2856 Qradar Jobs - Page 15

Roles & Responsibilities The individual is responsible for providing a cybersecurity solution and subject matter expertise including design & architecture Act as a Cybersecurity lead within the Cybersecurity Practice and drive customer communications & engagements, opportunities, OEM communications Architect multi-stack and multi-layer cyber defense solutions, considering applicable framework and Zero Trust approach for global customers Work closely with the technical team to ensure that technical knowledge is maintained and that the project gets delivered as designed. Work with partner vendors and develop technical peer relationships. Proactively share knowledge with the team and supports t...

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Identity Access Management (IAM) Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams t...

Monitor and analyze security events and alerts from QRadar SIEM in real-time. Validate and prioritize alerts to identify true security incidents. Execute initial triage and enrichment through SOAR (e.g., IBM Resilient, Splunk SOAR, Cortex XSOAR, or similar). Escalate confirmed incidents to L2/L3 teams with detailed investigation notes. Maintain incident tickets and ensure proper documentation and closure. Support playbook execution and suggest improvements for automation workflows. Participate in daily shift handovers and maintain incident logs and dashboards. Required Skills & Qualifications: Education: Bachelor s degree in Computer Science, IT, or related field. 2 years of SOC monitoring e...

Education Qualification : B.Sc Skills : Primary -> Technology | Splunk SIEM Tool Administrator | Level 2 Support | 2 - Knowledgeable Primary -> Technology | Sentinel SIEM Tool Administrator | Level 2 Support | 2 - Knowledgeable Secondary -> Technology | Network Security Administrator | Level 2 Support | 2 - Knowledgeable Secondary -> Technology | Qradar SIEM Tool Administrator | Level 2 Support | 2 - Knowledgeable Certification : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC CIH/CSA/CompTIA CySA+/Cisco Certified CyberOps Associate/Splunk Core Certified User/IBM Certified SOC Analyst - IBM QRadar SIEM V7.3.2 Delivery Skills required ar...

Introduction In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your Role And Responsibilities We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment, configuration, and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations. The ideal candidate will play a critical role in enhancing security ...

Introduction In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your Role And Responsibilities We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment, configuration, and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations. The ideal candidate will play a critical role in enhancing security ...

Introduction In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your Role And Responsibilities We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment, configuration, and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations. The ideal candidate will play a critical role in enhancing security ...

Do you love the excitement and learning opportunity to study, analyse and deal with the most complex threats to digital security in today's world? Do you have the “learner” mindset, are willing to un-learn old skills and learn new ones every day? Are you excited by the potential of influencing the state of security of our entire company, every day? If yes, then this opportunity is for you. Responsible for the installation, maintenance, support and optimization of all security-related components Facilitate incident response and forensic investigations Apply countermeasures to mitigate evolving security threats Work with other teams to ensure platform hardening, security maintenance, and vulne...

About the Role: We are seeking a proactive SOC Analyst to monitor, detect, investigate, and respond to security incidents. The ideal candidate will work in our Security Operations Center (SOC) to ensure the overall security posture of our systems, applications, and networks. Key Responsibilities: 1. Monitoring & Threat Detection Monitor SIEM dashboards and alerts for suspicious or malicious activity. Analyze security alerts generated by firewalls, IPS/IDS, EDR/XDR, antivirus, and other security tools. Correlate multiple data sources to identify threats and false positives. 2. Incident Investigation & Response Triage and investigate security incidents following defined playbooks. Perform root...

We are seeking a highly skilled and detail-oriented Cyber Security Specialist to protect our organization's digital assets and infrastructure from cyber threats. The ideal candidate will have a strong background in network and information security, threat detection, incident response, and risk management. You will be responsible for implementing security measures, identifying vulnerabilities, and ensuring the overall integrity, confidentiality, and availability of data and systems. Key Responsibilities: Security Monitoring & Incident Response: Monitor security systems, logs, and alerts for unusual activity or breaches. Respond to and investigate security incidents and events in real time. Co...

Position Summary: The SOC Engineering and Operational Lead Engineer is responsible for the engineering and administration activities of SOC tools, such as SIEM, SOAR, and deception technology. Continuously focus on enabling Automations to Support SOC Tools Administrations & Security Incident Detections and response activities. Job Description: Daily Operational management of SOC Tools. (Including SIEM, SOAR..etc Components Infra Maintenance). Log, Alert & Enrichment sources integrations with SOC Tools. Co-ordinate with different stakeholders to understand the Integration sources to ensure appropriate baseline created and maintained as per industry standards. Ensure appropriate correlation ru...

Roles and Responsibilities Lead and manage a team of Security Analysts in a 24x7 Security Operations Center (SOC) environment Oversee daily operations to ensure effective monitoring, detection, analysis, and response to security incidents Prioritize and assign tasks, ensuring service level agreements (SLAs) and response times are met Act as an escalation point for complex or critical security incidents, guiding the team through investigation and resolution Coordinate shift schedules, workload distribution, and resource allocation for optimal SOC coverage Must-Have Skills: Minimum 7-10 years in IT Security with at least 3+ years leading SOC or Incident Response teams Proficiency in SIEM tools...

SIEM Engineer (Open-Source & Enterprise) – SOC Deployment & Tuning We’re looking for a SIEM Engineer with strong experience across open-source and enterprise SIEM platforms to support the deployment, optimization, and tuning of our SOC environment. What You’ll Do Deploy, configure, and integrate SIEM solutions (open-source + enterprise). Build and tune detection rules, dashboards, alerts, and use cases. Onboard diverse log sources and optimize data pipelines. Improve SOC visibility and reduce false positives through rule tuning. Work closely with SOC Analysts, IR, and Threat Hunters to enhance detections. Conduct health checks, troubleshoot ingestion issues, and maintain SIEM stability. Docu...

Job Title: Security Operations Center Manager - Cybersecurity Department: Cyber Security Employment Type: Full-Time (Work from Office) Shift: 24/7 Rotational Location: Greater Noida, Noida Experience: 8-15 Years Role Summary: The Security Operations Center Manager - Cybersecurity is responsible for end-to-end SOC operations including SLA governance, shift management, detection & response oversight, stakeholder communication, and process improvement. The role ensures 24/7 operational excellence, leads multi-level SOC teams, manages incidents, and drives SOC maturity, automation, and compliance. Key Responsibilities: Lead 24×7 SOC operations, ensuring SLA compliance and high-quality service de...

Job Description Job Title: SOC -2 Consultant Skills: AIG is looking for experienced soc 2 consultants on full/part time and contractual role. Preffered skills are- SOC monitoring, working knowledge in any of the SIEM tools like ArcSight , Qradar , Splunk , McAfee Nitro, Active monitoring of Security events using SIEM (based on standard operating procedure), CCNA / Security+/ Network+ CEH certified / SIEM technology certified (optional) (ArcSight , Qradar , Splunk , McAfee Nitro, Manage engine Log360), Knowledge of IPS/IDS, Knowledge of firewalls and intrusion detection systems, Strong analytical and problem solving skills, Knowledge of SIEM, IDS/IPS, Endpoint Protection, Firewalls, Proxy, Se...

Responsibilities: * Collaborate with incident response team on investigations. * Monitor SIEM, QRadar tools for security threats. * Respond promptly to security alerts. * Conduct regular threat hunting exercises.

Job Title: Senior Security Analyst Work Mode: Hybrid Preferred Location: Pan India Experience Required: Minimum 7+ years in Security Operations, Vulnerability Management Start Date: Immediate Company Description: cloudrho is an engineering-led business consulting and cloud engineering company headquartered in Texas, USA. We help enterprises align technology investments with business outcomes through architecture-driven solutions, cloud optimization, and platform modernization. Our expertise enables organizations to accelerate digital transformation, enhance operational efficiency, and drive sustainable growth across industries. Role Description: We are looking for an experienced Senior Secur...

Role: SOC Analyst (L2/L3) Experience: 4 -12 Year Location: Mumbai Job Description: Key Responsibilities: Perform real-time security monitoring, analysis, and incident response for enterprise systems, networks, and applications. Investigate security alerts and correlate events using SIEM tools (e.g., Splunk, QRadar, ArcSight, Azure Sentinel). Conduct threat hunting, log analysis, and root cause investigations for potential or actual incidents. Manage the incident response lifecycle — triage, containment, eradication, recovery, and post-incident review. Escalate incidents to higher levels (L3 or CSIRT) as per defined playbooks. Develop and tune correlation rules, dashboards, and detection use ...

Key Responsibilities: Incident Management: Lead and manage the end-to-end response to critical incidents and major incidents. Coordinate between teams to assess the incidents impact, scope, and urgency. Oversee and guide root cause analysis and the development of incident recovery and prevention measures. Ensure timely and accurate escalation of incidents to key stakeholders. Crisis Coordination and Communication: Act as the primary point of contact for all crisis incidents, maintaining clear and effective communication with both internal and external stakeholders. Keep senior management, affected teams, and relevant partners updated on incident status and resolution efforts. Create and dist...

So, what’s t he r ole all about? As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NiCE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it...

Area(s) of responsibility Roles And Responsibilities Monitor security alerts and events from SIEM and other various sources (SIEM, IDS/IPS, endpoint protection, firewalls, etc.) to identify potential threats Perform in-depth analysis of suspicious activities, malware, phishing, and network anomalies Respond to security incidents, conduct triage, containment, eradication, and recovery Document incident findings, create detailed reports, and contribute to post-incident reviews Collaborate with Tier 1 analysts to escalate and resolve complex incidents Investigate alerts using forensic tools, log analysis, network traffic analysis, and threat intelligence. Maintain and tune SIEM rules, dashboard...

Job Description Title: Cyber Security Analyst Work Location: Bangalore Work schedule: Rotational (2 days weekly off per week) Mode: Hybrid Job Summary: We are seeking a skilled and proactive Cyber Security Analyst to join our cybersecurity team. The Analyst will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents in real-time. This role involves working with advanced security tools, conducting initial triage, escalating threats, and helping to ensure the overall security of the organization's digital assets. Key Responsibilities: Monitor SIEM dashboards, alerts, and security logs to detect suspicious activities or policy violations. Perform initial ...

EXP - 8-10 Years Immediate Joiners also preferred. Purpose of the Role As a Senior Information Security Analyst supporting the Yum! Cybersecurity team, you will act as a primary escalation point within the SOC for the SIEM platform and major incident investigations. This is a global role that supports over 53,000 restaurants across 150+ countries. The role involves responding to, researching, and addressing complex network security events while collaborating with brand Security and IT teams, as well as third-party service providers. Occasional on-call duties may be required. Responsibilities Investigate and resolve escalated security alerts using enterprise SIEM platforms (e.g., QRadar). Doc...

1. Platform Administration:o Install, configure, and maintain LogRhythm SIEM platform components (collectors, processors, and storage). o Manage system updates, patches, and upgrades to ensure platform security and functionality. o Monitor the health and performance of the platform, ensuring high availability and reliability. o Troubleshoot and resolve issues related to the LogRhythm platform, including data ingestion, alerts, and reporting. o Perform periodic backups of configurations and ensure recovery processes are tested. 2. Security Monitoring & Event Management:o Work with the security operations team to tune and optimize event correlation rules, policies, and alerts. o Analyze and re...

Description: Location Mumbai or Pune Skills & Experience: Knowledge and exposure to endpoint security products Antivirus products like CrowdStrike Symantec McAfee PC Encryption (Sophos Safeguard Symantec PGP ) Endpoint Privilege Management (BeyondTrust etc) DLP Solutions (endpoint email and web etc..) Operation knowledge on Ticketing tools (Service Now ) Hands-on skill in Microsoft products knowledge (Server 20012 IIS) Networking Knowledge (Basic network and protocols/Network Routing/Network Switching.) Knowledge on Active directory and patch management (Microsoft system Interface) SIEM Tools (ArcSight IBM QRadar etc) Thorough knowledge of TCP/IP and file transfer protocols Knowledge on IDS ...