation to improve incident response workflows. Mentor junior team members and promote a strong, collaborative team culture. What You Will Bring To The Table 4-5+ years in Information Security or related cybersecurity roles. Hands-on experience in a SOC environment, with deep exposure to SIEM and endpoint/network security. 2+ years of experience with cloud environments and cloud-native security tools. Experience with SOAR platforms and scripting (Python, PowerShell, Bash, etc.). Experience with penetration testing, vulnerability scanning, and vulnerability management processes. Working knowledge of Linux systems and syslog analysis from CLI. 2-4 years of systems analysis and incident handling. Strong grasp of cloud security concepts such as access control, data protection, threat detection, and compliance monitoring. Tools & Technologies Azure Sentinel, QRadar, Splunk Cisco IDS/IPS, Palo Alto, McAfee Security Suite Tenable Nessus, ForeScout, Cisco ISE Comfortable with query languages such as KQL or SQL (considered an advantage). Operational knowledge of APIs is a plus. Preferred Education Bachelor's degree in Computer Information Systems, Cybersecurity, or a related field (or equivalent experience). Certifications (Any combination of the following will be considered a strong advantage.) Required / Preferred CompTIA Security+ Certified Ethical Hacker (CEH) Certified Security Analyst (ECSA) Certified Incident Handler (ECIH) CompTIA Cybersecurity Analyst (CySA+) SC-200 or relevant cloud security certifications Cisco CCNA / CCNP + Security ITIL Foundation Linux+ Additional (Desirable): CISSP or CISSP-ISSEP SSCP MCSE Shift : The role is part of a 24x7 operational environment. The employee may be required to work in any of the rotating shifts based on business needs, including night shifts. The work schedule will follow Indian Standard Time (IST), and shift assignments may vary to ensure continuous support coverage. About Us At Netrix Global our values are the philosophies and principles that live by. They support our vision, help us achieve our goals and commit us to a common purpose. We Own Outcomes, Win Together, Make an Impact, Enjoy The Journey, and Respect All! Netrix Global is a mission-driven organization with the goal of providing the people, processes, and technology needed to run and scale modern, data-driven businesses that are always on and always secure. Our breadth of capabilities allows us to provide holistic offerings that solve even today’s most complex business challenges, delivering to you an integrated, optimized, and future-proof solution. We work with clients of all sizes and specialize in solutions for healthcare, manufacturing, government, education, financial services, and legal industries. Netrix is consistently ranked in the CRN VAR500, detailing the country’s top system integrators. At Netrix, we’re driven to solve business problems with innovative technology solutions. We focus on end-users and are committed to client satisfaction. What You Can Expect From Us We offer a competitive compensation package, comprehensive group benefits to meet the needs of you and your family, flexibility, and time off when you need it, and a casual work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. As part of this commitment, we will ensure that persons with disabilities are provided with reasonable accommodation. If you need a reasonable accommodation, please let us know by contacting NetrixHR@Netrixglobal. To learn more about Netrix Global please go to www.netrixglobal.com

We are hiring for Manager / Senior Manager Security Operations Center (SOC) at Gurgaon About the Role: We are seeking a proactive and experienced Manager / Senior Manager to lead our Security Operations Center (SOC) and Incident Response (IR) functions. This role involves designing and implementing a comprehensive SOC and IR strategy in partnership with Managed Security Services (MSS) providers, while also developing internal SOC capabilities to effectively detect, monitor, and respond to security threats. Core Responsibilities: Design and implement a managed SOC and Incident Response strategy, architecture, and program in collaboration with MSS providers to ensure comprehensive threat detection, monitoring, and response. Provide oversight and governance of MSS/SOC partners to ensure service quality, SLA compliance, and alignment with organizational security goals. Evaluate, recommend, and implement security technologies and tools essential for SOC operations and effective incident response. Define and develop threat detection use cases; oversee red team exercises and coordinate attack simulations to evaluate SOC readiness and response effectiveness. Ensure logging is enabled and correctly configured across all critical infrastructure, applications, and security devices in coordination with IT and cloud teams. Validate ingestion and monitoring of all relevant security logs into the SIEM platform to maintain effective threat detection. Manage, mentor, and develop a lean internal SOC team, collaborating closely with the MSS/SOC partner to strengthen in-house oversight and ensure operational resilience. Optimize detection coverage, incident triage processes, and SLA adherence to ensure timely and accurate incident resolution. Lead the design and tuning of alert rules, maintain automated playbooks, and implement advanced threat monitoring techniques to improve SOC efficiency. Be responsible for coordinating threat intelligence sharing and response activities across internal and MSS partner Incident Response teams. Ensure compliance with internal incident response procedures and relevant regulatory requirements. Drive continuous improvement of SOC capabilities through KPIs, regular threat drills, and post-incident reviews. Develop and maintain SOC performance dashboards and prepare executive-level reports to communicate operational effectiveness and security posture to senior leadership. Perform additional Information Security projects and tasks as assigned by senior management to support Mobileum’s evolving security landscape. Stakeholder & Collaboration Management: Collaborate with IT, Cloud Operations, Engineering, Legal, and Risk Management teams to align SOC operations with broader organizational risk management initiatives. Serve as the primary liaison with MSS providers, ensuring clear communication, contractual compliance, and coordinated incident response. Work alongside Security Architecture, Governance, and Compliance teams to integrate SOC activities within the organization’s overall security framework. Ability to translate complex technical details into clear, business-understandable language for effective communication with stakeholders. People Management & Leadership: Lead and mentor a lean internal SOC and Incident Response team, promoting a culture of proactive monitoring and continuous improvement. Encourage skill development and cross-functional collaboration to enhance SOC and IR capabilities. Balance leveraging MSS partnerships with developing strong in-house security operations expertise. Work Style & Leadership Attributes: Hands-on leader with strong technical knowledge of SOC operations and incident response methodologies. Proactive, self-driven, and solution-oriented with the ability to lead complex security programs under pressure. Excellent communicator capable of engaging technical teams, business stakeholders, and senior leadership. Ability to foster a security-aware culture and motivate teams to maintain high vigilance and operational excellence. Qualifications & Certifications: Preferred Certifications: GIAC Security Operations Certified (GSOC)/GIAC Certified Incident Handler (GCIH) Certified SOC Analyst (CSA) – EC-Council CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) PMP or equivalent project management certification (optional) Skills & Experience: 7–12 years of experience managing SOC and Incident Response teams or functions. Expertise with SIEM platforms (Splunk, IBM QRadar, ArcSight, Azure Sentinel, or equivalent) and security monitoring tools. In-depth knowledge of threat detection, incident triage, alert tuning, and automation of response processes. Experience managing Managed Security Service Providers (MSSPs) and third-party vendor relationships. Strong understanding of logging best practices, log management, and cloud security monitoring. Proven ability to analyse complex security incidents and lead root cause analysis and remediation efforts. Excellent leadership, stakeholder management, and communication skills. Work Experience: 7–12 years Educational Background: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Technology, or related discipline preferred. Location: Gurgaon

About The Opportunity Netrix Global team is looking for an experienced Senior Security Engineer to join our growing security team. In this role, you'll be defending our clients and infrastructure against evolving cyber threats. You'll work collaboratively within a global SOC environment, helping detect, investigate, and respond to incidents-while also contributing to threat hunting, process improvement, and security automation initiatives. It's a role for someone with a deep curiosity for cybersecurity, a proactive mindset, and a desire to improve enterprise security at scale. If you're motivated by continuous learning and thrive in fast- paced environments, we'd love to talk to you. How You Will Make An Impact Act as a senior member of the Security Operations Center (SOC), independently handling and resolving incidents, while driving lessons learned and continuous improvement. Collaborate with global teams and develop best practices around processes, tools, and awareness. Perform in-depth analysis of complex security logs, SIEM events, and correlated data to identify, assess, and remediate threats. Maintain and improve existing security tools, create and refine use cases, and tailor configurations based on evolving threat intelligence. Conduct penetration testing, vulnerability assessments, and guide remediation efforts. Take a proactive approach to identifying risks, potential issues, and opportunities for improving the security posture of the organization. Contribute to 24/7 SOC capabilities, ensuring effective detection and response coverage. Participate in compliance and audit-related efforts by helping ensure system and policy adherence. Support SOAR platform integration and automation to improve incident response workflows. Mentor junior team members and promote a strong, collaborative team culture. What You Will Bring To The Table 4-5+ years in Information Security or related cybersecurity roles. Hands-on experience in a SOC environment, with deep exposure to SIEM and endpoint/network security. 2+ years of experience with cloud environments and cloud-native security tools. Experience with SOAR platforms and scripting (Python, PowerShell, Bash, etc.). Experience with penetration testing, vulnerability scanning, and vulnerability management processes. Working knowledge of Linux systems and syslog analysis from CLI. 2-4 years of systems analysis and incident handling. Strong grasp of cloud security concepts such as access control, data protection, threat detection, and compliance monitoring. Tools & Technologies: Azure Sentinel, QRadar, Splunk Cisco IDS/IPS, Palo Alto, McAfee Security Suite Tenable Nessus, ForeScout, Cisco ISE Comfortable with query languages such as KQL or SQL (considered an advantage). Operational knowledge of APIs is a plus. Preferred Education: Bachelor's degree in Computer Information Systems, Cybersecurity, or a related field (or equivalent experience). Certifications: (Any combination of the following will be considered a strong advantage.) Required / Preferred: CompTIA Security+ Certified Ethical Hacker (CEH) Certified Security Analyst (ECSA) Certified Incident Handler (ECIH) CompTIA Cybersecurity Analyst (CySA+) SC-200 or relevant cloud security certifications Cisco CCNA / CCNP + Security ITIL Foundation Linux+ Additional (Desirable): CISSP or CISSP-ISSEP SSCP MCSE Shift : The role is part of a 24x7 operational environment. The employee may be required to work in any of the rotating shifts based on business needs, including night shifts. The work schedule will follow Indian Standard Time (IST), and shift assignments may vary to ensure continuous support coverage. About Us At Netrix Global our values are the philosophies and principles that live by. They support our vision, help us achieve our goals and commit us to a common purpose. We Own Outcomes, Win Together, Make an Impact, Enjoy The Journey, and Respect All! Netrix Global is a mission-driven organization with the goal of providing the people, processes, and technology needed to run and scale modern, data-driven businesses that are always on and always secure. Our breadth of capabilities allows us to provide holistic offerings that solve even today’s most complex business challenges, delivering to you an integrated, optimized, and future-proof solution. We work with clients of all sizes and specialize in solutions for healthcare, manufacturing, government, education, financial services, and legal industries. Netrix is consistently ranked in the CRN VAR500, detailing the country’s top system integrators. At Netrix, we’re driven to solve business problems with innovative technology solutions. We focus on end-users and are committed to client satisfaction. What You Can Expect From Us We offer a competitive compensation package, comprehensive group benefits to meet the needs of you and your family, flexibility, and time off when you need it, and a casual work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. As part of this commitment, we will ensure that persons with disabilities are provided with reasonable accommodation. If you need a reasonable accommodation, please let us know by contacting NetrixHR@Netrixglobal. To learn more about Netrix Global please go to www.netrixglobal.com

Roles & Responsibilities Reviews alerts generated by SentinelOne and implements appropriate containment and mitigation measures Proficient in SIEM, with a focus on QRadar SIEM, as well as threat monitoring and hunting within SIEM environments. Analyzes payloads using JoeSandbox and escalates to the appropriate team as necessary Collaborates with the Forensics team to conduct threat hunting using identified Indicators of Compromise (IoCs) and Tactics, Techniques, and Procedures (TTPs) Assists the Tiger Team in targeted collections of systems based on identified malicious activities in the client's environment Conducts historical log reviews to support threat hunting efforts and ensures all malicious artifacts are mitigated in the SentinelOne console Examines client-provided documents and files to supplement the SOC investigation and mitigation strategy Conducts perimeter scans of client infrastructure and reports any identified vulnerabilities to the Tiger Team for appropriate escalation Manages client-related tasks within the ConnectWise Manage ticketing system as part of the Client Handling Lifecycle Creates user accounts in SentinelOne console for the client Generates Threat Reports showcasing activity observed within the SentinelOne product Executes passphrase exports as needed for client offboarding Submits legacy installer requests to ensure the team is properly equipped for deployment Provides timely alert notifications to the IR team of any malicious activity impacting our clients Assists with uninstalling/migrating SentinelOne Generates Ranger reports to provide needed visibility into client environments Manages and organizes client assets (multi-site and multi-group accounts) Applies appropriate interoperability exclusions relating to SentinelOne and client applications Performs SentinelOne installation / interoperability troubleshooting as needed Contributes to the overall documentation of SOC processes and procedures Participates in “Handler on Duty (HOD) shifts as assigned to support the TT client matters Internally escalates support ticket / alerts to Tier II-IV Analysts as needed May perform other duties as assigned by management Skills And Knowledge Demonstrated knowledge of Windows and Unix operating systems Thorough understanding of Digital Forensics and Incident Response practices Proficiency in advanced analysis techniques for processing and reviewing large datasets in various formats Familiarity with TCP/IP and OSI Model concepts at a basic level Expertise in the Incident Response Life Cycle stages (Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned) Working knowledge of the MITRE ATT&CK framework at an intermediate level Proven ability to work independently and solve complex problems with little direction from management Highly detail-oriented and committed to producing quality work Job Requirements Associate’s degree and 6+ years of IT related experience or Bachelor’s Degree and 2-5 years related experience Current or previous knowledge of, or previous experience with, Endpoint Detection and Response (EDR) toolsets General knowledge of the Incident Handling Lifecycle Ability to communicate in both technical and non-technical terms both oral and written DISCLAIMER The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties and skills required personnel so classified. WORK ENVIRONMENT While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodation may be made to enable people with disabilities to perform the essential functions of this job. PHYSICAL DEMANDS No physical exertion required Travel within or outside of the state Light work: Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force as frequently as needed to move objects TERMS OF EMPLOYMENT Salary and benefits shall be paid consistent with Arete salary and benefit policy. FLSA OVERTIME CATEGORY Job is exempt from the overtime provisions of the Fair Labor Standards Act. DECLARATION The Arete Incident Response Human Resources Department retains the sole right and discretion to make changes to this job description. EQUAL EMPLOYMENT OPPORTUNITY We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better. Arete Incident Response is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry. When you join Arete… You’ll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we’re about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters. Equal Employment Opportunity We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.

Join Our Cyber Star Team -Deloitte India !! #CyberChamps-Are you ready to apply your knowledge & background to exciting new challenges ? From Learning to Leadership, this is your chance to take your career to next level. Time To Meet The Team @ Deloitte -Gurgaon DLF office -12th July (Saturday) Interested Applicants-Choose your Impact & Apply on the below link to Join our #Cyber Team! Link To Apply- https://lnkd.in/dCsGFkgP JobCode-85019 #Please note the below schedule/venue dates for In-Person (F2F) Round :- Save The Date :: 12th Jul'25 (10 AM - 6 PM)-Saturday Mode :: In-Person Interview - Based on Virtual Interview Scoring Test via invirtualinterview@deloitte.com Office Location :: 7th Floor, Building 10, Tower B, DLF Cyber City, DLF Phase 2, Sector 24, Gurugram, Haryana 122002. What You'll Do :: 1. SOC Ops Lead / L3SecOps | Gurgaon | Exp-6 to 12 years : >Lead 24/7 operations of the MSSP SOC, ensuring continuous monitoring, analysis, and response to security incidents across multiple client environments. >Oversee the detection, investigation, and response to security incidents within client environments. >Ensure proper escalation of incidents to client contacts based on the severity and impact of the incident. >Oversee the use and management of SOC tools such as SIEM, SOAR, EDR, threat intelligence platforms, and log management solutions. >Implement automation and orchestration (SOAR) to streamline repetitive tasks and improve response times. 2. SOC Ops L2 / SIEM, QRADAR Engineering / Incident Response | Gurgaon | Exp-4 to 8 years : >Conduct in-depth investigation of security incidents including data collection, root cause analysis, and recovery efforts, ensuring compliance with defined SLAs. >Validate and fine-tune correlation rules, use-cases, and custom detections in SIEM tools to reduce false positives and improve detection fidelity. > Propose new SIEM use cases with playbook creation based on threat intelligence, evolving TTPs, or internal security gaps. >Conduct alert quality reviews, enhancing or retiring outdated detection logic and recommending improved strategies. 3. LogRythm /Incident Response | Gurgaon & Hyderabad | Exp- 2 to 4 years : >Advanced Log Monitoring and Analysis >Incident Escalation and Resolution >LogRhythm Platform Management >Threat Intelligence Integration >Security Tool Configuration and Tuning: **Immediate/ Early Joiners are highly preferred. **Should be flexible to operate in 24*7 rotational shifts and willing to travel for clients based out of Mumbai Location. **Mandatory Virtual Screening test by the applicants to be completed before appearing for In-Person Interviews on Saturday.

About this role: Wells Fargo is seeking a Senior Information Security Engineer. In this role, you will: Lead or participate in computer security incident response activities for moderately complex events Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security Review and correlate security logs Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Required Qualifications: 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: 4+ years of demonstrated information security applications and systems experience 4+ years of demonstrated experience leveraging security technologies such as SIEM for security incident analysis 2+ years of demonstrated experience with at least one scripting language (preferably JavaScript and its frameworks Python) working on automation and engineering projects Proficiency in detection engineering developing and maintaining effective detection rules and correlation logic. Correlation searches, rules, alerts. Behavioral detections (e.g., brute-force, privilege escalation). Anomaly detections (e.g., unusual logon patterns, entropy-based detections). Hands-on experience with parsing configurations (props, transforms, regex, normalization techniques). Expertise in log source onboarding , source categorization, and enrichment. Strong understanding of security event types (firewall, endpoint, identity, cloud, SaaS logs). Familiarity with common attack vectors (credential abuse, privilege escalation, lateral movement). Knowledge of threat detection frameworks like MITRE ATT&CK, NIST, CIS . Ability to work with threat intelligence feeds to build contextual detections. Experience with log analysis , anomaly detection , and statistical detection methods. Proficient in developing content for SIEMs such as Splunk, Sentinel, QRadar, ArcSight, Elastic, etc. Optimize search performance and false positive tuning of existing detection rules. Maintain deployment workflows for apps, configurations, and detection packages across the SIEM infrastructure. Work with security analytics teams to develop data models or normalized schemas (CIM or equivalent). Job Expectations: Knowledge and understanding of banking or financial services industry Should possess understanding of security and threat landscape relevant to cloud technologies Excellent verbal, written, and interpersonal communication skills Strong ability to identify anomalous behavior on endpoint devices and/or network communications Advanced problem solving skills, ability to develop effective long-term solutions to complex problems Relevant certifications such as Splunk Certified Admin, Splunk Enterprise Security Certified Admin.

Job requisition ID :: 85202 Date: Jul 9, 2025 Location: Hyderabad Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Consultant in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities & Desired qualifications We are seeking an experienced and proactive L2 SOC Analyst with expertise in SOAR Playbook development. The candidate will be responsible for managing, developing, and enhancing automation and orchestration workflows within SOAR. Key Requirements: Develop and maintain playbooks in SOAR for automated threat detection and response. Integrate various security tools (SIEM, EDR, threat intel feeds, etc.) into SOAR. Create custom automations/scripts using Python and XSOAR’s automation engine. Tune and optimize existing playbooks for performance, accuracy, and false positive reduction. Document playbook logic, automation scripts, and incident handling procedures. Provide mentorship and support to L1 analysts and contribute to SOC knowledge sharing. Strong hands-on experience with Cortex XSOAR and playbook development. Familiarity with Python scripting for automation in SOAR. Working knowledge of SIEM tools (e.g., Splunk, QRadar, Elastic). Good understanding of cybersecurity concepts: malware, phishing, MITRE ATT&CK, etc. Strong analytical and problem-solving skills. Ability to work independently and as part of a team in a fast-paced environment. Preferred Qualifications: Knowledge of incident response frameworks (NIST, SANS). SOAR Certified Automation Engineer. Location and way of working Base location: Hyderabad Professional is required to work from office Your role as Senior Execuive We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job Title: L2 Engineer – Security Operations Center (SOC ) Company Name : Amyntor Infosec Private Limited Location: Trivandrum Department: Cyber Security Experience: 2-4 Years About Us: Amyntor Infosec is a leading provider of IT infrastructure and cybersecurity solutions, specializing in delivering high-impact projects to organizations across industries.We are seeking a dynamic and detail-oriented Level 2 SOC Analyst to join our cybersecurity operations team. This role is critical in strengthening our threat detection and incident response capabilities. The ideal candidate will be responsible for conducting in-depth analysis of security events, escalating sophisticated threats, and contributing to the creation and optimization of security playbooks. If you are passionate about defending digital infrastructure, possess strong analytical skills, and are eager to be part of a collaborative and fast-paced environment, we invite you to be a key player in our mission to proactively safeguard our clients and operations. About the Role: We are seeking a skilled and proactive L2 SOC Engineer to strengthen our cybersecurity operations team. The role demands technical excellence across incident management , security control implementation , and playbook development , with opportunities for direct client engagement during presales and project execution phases. We offer a dynamic environment with performance-linked incentives , overtime payments , and opportunities for career advancement. Key Responsibilities: Act as the Level 2 escalation point for security events across SIEM, EDR, IDS/IPS, and Firewall ecosystems. Lead or support the end-to-end implementation of SOC environments , including platform setup (SIEM, SOAR, log onboarding), use-case development, integration of security tools, and operational runbook creation. Implement security controls — technical, administrative, and operational — as per client risk profiles and project requirements. Collaborate internally with presales teams by providing technical inputs during solution design and client proposal stages. Develop, document, and maintain incident response playbooks and standard operating procedures (SOPs). Investigate escalated incidents, perform root cause analysis, and coordinate remediation actions. Continuously tune detection rules, optimize use-cases, and enhance threat detection strategies. Mentor and guide L1 SOC Analysts, fostering a culture of continuous learning and operational excellence. Proactively recommend improvements in client security posture based on real-time threat intelligence and gap assessments. Required Skills and Experience: Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related field. 2–4 years of hands-on experience in a SOC environment. Strong working knowledge of security platforms such as Wazuh , Splunk, QRadar, LogRhythm, or other SIEMs. Expertise in implementation of cybersecurity controls across technical, administrative, and operational domains. Good understanding of security standards, including MITRE ATT&CK, NIST Cybersecurity Framework, and ISO 27001. Ability to develop structured, actionable playbooks and process documentation. Strong problem-solving skills, analytical thinking, and an ability to perform under pressure. Relevant certifications (CEH, CompTIA Security+, CySA+, or equivalent) are preferred. Preferred Skills: Prior client-facing experience — in presales engagements, project implementations, or cybersecurity consulting — will be considered an added advantage. Experience in tuning SIEM use cases and detection logic for optimized threat detection. Strong communication skills to effectively convey technical findings to diverse audiences. Passion for security innovation, threat hunting, and continuous process improvements. Compensation and Benefits: Competitive Base Salary benchmarked to the cybersecurity market. Performance-Based Incentive Mechanisms linked to client satisfaction and incident response efficiency. Overtime Payment for work performed beyond standard hours. Paid cybersecurity certifications and specialized learning programs. Career advancement pathways into Threat Intelligence, Forensics, Security Architecture, and other specialized roles. Dynamic, innovation-driven work environment with exposure to leading-edge cybersecurity tools and practices. Why Join Us? Deliver mission-critical security services that protect and empower client organizations. Gain exposure across multiple industries, technologies, and security challenges. Be part of a results-driven team that values expertise, collaboration, and continuous growth. Note : Kindly read the Job Description fully before applying for this post Job Types: Full-time, Permanent Pay: ₹35,000.00 - ₹40,000.00 per month Benefits: Cell phone reimbursement Commuter assistance Schedule: Day shift Fixed shift Morning shift Supplemental Pay: Overtime pay Performance bonus Ability to commute/relocate: Technopark, Thiruvananthapuram, Kerala: Reliably commute or planning to relocate before starting work (Required) Education: Bachelor's (Required) Experience: Cybersecurity: 2 years (Required) SoC: 1 year (Required) Willingness to travel: 50% (Preferred) Work Location: In person

Role: Senior Presales - Cyber Security Location: Mumbai, Maharashtra, India Experience: 6 - 12 years Job Type: Non-Tech Working Days - Monday - Friday Note: Only Local Candidates Notice Period: 30 Days Academic Qualifications: Bachelor’s degree Must-Have Skills 6+ Years of presales experience with customer facing Should meet the customers and understand the requirements and should be able to articulate the business challenges well internally as well as back to customers to arrive at suitable solution Hands-on experience to showcase product Demo / POV at customer sites Should have experience in good documentation – POV scope of work, prerequisites, deliverables etc. Experience in any 2 of the key skills mentioned in the JD is acceptable with meeting any of 2 OEM in listed areas. Technology DomainOEMProxyZscaler, Netskope, ForcepointDLPZscaler, Netskope, ForcepointWAFCloudflare, F5IdentityOkta, BeyondTrust, CyberArkSIEMIBM Qradar, Splunk, Firtinet Good-to-Have Skills Excellent Oral Communication skills and Written skills, Excellent presentation skills Good analytical skills who can understand customer’s business challenges and arrive at right solution. Key Performance Indicators Conduct pre-engagement meetings Create end-user knowledge transfer Function as a requirements analyst Serve as a conduit between sales and Delivery team Conduct Cybersecurity solution & service research Make contributions to the Cybersecurity technical portfolio About company: It one of the leading Digital Systems & Services Integrator company in South Asia. We accelerate Customer’s Business Transformation Journey through our competence in Consulting, Integration and Security, delivering Next-Gen Digital Infrastructure Technologies, Solutions and Services. Roles and Responsibilities: Senior Presales – Cyber Security As a Senior Presales Consultant – Cyber Security, you will be responsible for engaging with clients to understand their cybersecurity challenges and propose appropriate solutions leveraging leading OEM technologies. You will act as a trusted advisor to customers and a key liaison between the sales and delivery teams. Key Responsibilities Understand customer requirements, identify pain points, and map them to appropriate cybersecurity solutions. Conduct product demos and Proof of Value (POV) presentations at client locations. Draft technical documents including scope of work, prerequisites, and deliverables. Collaborate with sales and delivery teams to build customized solution proposals. Serve as a key liaison between customers, internal teams, and OEMs. Conduct technical workshops, pre-engagement meetings, and knowledge transfer sessions. Contribute to research and development of the cybersecurity solutions portfolio. Skills: analytical skills,oems,cybersecurity solutions,documentation,requirements analysis,presales experience,presales,presentation skills,communication skills,senior presales - cyber security,proof of value (pov),cybersecurity,presales- cybersecurity,customer engagement,product demonstration

Job requisition ID :: 85117 Date: Jul 9, 2025 Location: Delhi Designation: Assistant Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Consultant / Assistant Manager in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities & Desired qualifications We are seeking an experienced and proactive L2 SOC Analyst with expertise in SOAR Playbook development. The candidate will be responsible for managing, developing, and enhancing automation and orchestration workflows within SOAR. Key Requirements: Develop and maintain playbooks in SOAR for automated threat detection and response. Integrate various security tools (SIEM, EDR, threat intel feeds, etc.) into SOAR. Create custom automations/scripts using Python and XSOAR’s automation engine. Tune and optimize existing playbooks for performance, accuracy, and false positive reduction. Document playbook logic, automation scripts, and incident handling procedures. Provide mentorship and support to L1 analysts and contribute to SOC knowledge sharing. Strong hands-on experience with Cortex XSOAR and playbook development. Familiarity with Python scripting for automation in SOAR. Working knowledge of SIEM tools (e.g., Splunk, QRadar, Elastic). Good understanding of cybersecurity concepts: malware, phishing, MITRE ATT&CK, etc. Strong analytical and problem-solving skills. Ability to work independently and as part of a team in a fast-paced environment. Preferred Qualifications: Knowledge of incident response frameworks (NIST, SANS). SOAR Certified Automation Engineer. Location and way of working Base location: Hyderabad Professional is required to work from office Your role : We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

About the Role We are seeking a highly skilled Security Analyst (Level 2) to join our MSSP SOC team. The ideal candidate will have expertise in SIEM (Splunk, QRadar), XDR/EDR solutions, and security analysis with hands-on experience in investigating and responding to security alerts. This role requires proficiency in reviewing and analyzing Level 1 alerts, providing detailed recommendations, and engaging with customers for incident handling. The candidate should also have basic SIEM administration knowledge and Python scripting skills for troubleshooting and playbook development. Key Responsibilities Threat Detection & Response: Analyze and investigate security alerts, events, and incidents generated by SIEM, XDR, and EDR solutions. Incident Investigation & Handling: Conduct in-depth security incident investigations, assess impact, and take appropriate actions. Incident Escalation & Communication: Escalate critical incidents to Level 3 analysts or senior security teams while maintaining detailed documentation. Content Management: Develop and fine-tune correlation rules, use cases, and alerts in SIEM/XDR platforms to improve detection accuracy. Malware Analysis: Perform basic malware analysis and forensic investigation to assess threats. Customer Request Handling: Collaborate with customers to address security concerns, provide recommendations, and respond to inquiries. SIEM Administration: Assist in the administration and maintenance of SIEM tools like Splunk or QRadar, ensuring smooth operations. Automation & Playbooks: Utilize Python scripting for automation, troubleshooting, and playbook development to enhance SOC efficiency. Reporting & Documentation: Prepare detailed reports on security incidents, trends, and mitigation strategies. Basic Qualifications B.E/B. Tech degree in computer science, Information Technology, Masters in Cybersecurity 3+ years of experience in a SOC or cybersecurity operations role. Strong knowledge of SIEM tools (Splunk, QRadar) and XDR/EDR solutions. Hands-on experience in threat detection, security monitoring, and incident response. Knowledge of network security, intrusion detection, malware analysis, and forensics. Basic experience in SIEM administration (log ingestion, rule creation, dashboard management). Proficiency in Python scripting for automation and playbook development. Good understanding of MITRE ATT&CK framework, security frameworks (NIST, ISO 27001), and threat intelligence. Strong analytical, problem-solving, and communication skills. Ability to work in a 24x7 SOC environment (if applicable) Preferred Qualifications Certified SOC Analyst (CSA) Certified Incident Handler (GCIH, ECIH) Splunk Certified Admin / QRadar Certified Analyst CompTIA Security+ / CEH / CISSP (preferred but not mandatory

Seasoned Cybersecurity Presales Consultant with 12+ years of experience in designing, presenting, and delivering enterprise-grade security solutions across diverse industry verticals, including BFSI, Government, Telecom etc. Experience in supporting the Govt Vertical is mandatory. Skilled at bridging customer requirements with best-fit cybersecurity architectures that align with Zero Trust, SASE, and regulatory compliance frameworks. Demonstrated ability to manage end-to-end presales lifecycle – from requirement gathering, solution design, OEM coordination, POC delivery, pricing strategy, to RFP/RFI compliance and executive-level presentations. Expertise in working with top-tier OEMs such as Fortinet, Cisco, Palo Alto, Check Point, CrowdStrike, Microsoft, Sophos, Trend Micro, and Securonix. Core Competencies Cybersecurity Presales & Solution Architecture RFP/RFI Response Management & Bid Compliance Zero Trust / SASE / NIST Framework Mapping Enterprise & Cloud Security Architecture OEM and Partner Engagement Strategy Cost Optimization & Licensing Advisory Technical Workshops, Demos & POCs CXO Presentations & Deal Influence Technical Expertise Security Area - Expertise Network Security NGFW, IPS/IDS, VPN, SD-WAN, Segmentation, NAC Endpoint Security- EDR, DLP, Patch Management, Application Control Identity & Access - AD, LDAP, MFA, IAM, PAM, SAML, OAuth SOC & Threat Analytics- SIEM (Securonix, Splunk, IBM QRadar), SOAR, UEBA, Threat Intel, MITRE ATT&CK Cloud Security- CASB, CWPP, CSPM, Cloud Firewall, Cloud WAF, CNAPP Compliance Support - ISO 27001, NIST CSF, CERT-In, RBI, IRDA, HIPAA, GDPR

Job Summary: We are seeking a highly experienced and results-driven SOC Manager to lead our centralized Security Operations Center (SOC) for multiple enterprise clients. The ideal candidate will have deep experience managing cross-functional cybersecurity teams, driving security project delivery, and maintaining operational excellence in a multi-customer SIEM (Qradar)environment. The role demands strong leadership, risk management, client engagement, . Experience : 8+ Years (with hands-on and leadership roles in SOC Operations, SIEM, , and client project management) Key Responsibilities: Manage end-to-end delivery of SOC services across multiple enterprise customers in a centralized/multi-tenant SIEM environment. Lead cross-functional teams in offense management, use case tuning, vulnerability remediation, and threat response. Develop and maintain operational playbooks, SOPs, and incident response workflows. Supervise and mentor SOC analysts and project leads, fostering team growth and technical upskilling. Ensure all customer SLAs are met with timely and accurate delivery of daily, weekly, and monthly reports. Conduct root cause analysis and gap assessments to continuously improve detection capabilities and response times. Lead onboarding of new customers including asset discovery, log source onboarding, and KPI setup. Collaborate with threat intelligence teams to align detection strategies with evolving threat landscapes. Improve SOC metrics such as offense triage time, false positive rates, and ticket quality. Ensure log integrity, retention, and regulatory compliance across all monitored environments. Required Skills and Qualifications: Proven experience managing SOC operations, including project and people management. Strong understanding of SIEM platforms (QRadar ), offense triaging, and threat lifecycle management. Experience delivering cybersecurity services to BFSI, healthcare, or manufacturing clients. Excellent analytical, presentation, and documentation skills. Familiarity with KPI management, MIS reporting, and client communication.

Job requisition ID :: 85980 Date: Jul 10, 2025 Location: Delhi Designation: Assistant Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a Consultant in our Cybersecurity Team, you’ll build and nurture positive working relationships with both internal teams and external clients, with the goal of exceeding client expectations. We are currently seeking a skilled LogRhythm Engineer to manage, maintain, and enhance our LogRhythm SIEM platform, ensuring effective monitoring, detection, and response to security incidents. The ideal candidate will have strong experience in LogRhythm administration, threat detection, and SOC operations, providing continuous security improvements and operational support to the SOC team. Key Responsibilities: LogRhythm Administration: Install, configure, and manage LogRhythm components, including log sources, custom parsers, and correlation rules. Log Source Management: Onboard and manage log sources from network devices, servers, applications, and security tools to ensure accurate log ingestion and parsing. Use Case & Rule Development: Develop and fine-tune correlation rules, alarms, and custom use cases to detect malicious or anomalous activity. Threat Detection & Monitoring: Monitor, analyze, and respond to security events and incidents identified by LogRhythm. Performance Tuning: Optimize LogRhythm performance, including log throughput, storage, and tuning for high-EPS environments. Integration & Automation: Extend LogRhythm capabilities through API integrations and automation with other tools (e.g., firewalls, EDR, DLP). Incident Response Support: Assist the SOC team with investigations and root cause analysis using LogRhythm data and tools. Dashboards & Reporting: Create and maintain dashboards and reports for operational, compliance, and executive audiences. Compliance & Audit Support: Ensure alignment with regulatory standards (e.g., GDPR, HIPAA, PCI-DSS) in SIEM operations. Troubleshooting & Maintenance: Resolve issues related to log ingestion, parser errors, system performance, and general administration. System Upgrades & Patching: Plan and execute upgrades, patching, and system maintenance activities to ensure reliability and security. Desired Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or a related field — or equivalent hands-on experience. 2+ years of hands-on experience with LogRhythm SIEM, including installation, configuration, and rule tuning. Strong understanding of SIEM operations, event correlation, log management, and security monitoring. Experience working in a Security Operations Center (SOC), with knowledge of threat detection and incident response. Proficiency with scripting and automation (e.g., Python, Bash, PowerShell) is a plus. Familiarity with security technologies such as firewalls, IDS/IPS, EDR, DLP, etc. Knowledge of security frameworks and standards such as MITRE ATT&CK, NIST, ISO 27001, etc Preferred Certifications IBM Log Rhythm SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Mumbai/Gurgaon/Hyderabad/Bangalore Professional is required to work from office Your role as AM We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job Title: L2 Engineer – Security Operations Center (SOC ) Company Name : Amyntor Infosec Private Limited Location: Trivandrum Department: Cyber Security Experience: 2-4 Years About Us: Amyntor Infosec is a leading provider of IT infrastructure and cybersecurity solutions, specializing in delivering high-impact projects to organizations across industries.We are seeking a dynamic and detail-oriented Level 2 SOC Analyst to join our cybersecurity operations team. This role is critical in strengthening our threat detection and incident response capabilities. The ideal candidate will be responsible for conducting in-depth analysis of security events, escalating sophisticated threats, and contributing to the creation and optimization of security playbooks. If you are passionate about defending digital infrastructure, possess strong analytical skills, and are eager to be part of a collaborative and fast-paced environment, we invite you to be a key player in our mission to proactively safeguard our clients and operations. About the Role: We are seeking a skilled and proactive L2 SOC Engineer to strengthen our cybersecurity operations team. The role demands technical excellence across incident management , security control implementation , and playbook development , with opportunities for direct client engagement during presales and project execution phases. We offer a dynamic environment with performance-linked incentives , overtime payments , and opportunities for career advancement. Key Responsibilities: Act as the Level 2 escalation point for security events across SIEM, EDR, IDS/IPS, and Firewall ecosystems. Lead or support the end-to-end implementation of SOC environments , including platform setup (SIEM, SOAR, log onboarding), use-case development, integration of security tools, and operational runbook creation. Implement security controls — technical, administrative, and operational — as per client risk profiles and project requirements. Collaborate internally with presales teams by providing technical inputs during solution design and client proposal stages. Develop, document, and maintain incident response playbooks and standard operating procedures (SOPs). Investigate escalated incidents, perform root cause analysis, and coordinate remediation actions. Continuously tune detection rules, optimize use-cases, and enhance threat detection strategies. Mentor and guide L1 SOC Analysts, fostering a culture of continuous learning and operational excellence. Proactively recommend improvements in client security posture based on real-time threat intelligence and gap assessments. Required Skills and Experience: Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related field. 2–4 years of hands-on experience in a SOC environment. Strong working knowledge of security platforms such as Wazuh , Splunk, QRadar, LogRhythm, or other SIEMs. Expertise in implementation of cybersecurity controls across technical, administrative, and operational domains. Good understanding of security standards, including MITRE ATT&CK, NIST Cybersecurity Framework, and ISO 27001. Ability to develop structured, actionable playbooks and process documentation. Strong problem-solving skills, analytical thinking, and an ability to perform under pressure. Relevant certifications (CEH, CompTIA Security+, CySA+, or equivalent) are preferred. Preferred Skills: Prior client-facing experience — in presales engagements, project implementations, or cybersecurity consulting — will be considered an added advantage. Experience in tuning SIEM use cases and detection logic for optimized threat detection. Strong communication skills to effectively convey technical findings to diverse audiences. Passion for security innovation, threat hunting, and continuous process improvements. Compensation and Benefits: Competitive Base Salary benchmarked to the cybersecurity market. Performance-Based Incentive Mechanisms linked to client satisfaction and incident response efficiency. Overtime Payment for work performed beyond standard hours. Paid cybersecurity certifications and specialized learning programs. Career advancement pathways into Threat Intelligence, Forensics, Security Architecture, and other specialized roles. Dynamic, innovation-driven work environment with exposure to leading-edge cybersecurity tools and practices. Why Join Us? Deliver mission-critical security services that protect and empower client organizations. Gain exposure across multiple industries, technologies, and security challenges. Be part of a results-driven team that values expertise, collaboration, and continuous growth. Note : Kindly read the Job Description fully before applying for this post Job Types: Full-time, Permanent Pay: ₹35,000.00 - ₹40,000.00 per month Benefits: Cell phone reimbursement Commuter assistance Schedule: Day shift Fixed shift Morning shift Supplemental Pay: Overtime pay Performance bonus Ability to commute/relocate: Technopark, Thiruvananthapuram, Kerala: Reliably commute or planning to relocate before starting work (Required) Education: Bachelor's (Required) Experience: Cybersecurity: 2 years (Required) SoC: 1 year (Required) Willingness to travel: 50% (Preferred) Work Location: In person

Job title: Associate Consultant (SOC) Location: Navi Mumbai Number of Vacancies: 1 Educational Qualifications: BE-IT / B Tech /BSc. Comps/ BCA or equivalent Key Skills: Cyber Security Incident Analysis and Response Experience: 2-4 yrs. Essential Duties and Responsibilities: Perform real time monitoring, incident handling, investigation, analysis, reporting, and escalations of security events. Integrate log sources with SIEM s create use cases. Identify suspicious/malicious activities through logs. Preparation of Incident tracker and follow-up with client IT team for mitigation. Communicate with the clients to resolve the queries related to incidents. Prepare s Review Daily, Weekly and Monthly Reports/Dashboard. Create s Review advisories and ensure organization is protected from latest threats s vulnerabilities. Work Experience Requirements: Understanding of Cyber Security Concepts and Incident Response framework and processes. Hands on experience in monitoring events and investigating incidents daily. Experience in identifying, analyzing, and responding to security incidents within defined SLA. Hands-on experience working on SIEM / EDR Tools like Crowdstrike, QRadar etc. Configuring use cases s creating playbooks for security monitoring will be an added advantage. Experience of working in a 24x7 Security Operations Center (rotational shifts). Good communication and collaboration skills. Team Management Skills.

: Job Title- Information Security Specialist Corporate Title- Assistant Vice President Location- Pune, India Role Description Information Security Production Services (IS PS) supports all divisions with information security relevant areas, like Application user recertification and other identity & access management areas. IS PS is seeking an Information Security Analyst for Application Onboarding. Job Summary We are seeking a highly motivated and skilled information Security Specialist Assistant Vice President to join our CSO Unified Onboarding Team. The Successful candidate will play a key role in ensuring the timely and compliant onboarding of applications into the banks centralized Identity and Access Management Platforms Specifically Recertification, Request and Approval, and Segregation of Duties control systems. This position requires a strong background in information security practices, stakeholder management, and project execution. The selected candidate will be expected to operate with minimal supervision, take ownership of critical onboarding workstreams and act as a delegate for the manager when needed, including representing the team in leadership meetings, managing escalations and mentoring junior team members. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Drive the end-to-end onboarding of applications to central IAM platforms, ensuring alignment with enterprise security policies and compliance mandates. Act as the primary liaison between the Unified Onboarding Team and Business/application stakeholders to gather requirements, communicate timelines and resolve onboarding-related issues. Serve as the primary point of contact for stakeholders, including business application owners, control owners and technical teams. Provide subject matter expertise in recertification, access request workflows and segregation of duties controls. Support stakeholders through the onboarding lifecycle by offering guidance, answering queries and coordinating with control owners and technical teams. Ensure that all onboarding activities are tracked, documented and completed within defined timelines. Ensure documentation, tracking and reporting of onboarding progress, risks and delays. Escalate risks and delays appropriately, ensuring visibility to leadership and mitigation strategies are in place. Collaborate with internal information security, risk, audit, and compliance teams to ensure regulatory obligations are being met. Identify and implement process improvements to streamline onboarding and enhance user experience. Maintain awareness of regulatory updates, internal policy changes and IAM best practices to ensure continual alignment. Take ownership of escalated onboarding cases and drive them to resolution through effective collaboration and decision-making Support resource planning, work allocation and overall team coordination in alignment with program priorities. Proactively identify process gaps and lead continuous improvement initiatives within the team. Monitor team workload and onboarding metrics and prepare periodic status reports and executive summaries as required. Your skills and experience Bachelors degree in information technology, Cybersecurity, Computer Science or a related field. Should have 10+ years of total work experience or at least 8+ years of relevant experience in similar role. Strong working knowledge of recertification processes, access request and approval mechanisms and segregation of duties control. Excellent interpersonal skills with a track record of strong stakeholder management. Exceptional communication skills, able to present technical concepts clearly and confidently to non-technical stakeholders. Proven experience with task prioritization, independent decision making and escalation management. Ability to manage multi-tasks assignments and efficiently prioritize workload with limited supervision and resilient under pressure. Ability to build a network in the business and among business managers, project managers and subject matter experts Flexible, pro-active and innovative How well support you About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Vulnerability Identification & Assessment: Manage and oversee vulnerability scanning tools (Qualys, Tenable, Rapid7, etc.). Analyze vulnerability data from multiple sources and assess the impact on business operations. Perform risk assessments and categorize vulnerabilities based on severity and exploitability. Remediation & Risk Mitigation:Collaborate with IT and development teams to ensure timely remediation of identified vulnerabilities. Prioritize vulnerabilities based on risk to the business and potential exploitability. Track remediation efforts and ensure proper closure of security gaps. Process & Policy Development:Define and maintain vulnerability management policies, standards, and procedures. Establish workflows for vulnerability detection, reporting, remediation, and validation. Ensure compliance with security frameworks such as NIST, CIS, ISO 27001, and regulatory standards like GDPR, HIPAA, and PCI-DSS. Security Monitoring & Threat Intelligence Integration:Work with threat intelligence teams to understand emerging threats and vulnerabilities. Ensure vulnerability management aligns with incident response and threat-hunting processes. Continuously enhance detection mechanisms to improve vulnerability discovery and response. Compliance & Audit Readiness:Ensure that vulnerability management practices align with regulatory and compliance requirements. Maintain records of assessments, remediation efforts, and compliance reports for audits. Support internal and external audits related to vulnerability management. Reporting & Metrics: Develop and present vulnerability status reports to security leadership and executive teams. Track key performance indicators (KPIs) related to vulnerability remediation SLAs and risk reduction Provide insights on security posture improvements based on trend analysis. Security Awareness & Collaboration:Conduct training sessions to educate teams on vulnerability risks and remediation best practices. Work closely with DevSecOps, SOC, and infrastructure teams to integrate security best practices into the development lifecycle Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Vulnerability Management Preferred technical and professional experience Qualys

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred technical and professional experience Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques.Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications"

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Key Responsibilities: Design, implement, and manage Palo Alto Networks solutions, including: Next-Gen Firewall (NGFW) EDR/XDR (Cortex XDR) SIEM/SOAR (Cortex XSIAM) Lead and support migration projects from legacy platforms (e.g., Splunk, Sentinel, QRadar) to Palo Alto Cortex XSIAM Work with clients to understand business requirements and deliver tailored cybersecurity solutions Perform threat hunting, alert tuning, policy configuration, and use case development Collaborate with global teams (onshore/offshore model) for delivery in sectors like Telecom, Finance, Retail, and Public Sector Support security assessments, integrations, and continuous improvement initiatives Required Skills & Qualifications: Strong hands-on experience in Palo Alto technologies (NGFW, Cortex XDR/XSIAM) Proven knowledge of cybersecurity operations, SOC processes, and incident response Experience with SIEM migration and integrations Understanding of threat intelligence, detection engineering, and automation Good knowledge of scripting (Python, PowerShell) and log analysis Excellent communication and client-facing skills Preferred Certifications: Palo Alto Networks Certifications, such as: PCNSE (Network Security Engineer) Cortex XDR/XSIAM certifications (if available) Additional certifications like CEH, CISSP, or relevant SIEM/EDR vendor certifications are a plus

Position Summary We are seeking an experienced SOC Analyst to join our Security Operations team. This role demands an individual with a strong technical background in incident analysis, SIEM administration, and rule fine-tuning. The ideal candidate will have experience working with diverse environments, including Windows, Linux, and network security, and will be well-versed in ELK stack management and troubleshooting beats agents. Key Responsibilities 1. Incident Detection and Analysis: o Conduct deep-dive analysis on security incidents, assessing root causes, and recommending solutions. o Proactively monitor and respond to security alerts, managing incident escalation and resolution processes. o Prepare detailed reports and document incidents to support future analysis and security measures. 2. SIEM Administration and Rule Fine-Tuning: o Oversee SIEM configurations, including tuning rules to optimize alerting and reduce false positives. o Conduct SIEM platform upgrades, troubleshoot performance issues, and ensure platform availability. o Collaborate with IT teams to integrate new data sources into SIEM and enhance visibility. 3. System and Network Security: o Perform continuous monitoring and analysis across Windows and Linux systems and network infrastructures. o Utilize tools for traffic analysis, anomaly detection, and threat identification. o Support configurations and policies within the IT and network environment to strengthen security. 4. ELK Stack and Beats Agent Management: o Manage and troubleshoot ELK Stack components (Elasticsearch, Logstash, and Kibana) to ensure seamless data flow. o Perform regular maintenance and troubleshooting of beats agents, ensuring reliable log ingestion and parsing. 5. Security Policies and Compliance: o Contribute to policy updates, ensuring adherence to organizational and industry compliance standards. o Document and enforce security controls aligned with best practices and regulatory requirements. Skills and Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. Experience: o Minimum of 5+ years in SOC operations or a similar cybersecurity role. o Proven experience in SIEM administration, incident analysis, and configuration fine-tuning. o Proficiency in monitoring and troubleshooting Windows and Linux systems and managing network security protocols. o Hands-on experience with the ELK Stack, with expertise in troubleshooting beats agents. Technical Skills: o Familiarity with SIEM tools (e.g., Splunk, QRadar) and network protocols. o Strong command of incident response processes, security frameworks, and best practices. o Knowledge of communication protocols and system integrations for data protection. Certifications (preferred): CISSP, CompTIA Security+, CEH, or similar security certifications. Competencies Strong analytical skills with attention to detail. Excellent verbal and written communication abilities. Ability to work independently and collaboratively in a fast-paced environment. Additional Preferred Skills Knowledge of regulatory compliance standards. Experience in using EDR solutions. Ability to document processes and create incident playbooks. This role offers an opportunity to work on advanced cybersecurity initiatives within a dynamic SOC environment, contributing to enhanced organizational security.

Job Summary : We are seeking a proactive and detail-oriented SOC Analyst – L1 to join our Security Operations Center. The analyst will be responsible for real-time monitoring, detection, and initial triage of security incidents using IBM QRadar SIEM platform in a multi-tenancy environment. This role serves as the front line of defence, identifying suspicious activities and escalating potential threats to L2 Analysts for further investigation. Key Responsibilities : Monitor and analyze security alerts from QRadar SIEM for multiple customers in a multi-tenant SOC environment. Perform initial triage and prioritization of security events and incidents. Investigate basic security incidents such as malware detections, brute-force attempts, unauthorized access, and phishing attempts. Accurately document incidents, actions taken, and escalation steps in the ticketing system. Follow defined Standard Operating Procedures (SOPs) for incident classification, prioritization, and escalation. Assist in threat intelligence correlation and trend identification across tenants. Regularly communicate with L2/L3 analysts for escalations and further analysis. Stay updated on common vulnerabilities and attack patterns (CVEs, IOC, MITRE ATT&CK, etc.). Required Skills & Qualifications : 1 – 4 years of experience in SOC operations or a cybersecurity role. Hands-on experience with IBM QRadar /any SIEM Tool (log monitoring, offenses, rule-based alerts). Basic understanding of cybersecurity concepts like firewalls, IDS/IPS, malware, phishing, brute force, etc. Knowledge of TCP/IP, ports and protocols, OSI model. Experience working in a multi-tenancy SOC setup is a plus. Good communication skills and ability to work under pressure in shift-based operations. Familiarity with ticketing tools (like ServiceNow, Tussom, etc.). Willingness to work in 24x7 rotational shifts. Preferred Certifications (any one ): IBM QRadar Certified Associate CompTIA Security+ CEH (Certified Ethical Hacker) Any SIEM or SOC-related certification

Join Our Cyber Star Team -Deloitte India !! ✨ #CyberChamps-Are you ready to apply your knowledge & backgorund to exciting new challenges ? From Learning to Leadership, this is your chance to take your career to next level. #Time To Meet The Team @Deloitte-Gurgaon DLF office -12th July (Saturday) #Interested Applicants-Choose your Impact & Apply on the below link to Join our #Cyber Team! Link To Apply- https://lnkd.in/dCsGFkgP JobCode-85019 #Please note the below schedule/venue dates for In-Person (F2F) Round :- 📅 Save The Date :: 12th Jul'25 (10 AM - 6 PM)-Saturday 🚺 Mode :: In-Person Interview - Based on Virtual Interview Scoring Test via invirtualinterview@deloitte.com 📍 Office Location :: 7th Floor, Building 10, Tower B, DLF Cyber City, DLF Phase 2, Sector 24, Gurugram, Haryana 122002. #What You'll Do :: 1. SOC Ops Lead / L3SecOps | Gurgaon | Exp-6 to 12 years : >Lead 24/7 operations of the MSSP SOC, ensuring continuous monitoring, analysis, and response to security incidents across multiple client environments. >Oversee the detection, investigation, and response to security incidents within client environments. >Ensure proper escalation of incidents to client contacts based on the severity and impact of the incident. >Oversee the use and management of SOC tools such as SIEM, SOAR, EDR, threat intelligence platforms, and log management solutions. >Implement automation and orchestration (SOAR) to streamline repetitive tasks and improve response times. 2. SOC Ops L2 / SIEM, QRADAR Engineering / Incident Response | Gurgaon | Exp-4 to 8 years : >Conduct in-depth investigation of security incidents including data collection, root cause analysis, and recovery efforts, ensuring compliance with defined SLAs. >Validate and fine-tune correlation rules, use-cases, and custom detections in SIEM tools to reduce false positives and improve detection fidelity. > Propose new SIEM use cases with playbook creation based on threat intelligence, evolving TTPs, or internal security gaps. >Conduct alert quality reviews, enhancing or retiring outdated detection logic and recommending improved strategies. 3. LogRythm /Incident Response | Gurgaon & Hyderabad | Exp- 2 to 4 years : >Advanced Log Monitoring and Analysis >Incident Escalation and Resolution >LogRhythm Platform Management >Threat Intelligence Integration >Security Tool Configuration and Tuning: **Immediate/ Early Joiners are highly preferred. **Should be flexible to operate in 24*7 rotational shifts and willing to travel for clients based out of Mumbai Location. **Mandatory Virtual Screening test by the applicants to be completed before appearing for In-Person Interviews on Saturday. Best Regards, Talent Team