408 Qradar Jobs - Page 15

Job Responsibilities: Subject Matter Expert:- WAF & SIEM Lead a Team of dedicated WAF ((OR)) SIEM Support Engineers or work independently for WAF ((or)) SIEM Support, Implementation, Presales. Take Ownership to solve support tickets / Implementation & POCs/Demo. Provide expert guidance to Support Team / Implementation Team / Presales Team. Keep the team motivated to ensure they deliver the best when leading a team. Provide Knowledge Sharing to internal team. Having Exposure into LMS and good training skills would be an added advantage (Not Mandatory). Requirements:- Minimum of 1 to 2 years of experience in handling WAF or SIEM support as an L1 Engineer or L1 Support. Minimum of 1 to 2 years of experience in handling WAF or SIEM support as an L2 Engineer or L2 Support. Intensive Experience and Knowledge in anyone of WAF products such as Imperva, F5, Radware, A10 is M andatory ((OR)) SIEM products such as QRadar, Splunk, ELK, Alienvault, FortiSIEM, Logrhythm, RSA, Microsoft Sentinel is Mandatory. Globally Recognized Technical Certifications in anyone of the OEM such as Imperva, F5, Radware, A10 is Mandatory ((OR)) QRadar, Splunk, ELK, Alienvault, FortiSIEM, Logrhythm, RSA, Microsoft Sentinel is Mandatory Excellent in Communication skills is Mandatory. Perks and benefits :- You can learn the multiple aspects of your role & department. Great opportunity to grow, handle more responsibility and get recognized. Flexible Work Environment - multiple leave benefits, flexi work time, etc hybrid work style - hence work life balance. Company covered health & accident insurance coverage. Company provided social security - PF / ESCI / Gratuity. Company paid CUG sim card provided. Professional development & skill development programs.

ArcSight SIEM platform management. Devices onboarding on ArcSight SIEM. Custom Parser development. EPS license (2.5K) assessment. Upgrade of ArcSight SIEM components. Architectural Assessment of ArcSight SIEM

Responsibilities Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. Job Description Develop and manage security measures for networks, systems, and applications. The role includes conducting regular security audits and responding to security incidents. Skills Expertise in network security, firewalls, and intrusion detection systems. Proficiency in SIEM tools like Splunk or QRadar. Strong knowledge of compliance standards (ISO, NIST). Experience with vulnerability assessment and penetration testing.

Dear Candidate, We are looking for a skilled SOC Analyst to monitor and analyze security alerts in a Security Operations Center (SOC). You will be responsible for detecting, investigating, and responding to cyber threats. Key Responsibilities: Monitor security alerts, logs, and network traffic for signs of suspicious activity. Investigate security incidents and escalate critical threats. Work with SIEM tools to analyze security events and generate threat reports. Conduct log correlation and threat hunting activities. Respond to malware infections, phishing attacks, and unauthorized access incidents. Assist in developing SOC playbooks and incident response procedures. Conduct regular security drills and tabletop exercises for incident preparedness. Required Skills & Qualifications: Hands-on experience with SIEM platforms (Splunk, QRadar, ArcSight, ELK Stack). Strong understanding of intrusion detection and security event monitoring. Familiarity with cyber kill chain, MITRE ATT&CK, and threat hunting methodologies. Ability to analyze network packets, logs, and forensic data for threat identification. Security certifications such as CEH, GCIH, or CompTIA Security+ are preferred. Soft Skills: Strong problem-solving and analytical skills. Excellent communication skills to work with cross-functional teams. Ability to work independently and as part of a team. Detail-oriented with a focus on delivering high-quality solutions. Note: If you are interested, please share your updated resume and suggest the best number & time to connect with you. If your resume is shortlisted, one of the HR from my team will contact you as soon as possible. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Notice Period : Immediate 15 Days only Job Description Cybersecurity Experience: Proven experience in a cybersecurity or IT security role with a strong focus on security operations. SIEM Tools: Hands-on experience with SIEM tools like Splunk, ArcSight, or QRadar for threat monitoring, incident detection, and log analysis. Network Security: Expertise in network security technologies, including firewalls, IDS/IPS, and VPNs. Endpoint Protection: Strong knowledge of endpoint protection solutions for detecting and responding to cyber threats at the device level. Incident Response: Experience in incident response activities, including malware infections, data breaches, and denial-of-service (DoS) attacks. Threat Detection: Familiarity with threat detection software and methodologies to safeguard systems from internal and external attacks. Networking Knowledge: Solid understanding of networking protocols (TCP/IP, HTTP, DNS, etc.) and network architecture. Troubleshooting & Analysis: Strong analytical and troubleshooting skills for identifying and resolving complex security issues. Scripting & Automation: Proficiency in scripting (Python, Bash, etc.) for automating security tasks and responses. Communication: Excellent written and verbal communication skills to document incidents and collaborate with cross-functional teams. Required Skills Cybersecurity Engineer with Experience with SIEM platforms such as Splunk, ArcSight, or QRadar, along with strong expertise in firewalls, IDS/IPS, VPNs, endpoint protection, and incident response methodologies. Preferred Skills Certifications such as CISSP, CEH, CISM, or similar. Experience with cloud security and securing cloud infrastructure (AWS, Azure, Google Cloud). Familiarity with security frameworks such as NIST, ISO 27001, or CIS Controls.

Ensure effective implementation and operation of the SIEM system (Splunk), protect the organization's network and systems from security threats and incidents, collect and analyze security event data, provide timely and accurate information to incident response teams, support the investigation and remediation of security incidents. Roles and Responsibilities SIEM Deployment & Configuration Use Case Development & Correlation Rules Threat Detection & Incident Response Performance Optimization & Health Monitoring Compliance & Security Best Practices Collaboration & Documentation

Note- its 24X7 shift, Location: Gurgaon / Bangalore / Hyderbad / Mumbai Qradar Implementation : JD below Desired qualifications Bachelors degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 5+ years of experience in deploying and managing QRadar SIEM in large-scale environments, preferably within an MSSP. In-depth understanding of QRadar architecture, components, and deployment scenarios. Strong experience in managing and securing multi-tenant SIEM environments. Expertise in log source integration, event normalization, and tuning for different client environments. Familiarity with scripting and automation tools (Python, Bash, etc.) for custom integrations and log parsing. Solid understanding of networking and security technologies (firewalls, IDS/IPS, EDR, etc.). Hands-on experience with security frameworks such as MITRE ATT&CK, NIST, or ISO 27001. QRadar Enginner - JD below Desired qualifications Bachelors degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 4+ years of experience with QRadar SIEM, including installation, configuration, and administration. Strong knowledge of SIEM operations, event correlation, and log management. Experience in SOC operations, threat detection, and incident response. Proficiency in scripting and automation (Python, Bash, or PowerShell) is a plus. Familiarity with network security tools, firewalls, IDS/IPS, EDR, and other security technologies. In-depth knowledge of security frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001).

Note- its 24X7 shift, Location: Gurgaon / Bangalore / Hyderbad / Mumbai Qradar Implementation : JD below Desired qualifications Bachelors degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 5+ years of experience in deploying and managing QRadar SIEM in large-scale environments, preferably within an MSSP. In-depth understanding of QRadar architecture, components, and deployment scenarios. Strong experience in managing and securing multi-tenant SIEM environments. Expertise in log source integration, event normalization, and tuning for different client environments. Familiarity with scripting and automation tools (Python, Bash, etc.) for custom integrations and log parsing. Solid understanding of networking and security technologies (firewalls, IDS/IPS, EDR, etc.). Hands-on experience with security frameworks such as MITRE ATT&CK, NIST, or ISO 27001. QRadar Enginner - JD below Desired qualifications Bachelors degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 4+ years of experience with QRadar SIEM, including installation, configuration, and administration. Strong knowledge of SIEM operations, event correlation, and log management. Experience in SOC operations, threat detection, and incident response. Proficiency in scripting and automation (Python, Bash, or PowerShell) is a plus. Familiarity with network security tools, firewalls, IDS/IPS, EDR, and other security technologies. In-depth knowledge of security frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001).

Note- its 24X7 shift, Location: Gurgaon / Bangalore / Hyderbad / Mumbai Qradar Implementation : JD below Desired qualifications Bachelors degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 5+ years of experience in deploying and managing QRadar SIEM in large-scale environments, preferably within an MSSP. In-depth understanding of QRadar architecture, components, and deployment scenarios. Strong experience in managing and securing multi-tenant SIEM environments. Expertise in log source integration, event normalization, and tuning for different client environments. Familiarity with scripting and automation tools (Python, Bash, etc.) for custom integrations and log parsing. Solid understanding of networking and security technologies (firewalls, IDS/IPS, EDR, etc.). Hands-on experience with security frameworks such as MITRE ATT&CK, NIST, or ISO 27001. QRadar Enginner - JD below Desired qualifications Bachelors degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 4+ years of experience with QRadar SIEM, including installation, configuration, and administration. Strong knowledge of SIEM operations, event correlation, and log management. Experience in SOC operations, threat detection, and incident response. Proficiency in scripting and automation (Python, Bash, or PowerShell) is a plus. Familiarity with network security tools, firewalls, IDS/IPS, EDR, and other security technologies. In-depth knowledge of security frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001).

About The Role Analyze cyber threat data from multiple sources including open-source intelligence (OSINT), internal network logs, threat feeds, and commercial threat intelligence platforms Perform the intelligence capitalization within the Group owned Threat Intelligence Platform Leverage Threat Intelligence Platforms, SIEM tools, and other security technologies to automate the collection, analysis, and dissemination of threat intelligence. Use threat modeling techniques to anticipate and prioritize potential risks based on evolving cyber threat trends. Assist with risk assessments, vulnerability management, and penetration testing efforts by providing insights into possible threat actor targeting and attack vectors. Investigate Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and malware samples to identify emerging threats and vulnerabilities. Correlate threat data with internal logs, threat intelligence platforms, and external sources to build comprehensive threat profiles. Provide technical threat intelligence support during active security incidents, including assisting in the identification of malicious activity, threat actor attribution, and incident containment. Work closely with the Incident Response & Threat hunting team to analyze and track threat actors, their tactics, and attack methods. Participate to the tools PoC used/expected by the Team and regularly look for their relevancy given the evolution of the Group needs Apply the Business Continuity Plan for the Group Cyber Threat Intelligence Team Ensure that the SLAs are not breached Primary Skills Experience in a Cyber Threat Intelligence or related cybersecurity role (e.g., SOC Analyst, Security Researcher, Incident Responder) would be appreciated. Familiarity with open-source intelligence (OSINT) & Social Media Intelligence (SOCMINT) tools and techniques Understanding of cyber threat landscape, advanced persistent threats (APTs), and attack methodologies (e.g., MITRE ATT&CK framework). General Intelligence knowledge know the processes related to the intelligence, the confidentiality and the intelligence cycle Knowledge about intelligence capitalization, associations, and correlation Familiarity with threat intelligence platforms (e.g., OpenCTI, ThreatConnect, Anomali, MISP). Familiarity with security tools like SIEM (Splunk, QRadar) and endpoint security would be appreciated.

? Identify gaps and weaknesses on current alerting platforms and recommend improvements to ensure evolving capabilities. Identify gaps and weaknesses on Data Loss Prevention platforms. Continually review existing risk scoring models and adjust accordingly to ensure proper focus on significant security events and business needs. Administrate of DLP solution and liaising with GRC & CISO function to configure policies and work on reporting, monitor and respond to different alerts generated from the DLP solution. Demonstrate a good understanding of incident response process and event escalations, repone to DLPs escalations reported by incident response team. Share recommendations to further identify sensitive data and strengthen security controls. Collaborate & partner with legal, compliance team to support customer privacy initiative and continue compliance with different regulations, to mature company data life cycle management with focus on data security. Ability to independently research and solve technical issues and Demonstrated integrity in a professional environment.

Responsible for operationalization of new security platforms to enable security operations Center to stay ahead of emerging and current threats. Security Information Event Management & Analytics Platforms integration Trellix SIEM(Mcafee) Build Co relation rules from different integrated sources that drive security analytics and incident response. Custom integration of Log sources and SIEM content development. Act as a Subject Matter Expert for Onpremise SIEM solution.. Configure and troubleshoot Mcfaee SIEM components and related functionalities. Plan and onboard different data sources such as: Windows, linux, AD, Firewall, other security tools integration. Candidates with prior experience of setting up security operations from scratch would have added advantage. Understand business requirements from the client and translate them into technical deliverables within Cyber Security domain. Creating parsers for Unknown events, Identify Security Events and Co Relation Rules. Manage the daily/weekly/monthly SOC metrics reporting for the assigned set of clients. Build custom use cases, dashboards, reports as per the requirement from client and internal stakeholders. Proven history of maturing SOC from Initial to Optimised level of CMM maturity model. Skills Required Must Have s 6+ years of experience in IT and 6+ years in Cyber Security. Hands on experience on On premise SIEM like IBM QRadar, Mcafee SIEM, Trellix SIEM including creation of custom queries, detection rules. SIEM Trellix SIEM, QRadar, Splunk Thorough understanding of various industry leading cloud native SIEM architecture, pricing and technical knowhow. Knowledge about various threat vectors and attackers TTPs. In depth knowledge of Active Directory. Excellent communication skills with ability to lead discussions with C level executives. Key Attribute Ability to work collaboratively in a fast paced environment. Continuous learner with a proactive approach to stay updated on industry trends. Strong problem solving skills and ability to make sound decisions under pressure. Customer facing with good written skills and strong communication skills at all levels. May be required to participate in out of hours on call rota. Ability to consistently deliver to deadlines while prioritizing competing demands for time. Qualifications Bachelors degree in information technology or related field. Relevant certifications (CISSP, CEH) Working knowledge on any other SIEM tool viz, Trellix SIEM, Splunk, QRadar etc.

Role & responsibilities: Primary Skills - SIEM Tools (Azure Sentinel, Qradar, Cofence, Splunk) Must have Skills - Monitoring and Incident analysis Response Tools Support & Monitoring - Working knowledge of systems such as SIEM, EDR, Antivirus, Splunk, MS Defender Good understanding- Windows operating system and protocols such as TCP/IP , HTTP, SMTP Preferred candidate profile: Detailed JD - Scope Monitoring and Incident Response scope for these roles will be for the following infrastructures: - Client entities/logs not requiring security clearances Security Analyst SOC L2 In your capacity as a SOC Security Analyst, reporting to the Cyber Security Manager, you will help protect Client employees, business and infrastructure. You will act as an important part of Clients Global Security group, whose mandate covers both physical and cyber security. This role will be part of the group which provides governance on security aspects to Client business units, performs cyber threat intelligence and monitors the infrastructure to detect, triage and respond to cyber security events. Responsibilities: Monitor the infrastructure to detect cyber security events, triage them and follow established incident response processes Participate in Incident Analysis and Response Participate in the evolution of use cases, incident response processes as well as other tasks performed by the team Requirements: Bachelor's or master's Degree level in Computer Sciences, Computer Engineering, Software Engineering, Information Security or any other equivalent degree Minimum of 5 years of experience in the Information Security field Experience Identification, triage of Cyber Security Events Deliver 24/7 monitoring of Security Alerts generated by SIEM Tools (Azure Sentinel, Qradar, Cofence) Integrate with CGI Security Orchestration and Response (SOAR) solution, pulling alert data from by SIEM Tools (Azure Sentinel, Qradar, Cofence) to support security analyst monitoring activities to gain investigation intelligence; Run enrichment playbooks against the alert(s) to extract and augment data provided with the initial alert to further drive and help analysts in their event classification and analysis. Engage incident process playbooks to ensure standardization and enhanced SOC response capabilities, when or if a security issue is declared Ensure SLA requirements are being met and proper processes used. Post Security Incident Reports to the clients MSS Security portal Monitor for suspicious activities, including predefined threat signature criteria, and indicators of attack Use pre-configured alerts to rapidly identify suspicious activities Respond to generated security events and assess whether or not a valid security incident has occurred Notify clients designated contacts and recommend next steps to follow if an incident is identified; Collaborate with the hardening team to address security events that have been determined to be a false positives Recommend improvements to dashboards and Sentinel tuning/normalization to the hardening team as applicable Triage and assessment of potentially infected Windows hosts Response to phishing campaigns Response to cyber security events in Microsoft Office 365 Tools Support & Monitoring - Working knowledge of systems such as SIEM, EDR, Antivirus, Splunk, MS Defender Knowledge and Skills Security is a passion Knowledge & Experience on Splunk, QRadar, Azure Sentinel is must Knowledge in malware investigations and remediation's Good understanding of the Windows operating system and protocols such as TCP/IP , HTTP, SMTP Strong analytical and investigative skills Strong technical and learning agility, able to adapt to constantly evolving threats, domains and technologies Good written communication skills Ability to work independently, under pressure

L3 analysts reviews incident management, tracking notable events and make sure Security operations are running properly . Handle service requests for remediation and information gathering, notify advisories, and update SIEM watchlists with IOCs. They prepare and review weekly/monthly reports, participate in incident review calls, and present updates in team meetings. L3 analysts also manage adhoc tasks like offline tickets, audit log verification, and use case tracker preparation, ensuring proactive security operations. L2 analysts review and analyze tickets, validate logs, fine tune and create use cases, and automate workflows. They ensure accuracy in weekly and monthly reports, participate in incident review calls, and parse log fields for use case configuration. Collaboration with teams and customers is key for efficient monitoring and incident resolution.Also takes part in audit requirement and ad hoc tasks.

SIAM IM ExpectedITIL Certified, Helix ITSM tool hands on and Good to Have Telecom Industry Experience. Sanity checks on overall INCs across the program to make sure IM process is being adhered. Incidents are being taken care/updated/resolution details updated on timely basis. Provide leadership and direction during incidents, maintaining an overall incident perspective and ensure the Incident Management processes are followed. Deliver results and achieve SLA/KPI performance by focusing on effective cross functional team working Coordinate/facilitate the communication process as well as the escalation process during the course of a high priority incident. Proactively monitor incident resolution, analyse and highlight trends and root causes to the Service Desk Manager/Problem Manager and/or relevant support teams. Produce clearly written post incident documentation within the agreed timescales, assisting with Problem Management initiated review sessions where possible. Compile and publish weekly / monthly operational reports detailing high profile outages. Contribute to Continuous Service Improvement in Incident management process, Problem management and Change management process through incident analysis Govern and Audit Incident management process on monthly basis and report on gaps/issues. Come up with mitigation plan to address these gaps. Assist the queue managers with the correct rerouting of the misrouted tickets. Ensure partner organizations are aware of current incident process and adhere to it. Act as Escalation point for Service Delivery Managers and Service Provider Incident Managers Contact Service Delivery Manager to discuss details of the rejected Escalation Monitor service levels of Incident management function Validate use of Knowledge Base on Escalations Owner of the Incident Management process.

Role 1SOC Engineer (L1 / L2) About The Role Identifying, monitoring and responding to events and incidents that occur in the network Monitoring alerts from SIEM Creating and handling ticket related in security Ensuring SLAs are met; escalate the incident when SLAs are not met Investigating and analyzing network threats, and performing root cause analysis of incidents that occur in the network; Identifying and collecting data associated with initial security investigation finding. Collects data and context necessary to be relayed later to IR team. Hands on experience triaging security alerts, events, logs and artifacts Creates and maintains standard operating procedures and other similar documentation. Work in a team of 24/7 members 2 4 years experience as SOC Analyst At least 1 year hands on experience with SOAR platform, SIEM tools and log management tool In depth knowledge of security concepts such as security operations center (SOC), cyber attacks and techniques, threat vectors Hands on experience triaging security alerts, events, logs and artifacts Excellent analytical and problem solving skills as well as interpersonal skills to interact with team members, vendors and upper management Familiarity in malware and attack techniques Forensics experience is advantage Knowledge in Basic Linux is advantage Qualifications Experience of working within medium to large scale complex IT environments in telecommunication industry Strong oral and written communication skills Forensics experience is advantage Excellent attention to detail Resilient and approachable with the ability to work successfully in a dynamic, fast paced environment Ability to operate as a team player, with a flexible and positive attitude Strong analytical and problem solving skills Ability to work under pressure A self starter able to work independently but comfortable and effective working in a team environment. Commitment to accuracy and precision with all outcomes At least Bachelors degree in Network Engineering, Computer Science, Computer Information System or any equivalent degree/experiences. Ability to communicate written and verbally in English and Japanese (preferred). CertificationsPreferred Splunk, CEH, CompTIA+, Analyst Fundamentals Training, Security Analytics Training Acceptance Criteria for SelectionWith due selection process of Customer

Trellix (formerly known as Fireeye) Seasoned Endpoint Security resource with minimum 6 8 years of relevant experience working in Endpoint security domain. Should have extensive hands on knowledge in Endpoint Security Solutions including but mot limited to installation, configuration, and troubleshooting. MUST have hands on experience managing Trellix EDR (Endpoint Detection and Response) and Sentinel One EDR. Should be able to manage operations for Endpoint Security solutions like EDR, XDR Browser control etc. Hands on experience deploying and troubleshooting EDR clients as well as EDR console setup. Hands on experience on Configuring EDR clients, Recommendations for configuring clients, create a custom policy, Configure a policy Configure EDR advanced features, Single Sign On/MFA to log on EDR console, configure users, add and assign roles to users and respond to security incidents like Ransomware, Malware, virus outbreak. Monitoring EDR logs Excellent verbal and written communication skills Should have knowledge on change management, problem management, ITIL process, SLA management. Should be able to raise CR and implement the policies in Trellix, Sentinel One and other similar EDR products as per approved CR Excellent Team player with good analytical skills. Good to have certification CEH, Cyber Security Fundamentals

Job TitleIntune Management and Email Security Specialist LocationHyderabad/Pune Job TypeFull Time About UsTechM is a leading organization dedicated to providing top notch IT solutions. We are seeking a skilled Intune Management and Email Security Specialist to join our dynamic team. This role is crucial in ensuring the security and efficiency of our IT infrastructure. About The Role ResponsibilitiesIntune Management Configure, deploy, and manage Microsoft Intune for mobile device management (MDM) and mobile application management (MAM). Develop and implement policies for device compliance, application deployment, and security. Monitor and troubleshoot Intune related issues, ensuring optimal performance and security. Provide support for device enrollment, configuration, and lifecycle management. Collaborate with IT teams to integrate Intune with other Microsoft services like Azure AD and Office 365. Email Security (Proofpoint or Mail Marshal) Configure, deploy, and maintain Proofpoint or Mail Marshal email security solutions. Monitor email security systems to detect and block threats such as phishing, spam, malware, and impersonation attempts. Conduct regular security assessments and audits to ensure email security policies are effective. Respond to and mitigate email security incidents, providing detailed reports and recommendations. Stay updated with the latest email security trends and threats to proactively protect the organization. Qualifications Bachelor's degree in Computer Science, Information Technology, or a related field. Proven experience with Microsoft Intune, including device and application management. Strong knowledge of email security solutions, preferably Proofpoint or Mail Marshal. Familiarity with security best practices and compliance standards. Excellent problem solving skills and attention to detail. Strong communication skills, both written and verbal. Relevant certifications (e.g., Microsoft CertifiedSecurity, Compliance, and Identity Fundamentals) are a plus.

"LDAP Web SEAL JD(U3 Band Web SEAL support resource) Installing, configuring, and managing Web SEAL instances on servers, including setting up junctions, defining security policies, and managing user access controls. Integrating web SEAL with various authentication mechanisms like LDAP, Active Directory, and other identity providers to verify user credentials. Defining granular access control policies within web SEAL, determining which users can access specific web resources based on their roles and permissions. Creating and maintaining web SEAL policies for different applications, including URL based access controls, form based authentication, and advanced authorization rules. Configuring web SEAL to provide single sign on functionality across multiple web applications, allowing users to log in once and access all protected resources without re authenticating. Identifying and resolving issues related to web SEAL functionality, user access problems, and security vulnerabilities. Monitoring web SEAL performance metrics to ensure optimal system responsiveness and identify potential bottlenecks. Creating comprehensive documentation for web SEAL configurations, policies, and procedures to facilitate maintenance and support."

Description Primary Skills: Incident Management and Response System and Network Knowledge Post-Incident Analysis and Improvement Secondary Skills: Automation and Scripting Communication and Coordination Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Incident Management and Response Languages RequiredENGLISH Role Rarity To Be Defined

Description Primary Skills: Incident Management and Response System and Network Knowledge Post-Incident Analysis and Improvement Secondary Skills: Automation and Scripting Communication and Coordination Knowledge of Standards and Best Practices Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Incident Management and Response Languages RequiredENGLISH Role Rarity To Be Defined

Description Primary Skills: Scripting and Automation Threat Detection and Analysis Log Analysis and Monitoring Named Job Posting? (if Yes - needs to be approved by SCSC) Additional Details Global Grade C Level To Be Defined Named Job Posting? (if Yes - needs to be approved by SCSC) No Remote work possibility Yes Global Role Family To be defined Local Role Name To be defined Local Skills Scripting and Automation Languages RequiredENGLISH Role Rarity To Be Defined

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required. What you'll be doing Key Responsibilities: Proactively monitors the work queues. Performs operational tasks to resolve all incidents/requests in a timely manner and within the agreed SLA. Updates tickets with resolution tasks performed. Identifies, investigates, analyses issues and errors prior to or when they occur, and logs all such incidents in a timely manner. Captures all required and relevant information for immediate resolution. Provides second level support to all incidents, requests and identifies the root cause of incidents and problems. Communicates with other teams and clients for extending support. Executes changes with clear identification of risks and mitigation plans to be captured into the change record. Follows the shift handover process highlighting any key tickets to be focused on along with a handover of upcoming critical tasks to be carried out in the next shift. Escalates all tickets to seek the right focus from CoE and other teams, if needed continue the escalations to management. Works with automation teams for effort optimization and automating routine tasks. Ability to work across various other resolver group (internal and external) like Service Provider, TAC, etc. Identifies problems and errors before they impact a client’s service. Provides Assistance to L1 Security Engineers for better initial triage or troubleshooting. Leads and manages all initial client escalation for operational issues. Contributes to the change management process by logging all change requests with complete details for standard and non-standard including patching and any other changes to Configuration Items. Ensures all changes are carried out with proper change approvals. Plans and executes approved maintenance activities. Audits and analyses incident and request tickets for quality and recommends improvements with updates to knowledge articles. Produces trend analysis reports for identifying tasks for automation, leading to a reduction in tickets and optimization of effort. May also contribute to / support on project work as and when required. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Certifications relevant to services supported. Certifications carry additional weightage on the candidate’s qualification for the role. CCNA certification in must, CCNP in Security or PCNSE certification is good to have. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties. Workplace type : On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Managed Services Cross Technology Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their IT infrastructure and systems remain operational through proactively identifying, investigating, and resolving technical incidents and problems and restoring service to clients by managing incidents to resolution. The primary objective of this role is to ensure zero missed service level agreement conditions. The Managed Services Cross Technology Engineer (L1) focuses on first-line support for standard and low complexity incidents and service requests. This role focusses across two or more technology domains such as (but not limited to) Cloud, Security, Networking, Applications and / or Collaboration. The Managed Services Cross Technology Engineer (L1) may also contribute to / support on project work as and when required. What you'll be doing Key Responsibilities: Monitors client infrastructure and solutions. Identifies problems and errors prior to or when they occur. Routinely identifies common incidents and opportunities for avoidance as well as general opportunities for incident reduction. Investigates first line incidents assigned and identifies the root cause of incidents and problems. Provides telephonic or chat support to clients when required. Schedules maintenance activity windows for patching and configuration changes. Follows the required handover procedures for shift changes to ensure service continuity. Reports and escalates incidents where necessary. Ensures the efficient and comprehensive resolutions of incidents and requests. Updates existing knowledge articles or create new ones. Identifies opportunities for work optimization including opportunities for automation of work, request fulfilment, incident resolution, and other general process improvement opportunities. May also contribute to / support on project work as and when required. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience) Certifications relevant to the services provided (certifications carry additional weightage on a candidate’s qualification for the role) Relevant certifications include which are considered desirable (but not limited to): CCNA or relevant level 1 Network Security Microsoft Certified, Azure Administrator Associate AWS Certified, Solutions Architect Associate Veeam Certified Engineer VMware certified Professional: Data Centre Virtualization Zerto, pure, vxrail Google Cloud Platform (gcp) Oracle Cloud Infrastructure (oci) Required Experience: Entry-level experience with troubleshooting and providing the support required in security / network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization. Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (i.e. Security, Network, Data Centre, Telephony, etc.). Basic knowledge of ITIL processes. Workplace type : On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Technical Services Implementation Engineer (L2) is a developing subject matter expert, responsible for ensuring that client solution requirements are resolved in line with Service Level Agreements (SLA). This role performs configurations, action installations and attend to break/fix events. What you'll be doing Key Responsibilities: B.E. /B. Tech in Computer Science/ Electronics /ECE / EE / ECS / IT Engineering/MCA/BCA At least one SIEM solution certifications with one or more SIEM/ Security solutions (i.e., RSA NetWitness, Splunk ES, Elastic ELK, HP ArcSight, IBM QRadar Log Rhythm). At least one L3 level security certifications viz. CCIE/CISSP/CISA/CCNP etc. Minimum 7 years of experience in handling security related products& services in an organization and out of total experience, 5 years of minimum experience should be as an L2 in SOC management. Person should have adequate knowledge of Check point firewall and IPS and Cisco firewall and IPS, McAfee IPS, Web Application Firewall, DDOS and other security devices Administration of SIEM environment (eg: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration management, change management, report management, manage backup and recovery etc) Construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables) Integration of customized threat intelligence content feeds provided by the Threat Intelligence & Analytics service Identifies possible sensor improvements to prevent incidents Collects/updates threat intelligence feeds from various sources Creates situational awareness briefings Co-ordinates with the different departments for incident analysis, containment and remediation Liaise with Security monitoring team to discover repeatable process that lead to new content development Provides engineering analysis and architectural design of technical solutions Device integration, Creation of Co relation rules and Parser development Sound analytical and troubleshooting skills Good Team Management and co-ordination skills Academic Qualifications and Certifications: Bachelor's degree or equivalent in Computer Science / Information Technology Degree or equivalent together with specialized training in new technologies and legacy systems or equivalent. Required Experience: Moderate level of experience in a technical implementation engineering or similar role. Demonstrated experience engaging with clients and conducting presentations. Demonstrated project administration and documentation experience. Workplace type : Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.