394 Qradar Jobs - Page 16

https://zrec.in/jXrSD?source=CareerSite

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Senior (CTM – Threat Detection & Response) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBAMinimum of Splunk Power User CertificationGood knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc.Perform remote and on-site gap assessment of the SIEM solution.Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulationsConduct interview with stakeholders, review documents (SOPs, Architecture diagrams etc.) Evaluate SIEM based on the defined criteria and prepare audit reportsGood experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment.Understand customer requirements and recommend best practices for SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operationsDesign and document a SIEM solution to meet the customer needsExperience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsersVerification of data of log sources in the SIEM, following the Common Information Model (CIM)Experience in parsing and masking of data prior to ingestion in SIEMProvide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolutionAssist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sourcesAssist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEMExperience in handling big data integration via SplunkExpertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systemsHands-on experience in development and customization of Splunk Apps & Add-OnsBuilds advanced visualizations (Interactive Drilldown, Glass tables etc.)Build and integrate contextual data into notable eventsExperience in creating use cases under Cyber kill chain and MITRE attack frameworkCapability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications.Experience in installation, configuration and usage of premium Splunk Apps and Add-ons such as ES App, UEBA, ITSI etcSound knowledge in configuration of Alerts and Reports.Good exposure in automatic lookup, data models and creating complex SPL queries.Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirementWork with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification and prioritization recommendationsExperience in creating custom commands, custom alert action, adaptive response actions etc. Qualification & experience: Minimum of 3 to 6 years’ experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting.Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary.Must have knowledge of Vulnerability Management, Windows and Linux basics including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting.Good to have below mentioned experience with designing and implementation of Splunk with a focus on IT Operations, Application Analytics, User Experience, Application Performance and Security ManagementMultiple cluster deployments & management experience as per Vendor guidelines and industry best practicesTroubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issuesCertification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantageCertifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Key Responsibilities Design and deliver cybersecurity training programs (online or in-person) Create course materials, labs, and assessments aligned with industry standards Train students on cybersecurity fundamentals, ethical hacking, SOC analysis, SIEM tools, network security, and more Stay current with the latest cybersecurity trends, tools, and threats Support students during practical sessions, helping troubleshoot and explain real-world scenarios Evaluate student progress and provide constructive feedback Customize training content for different audiences (entry-level to advanced) Maintain records of attendance, assessments, and certifications Required Skills & Qualifications Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field (or equivalent experience) 2+ years of hands-on cybersecurity experience (SOC, penetration testing, incident response, etc.) Experience in teaching, training, mentoring, or technical presentations Strong knowledge of: Network security concepts Ethical hacking tools (e.g., Kali Linux, Metasploit) Security frameworks (e.g., NIST, MITRE ATT&CK) SIEM tools (e.g., Splunk, QRadar) Excellent communication and presentation skills Industry certifications preferred: CompTIA Security+, CEH, CISSP, CISA, or similar Job Types: Full-time, Part-time Pay: ₹15,000.00 - ₹20,000.00 per month Schedule: Evening shift Monday to Friday Morning shift Rotational shift Weekend availability Work Location: In person

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Technical Services Implementation Engineer (L2) is a developing subject matter expert, responsible for ensuring that client solution requirements are resolved in line with Service Level Agreements (SLA). This role performs configurations, action installations and attend to break/fix events. What You'll Be Doing Key Responsibilities: B.E. /B. Tech in Computer Science/ Electronics /ECE / EE / ECS / IT Engineering/MCA/BCAAt least one SIEM solution certifications with one or more SIEM/ Security solutions (i.e., RSA NetWitness, Splunk ES, Elastic ELK, HP ArcSight, IBM QRadar Log Rhythm). At least one L3 level security certifications viz. CCIE/CISSP/CISA/CCNP etc. Minimum 7 years of experience in handling security related products& services in an organization and out of total experience, 5 years of minimum experience should be as an L2 in SOC management. Person should have adequate knowledge of Check point firewall and IPS and Cisco firewall and IPS, McAfee IPS, Web Application Firewall, DDOS and other security devicesAdministration of SIEM environment (eg: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration management, change management, report management, manage backup and recovery etc)Construction of SIEM content required to produce Content Outputs (e.g., filters, active lists, correlation rules, reports, report templates, queries, trends, variables)Integration of customized threat intelligence content feeds provided by the Threat Intelligence & Analytics serviceIdentifies possible sensor improvements to prevent incidentsCollects/updates threat intelligence feeds from various sourcesCreates situational awareness briefingsCo-ordinates with the different departments for incident analysis, containment and remediationLiaise with Security monitoring team to discover repeatable process that lead to new content developmentProvides engineering analysis and architectural design of technical solutionsDevice integration, Creation of Co relation rules and Parser developmentSound analytical and troubleshooting skillsGood Team Management and co-ordination skills Academic Qualifications and Certifications: Bachelor's degree or equivalent in Computer Science / Information Technology Degree or equivalent together with specialized training in new technologies and legacy systems or equivalent. Required Experience: Moderate level of experience in a technical implementation engineering or similar role. Demonstrated experience engaging with clients and conducting presentations. Demonstrated project administration and documentation experience. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Job Description: Senior Security Solutioning Architect Responsible for Security solution development, competitive costing, commercial proposition integration and business case alignment of Enterprise Security Services solutions supporting client business, applications and/or information technology environments. Have experience to influence client evaluation criteria and decision making. Solution scope includes ongoing delivery of services, Security and compliance requirements, services startup and transition, initial people, technology and process transformation as well as ongoing refresh, meeting client's specifications, strategic direction, technology context, and business needs. Confidently articulates all aspects of solution and convincingly communicates value to the stakeholders & client. Works individually, in teams or as leader, to determine customer requirements in complex and often ambiguous outsourced environments. Interacts effectively with team, pursuit leaders, internal governance and business leadership to advance sales efforts. Responsibilities: Opportunity Analysis: Understands which security offerings best address customer needs and business requirements Ongoing qualification of solution merits. Solution Design and Development: Provides security solutions to meet client requirements and is able to adapt to new requirements. Address Security and Compliance requirement. Identifies and evaluates value- add alternatives, solutions to those alternatives. Optimizes security solutions plus broader customer IT strategy. Takes end to end view of solution, ensuring elements within their responsibility deliver against the defined business outcomes, using standard components. Works with financial analysts to validate results versus applicable criteria. Captures and highlights Risks and any associated costs. Models multiple offerings/components of security domains. Understands interaction of deal variables (compliance, volumes, services, service level agreements, locations, and more) between tower components. Delivers and owns, accurate financial models that are logically structured and reflect the technical solution. Solution Leadership: Experience in Directing solution activities, decisions. Ability to lead service element integration within tower, tower sub-component volume tradeoffs. Provides security solutions to meet client needs inclusive of Regulatory and Compliance requirement and is able to adapt to new requirements. Solution-Pursuit Integration Anticipates, communicates and solutions to optimize inter-tower dependencies, overlaps, staff sharing, and more. Effectively integrates client tools, process adoption and delivery startup/transition need. Clearly defines all risks through governance process and works to mitigate. Client/Customer/Account Relationship Understands and addresses CISO / CxO issues. Applies consultative selling techniques to advance opportunities. Participates in/supports negotiation of technical contract elements. Provides solution advice, drives proposals, presentations, and other customer communications during pursuit. Input to security offering teams to bring in changes to offerings as per latest security trends and compliance needs. Education and Experience Required: Total experience of 12+ years in IT Security, mainly on security pre-sales, solution selling Technical university or Bachelor preferred Good exposure to Pre-Sales role involved in Cyber Security Solutioning and understands the Security Market Involvement in architecting and proposing the cyber security solutions to customer, experience in Managed Security Services market Knowledge and Skills: Demonstrates a broad knowledge of outsourcing services and solutions, with expertise in area of specialization. Preferably having any one of Security certifications like – CISSP, CCSP, CISA AND Security Product certifications. ITIL and PMP certifications are good to have. List of security domains on which solutioning exposure is required. Should be master in few (atleast in one) of the security domains backed up hand-on experience in both delivery and pre-sales. SIEM - MS Sentinel / SUMO / Splunk / QRadar IDM – Sailpoint / Forgerock / CyberArk / Microsoft / Broadcom / Okta APT Solution – Micorsoft / FireEye / PaloAlto / Checkpoint MDR / EDR Solution - Crowdstrike / Carbon black / Microsoft Endpoint Security - Symantec / McAfee / Trend Micro / Microsoft Network Security – PaloAlto / Checkpoint / Fortinet / Cisco GRC tools Cloud Security Good understanding of Security Risk & Compliance domain, Regulatory and Compliance requirements Awareness of Security Alliance partner offerings and directions, current industry news. Demonstrates thought leadership in Security domain. Demonstrates ability to work as the lead for components of large complex projects. Has in-depth understanding of the product and services portfolio roadmaps of multiple business units. Experience to handle POCs Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here .

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role We are seeking a highly skilled Security Analyst (Level 2) to join our MSSP SOC team. The ideal candidate will have expertise in SIEM (Splunk, QRadar), XDR/EDR solutions, and security analysis with hands-on experience in investigating and responding to security alerts. This role requires proficiency in reviewing and analyzing Level 1 alerts, providing detailed recommendations, and engaging with customers for incident handling. The candidate should also have basic SIEM administration knowledge and Python scripting skills for troubleshooting and playbook development. Key Responsibilities Threat Detection & Response: Analyze and investigate security alerts, events, and incidents generated by SIEM, XDR, and EDR solutions.Incident Investigation & Handling: Conduct in-depth security incident investigations, assess impact, and take appropriate actions. Incident Escalation & Communication: Escalate critical incidents to Level 3 analysts or senior security teams while maintaining detailed documentation.Content Management: Develop and fine-tune correlation rules, use cases, and alerts in SIEM/XDR platforms to improve detection accuracy.Malware Analysis: Perform basic malware analysis and forensic investigation to assess threats.Customer Request Handling: Collaborate with customers to address security concerns, provide recommendations, and respond to inquiries.SIEM Administration: Assist in the administration and maintenance of SIEM tools like Splunk or QRadar, ensuring smooth operations.Automation & Playbooks: Utilize Python scripting for automation, troubleshooting, and playbook development to enhance SOC efficiency.Reporting & Documentation: Prepare detailed reports on security incidents, trends, and mitigation strategies. Basic Qualifications B.E/B. Tech degree in computer science, Information Technology, Masters in Cybersecurity3+ years of experience in a SOC or cybersecurity operations role.Strong knowledge of SIEM tools (Splunk, QRadar) and XDR/EDR solutions.Hands-on experience in threat detection, security monitoring, and incident response.Knowledge of network security, intrusion detection, malware analysis, and forensics.Basic experience in SIEM administration (log ingestion, rule creation, dashboard management).Proficiency in Python scripting for automation and playbook development.Good understanding of MITRE ATT&CK framework, security frameworks (NIST, ISO 27001), and threat intelligence.Strong analytical, problem-solving, and communication skills.Ability to work in a 24x7 SOC environment (if applicable) Preferred Qualifications Certified SOC Analyst (CSA)Certified Incident Handler (GCIH, ECIH)Splunk Certified Admin / QRadar Certified AnalystCompTIA Security+ / CEH / CISSP (preferred but not mandatory Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.

Security Operations Centre (SOC) - Lead Location: Pune(Aundh/Baner),India (On-site, In-House SOC)Department: Security Operations CenterExperience: 4–6 YearsWork Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview:We are looking for an experienced and technically strong SOC Lead / Senior Engineer who will own and manage the core administration, tuning, detection engineering, and incident response infrastructure within the Security Operations Center. This is a hands-on technical role for someone who thrives in a high-paced, cloud-first environment and has expertise in SIEM (QRadar), XDR (CrowdStrike), DLP (Netskope), Deception (Canary), TIP/SOAR, and AWS Security. Key Responsibilities:Monitor, investigate, and close security incidents using QRadar SIEM, with deep expertise in offense triage and management.Administer and fine-tune configurations across multiple security platforms including QRadar, CrowdStrike XDR, Netskope DLP, Canary, Sysdig/Falco, and G-Suite Security to ensure optimal performance.Architect and deploy new SIEM content such as correlation rules, filters, dashboards, active lists, reports, and trends based on threat intelligence and business needs.Lead use case design and development for new detections based on the evolving threat landscape and attack techniques (MITRE ATT&CK alignment).Own the log onboarding lifecycle, including parsing, normalization, and enrichment for diverse AWS services and third-party SaaS platforms.Manage SLAs for incident detection, escalation, and resolution; ensure robust reporting and analytics for SOC operations.Conduct advanced threat hunting, packet-level analysis, and proactive detection activities using telemetry and behavioral analytics.Integrate and manage SOAR and TIP tools to drive automation and enrichment in incident response workflows.Lead vulnerability assessments and penetration testing activities in collaboration with infrastructure and DevSecOps teams.Develop and test incident response plans (IRPs) and playbooks for high-impact scenarios like ransomware, insider threats, and data exfiltration.Stay abreast of the latest threats, vulnerabilities, and exploits; conduct periodic threat briefings and internal knowledge transfers.Maintain detailed documentation of configurations, security procedures, SOPs, incident reports, and audit logs.Mentor junior SOC analysts and provide technical guidance during critical incidents and escalations.Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management.Experience in Designing and deploying use cases for SIEM and other security devices.Continuously monitor security alerts and events to identify potential security incidents or threats. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary.Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.).Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation.Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats.Ensure all actions are compliant with internal policies, security standards, and regulatory requirements.Required Skills & Experience:Minimum 4 years of experience in SOC operations, including administrative expertise in SIEM platforms (preferably QRadar).Strong hands-on knowledge of SIEM tuning, content development, threat detection, and incident handling.Expertise in 3 or more of the following: SIEM (QRadar), XDR (CrowdStrike), SOAR/TIP Platforms, DLP (Netskope), Cloud Security (AWS), Deception Technology (Canary)Experience with network traffic analysis, packet capture tools, and deep dive investigations.Strong analytical, problem-solving, and decision-making skills.Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS Controls.Preferred Qualifications:Professional certifications such as GCIA, GCED, GCIH, CEH, CCSP, AWS Security Specialty, or QRadar Certified Specialist.Prior experience in managing an in-house 24x7 SOC or leading shift teams.What We Offer:Work on a modern cloud-native security stack in a dynamic FinTech environment.Opportunity to lead security engineering and detection strategy for critical financial platforms.Be part of a tight-knit, expert-level team with a strong learning and innovation culture.Competitive salary, performance-based incentives, and growth opportunities.

Job Title: SOC Manager Location: Mumbai Experience: 5+ for L2 role, 8+ SOC Manager role Industry: Cybersecurity / Managed Security Service Provider (MSSP) Job Summary We are seeking a highly skilled and experienced SOC Manager to lead our Security Operations Center. The ideal candidate must have hands-on experience working in or managing operations for a Managed Security Services Provider (MSSP). You will be responsible for overseeing day-to-day SOC operations, leading a team of analysts, and ensuring proactive monitoring, detection, and response to security threats across client environments. Key Responsibilities Lead and manage 24x7 SOC operations, including Tier 1, Tier 2, and Tier 3 analysts. Develop and implement SOC processes, playbooks, and incident response procedures. Oversee threat intelligence, detection engineering, and use case development. Ensure SLAs and KPIs are met across all MSSP service deliveries. Collaborate with client stakeholders to communicate threat landscape, incidents, and security posture. Act as an escalation point during critical incidents and ensure proper incident lifecycle management. Evaluate and optimize SIEM, SOAR, and threat detection platforms. Conduct regular risk assessments, gap analysis, and SOC maturity evaluations. Mentor and upskill SOC team members to maintain high performance. Required Skills & Qualifications Bachelor’s degree in Computer Science, Information Security, or related field. Mandatory experience in an MSSP environment handling multiple client environments. Strong understanding of security operations, SIEM, SOAR, IDS/IPS, endpoint protection, firewalls, and threat intel platforms. Proficient in incident detection, analysis, containment, eradication, and recovery. Hands-on experience with tools like Splunk, QRadar, ArcSight, IBM Resilient, CrowdStrike, etc. In-depth knowledge of MITRE ATT&CK, NIST, ISO 27001, and other security frameworks. Excellent leadership, communication, and stakeholder management skills. Relevant certifications preferred: CISSP, CISM, CEH, GCIA, GCIH, or SOC-related certifications. Nice to Have Experience in managing global SOCs or distributed teams. Exposure to compliance requirements such as GDPR, PCI-DSS, HIPAA, etc. Knowledge of scripting (Python, Bash) or automation tools to improve SOC efficiency. Skills: firewalls,stakeholder management,mssp operations,endpoint protection,threat intelligence,soc leadership,soc,platforms,communication,management,soar,ids/ips,splunk,cybersecurity,leadership,iso 27001,ibm resilient,mitre att&ck,operations,nist,bash,crowdstrike,python,incident detection,security,skills,arcsight,security operations,qradar,siem

About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience Role & responsibilities: The candidate should be hands-on in managing Security Operations, SOC, Identify access management, Risk Management Should have worked on Blueprinting and Designing of SOC frameworks and implementation of SOC/SIEM solution and Enterprise Architecture Should be hands-on on security processes with good client and Market facing experience in India geography Should have worked on Designing, solutioning and Implementation of Cyber Security Frameworks - Security Operations Strategy, Vulnerability Management - Application & Infrastructure and Threat Intelligence and Analytics Preferred candidate profile : Should have worked on the below - M&A experience - Actively monitoring, analyzing & escalating SIEM alerts based on correlation rules, Active threat hunting on network flow, user behavior and threat intelligence Candidate should have expert level domain knowledge (Cyber Security), Threat Hunting, SIEM - Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm/Qradar ), Ability to Comprehend Logs (HTTP, SMTP, Network), Operating systems and servers, Organizes Technical Sessions / Talks. Candidate should able to familiar with python Scripting & Windows Active Directory (Optional). Vulnerability Management Services - External & internal Vulnerability scanning, VMS tool Qualys & Kenna Administration, Application server & Vulnerability scanning Candidate should have expert level domain knowledge (Cyber Security), Vulnerability scans and recognizing vulnerabilities in security systems, Network analysis tools to identify vulnerabilities, Develop insights about the context of an organizations threat environment, Risk management processes, Network attack and a network attacks relationship to both threats and vulnerabilities. Candidate should have advance level understanding of Impact/risk assessments. Security Operations and Management experience - SOC Experience in Identity access, privilege access, vulnerability management Client facing - front end with the client- focused on engagements + Sales, BD + Capability Development Qualification: B.Tech / M.Tech/ MCA professional with 9-12 years of experience in the relevant role Should have strong hands on MS Power Point and MS Project Hands on experience and certification in any one SIEM (IBM QRadar, ArcSight, Azure Sentinel, Splunk) Security Certifications like CISSP, CISM, GIAC, Security+ etc Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Cybersecurity Specialist Summary Apply Now vijayawada Full-Time 5+ Years Industry IT/Security Responsibilities Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. About The Role Develop and manage security measures for networks, systems, and applications. The role includes conducting regular security audits and responding to security incidents. Qualifications Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. Skills Expertise in network security, firewalls, and intrusion detection systems. Proficiency in SIEM tools like Splunk or QRadar. Strong knowledge of compliance standards (ISO, NIST). Experience with vulnerability assessment and penetration testing.

DevOps Engineer Summary Apply Now Full-Time 4-6 years Responsibilities Automate and streamline deployment processes using CI/CD tools. Manage and monitor cloud infrastructure and services. Implement security measures and compliance in DevOps processes. Collaborate with development and operations teams to improve system performance. Troubleshoot and resolve infrastructure and deployment issues. Qualifications Automate and streamline deployment processes using CI/CD tools. Manage and monitor cloud infrastructure and services. Implement security measures and compliance in DevOps processes. Collaborate with development and operations teams to improve system performance. Troubleshoot and resolve infrastructure and deployment issues. Skills Strong knowledge of firewalls, VPNs, IDS/IPS, and security protocols. Experience with SIEM tools (Splunk, QRadar). Proficiency in risk assessment and management. Understanding of compliance standards (ISO, NIST, GDPR). Excellent analytical and problem-solving abilities.

About The Role : Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience Requirements 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Req ID: 313359 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a AD - Systems Engineering Specialist to join our team in Noida, Uttar Pradesh (IN-UP), India (IN). Role Responsibilities Incidents response of Active Directory, Azure AD, and OS/server tickets Group policy administration and implementation Reporting and review of all connectivity, synchronization, replication within Active Directory DNS health and performance Sites and services - Missing or incorrectly assigned subnets NTP Reporting, configuration and accuracy Monitoring/reporting/reviewing all metrics and changes around netlogon, NTDS Database partitions, DNS settings, SRV records, Trust relationships Review of domain controllers, application, and security events to find any issues or trends Work with security teams to respond to emergency or critical vulnerabilities, patching or changes as required Response to NON-AD or believed to be AD related issues such as 3rd party application authentication issues, windows/RDP login issues, LDAP query issues, Kerberos errors, NTP errors. Windows Server OS maintenance, Patching, Upgrades, Hardware tickets, troubleshooting On-call rotation Required to have flexibility in schedules - First, Second, Third shifts available Required Qualifications 5+ years of relevant experience Strong knowledge of Active Directory, Window Server OS, Network, Firewall Basic understanding of Azure AD, Azure SSO, Azure MFA Strong knowledge of Group Policy VMware Basic understanding Strong troubleshooting skills Basic PowerShell Commands/scripting Preferences Ideally certifications from one of the followingSecurity+, Microsoft, AWS Strong Azure AD, Azure SSO, Azure MFA skills Advanced PowerShell scripting Undergraduate degree Strong understanding of networking technologies Advanced knowledge of network security that pertains to communications, computer system environments and related infrastructures About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies.Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us atus.nttdata.com NTT DATA endeavors to make https://us.nttdata.comaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here. Job Segment System Administrator, Consulting, Database, Technology

Managed Services SOC Manager Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

Tech Lead (Python) Experience: 7 - 10 Years Exp Salary : INR 20-22 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Onsite (Bengaluru) Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : Python, flask Good to have skills : Cloud Computing, Django, QRadar, SIEM tools, Splunk, Linux, GIT, FastAPI, RestAPI Sacumen (One of Uplers' Clients) is Looking for: Tech Lead (Python) who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description We are looking for a Tech lead to join our cutting-edge development team as it grows. We want someone who is comfortable asking why? The ideal candidate is a divergent thinker who understands industry best practices and has experience with multiple coding languages. They are a team player possessing good analytical as well as technical skills. They are able to communicate and understand the logic behind technical decisions to non-tech stakeholders. They must be comfortable working in an agile environment and have the ability to take the wheel when necessary. Responsibilities Gather and analyze user requirements. Create clear technical specifications for reference and reporting. Analyze the third-party applications and identify the components to be integrated. Create innovative, scalable, fault-tolerant software solutions for our customers. Validate and ensure defined unit tests code coverage is achieved. Do code quality checks and code reviews regularly to ensure safe and efficient code. Ensure the setup of the deployment infrastructure and test environments. Work closely with project managers, teams, systems architects, and sales and marketing professionals to deliver project objectives. Continuously look to improve the organization's standards. Expand existing software to meet the changing needs of our key demographics. Requirements A Bachelors / Masters Degree in Engineering or Information Technology. 7-10 years of software development experience with 4+ years of experience with the Python programming language. A thorough understanding of computer architecture, operating systems, and data structures. An in-depth understanding of the Internet, Cloud Computing & Services, and REST APIs. Must have experience with any one of the python frameworks like Flask / FastAPI / Django REST. Must know GIT and Python virtual environment. Must have experience with python requests module. Should have experience with creating and using python third-party libraries. Familiarity with SIEM tools like the Qradar app / Splunk app and Splunk add-on will be an advantage. Experience working with Linux/Unix and shell scripts. A meticulous and organized approach to work. A logical, analytical, and creative approach to problem-solving. A thorough, detail-oriented work style. Interview Process - Technical Round 1 (Tech Discussion / Problem Solving) Technical Round 2 (Techno Managerial Round) CEO Round HR Round How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: The Company is a wholly-owned subsidiary of USA, (www.opus.global) is in the process of setting up a software development team in India. The team collectively should have the following skill set. The company has become the leader in providing professionally managed solutions for centralized and decentralized I/M programs by applying leading-edge technology to data management, safety and emissions testing and diagnostic equipment, on-road Remote Sensing, and wireless Remote OBD monitoring. Opus has operations on four continents. We are among the top companies in Vehicle Inspection and a leader in Intelligent Vehicle Support. About Uplers: Our goal is to make hiring and getting hired reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant product and engineering job opportunities and progress in their career. (Note: There are many more opportunities apart from this on the portal.) So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!

Security Operations Centre (SOC) - Lead Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 4-6 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: We are looking for an experienced and technically strong SOC Lead / Senior Engineer who will own and manage the core administration, tuning, detection engineering, and incident response infrastructure within the Security Operations Center. This is a hands-on technical role for someone who thrives in a high-paced, cloud-first environment and has expertise in SIEM (QRadar), XDR (CrowdStrike), DLP (Netskope), Deception (Canary), TIP/SOAR, and AWS Security. Key Responsibilities: Monitor, investigate, and close security incidents using QRadar SIEM , with deep expertise in offense triage and management. Administer and fine-tune configurations across multiple security platforms including QRadar, CrowdStrike XDR, Netskope DLP, Canary, Sysdig/Falco, and G-Suite Security to ensure optimal performance. Architect and deploy new SIEM content such as correlation rules, filters, dashboards, active lists, reports, and trends based on threat intelligence and business needs. Lead use case design and development for new detections based on the evolving threat landscape and attack techniques (MITRE ATT&CK alignment). Own the log onboarding lifecycle, including parsing, normalization, and enrichment for diverse AWS services and third-party SaaS platforms. Manage SLAs for incident detection, escalation, and resolution; ensure robust reporting and analytics for SOC operations. Conduct advanced threat hunting, packet-level analysis, and proactive detection activities using telemetry and behavioral analytics. Integrate and manage SOAR and TIP tools to drive automation and enrichment in incident response workflows. Lead vulnerability assessments and penetration testing activities in collaboration with infrastructure and DevSecOps teams. Develop and test incident response plans (IRPs) and playbooks for high-impact scenarios like ransomware, insider threats, and data exfiltration. Stay abreast of the latest threats, vulnerabilities, and exploits; conduct periodic threat briefings and internal knowledge transfers. Maintain detailed documentation of configurations, security procedures, SOPs, incident reports, and audit logs. Mentor junior SOC analysts and provide technical guidance during critical incidents and escalations. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Experience in Designing and deploying use cases for SIEM and other security devices. Continuously monitor security alerts and events to identify potential security incidents or threats. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience: Minimum 4 years of experience in SOC operations, including administrative expertise in SIEM platforms (preferably QRadar). Strong hands-on knowledge of SIEM tuning, content development, threat detection, and incident handling. Expertise in 3 or more of the following: SIEM (QRadar), XDR (CrowdStrike), SOAR/TIP Platforms, DLP (Netskope), Cloud Security (AWS), Deception Technology (Canary) Experience with network traffic analysis, packet capture tools, and deep dive investigations. Strong analytical, problem-solving, and decision-making skills. Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS Controls. Preferred Qualifications: Professional certifications such as GCIA, GCED, GCIH, CEH, CCSP, AWS Security Specialty, or QRadar Certified Specialist. Prior experience in managing an in-house 24x7 SOC or leading shift teams. What We Offer: Work on a modern cloud-native security stack in a dynamic FinTech environment. Opportunity to lead security engineering and detection strategy for critical financial platforms. Be part of a tight-knit, expert-level team with a strong learning and innovation culture. Competitive salary, performance-based incentives, and growth opportunities.

Cyber and 3rd party risk manager About Amgen Amgen harnesses the best of biology and technology to fight the world’s toughest diseases, and make people’s lives easier, fuller and longer. We discover, develop, manufacture and deliver innovative medicines to help millions of patients. Amgen helped establish the biotechnology industry more than 40 years ago and remains on the cutting-edge of innovation, using technology and human genetic data to push beyond what’s known today. What you will do Role Description This is a lead role to support the risk management product team in identifying, analyzing, and mitigating IT-related risks to the organization. This role will involve working closely with various departments to ensure that risk controls are in place, policies are adhered to, and security standards are met. The IT Risk Analyst will assist in developing and maintaining risk management frameworks, performing assessments, and supporting regulatory compliance efforts. Roles & Responsibilities Risk Management Leadership Support the global risk management and third-party organization in leading a team of risk analysts performing tasks related to the global risk assessment processes. Risk Identification and Assessment: Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies. Assist in the identification and evaluation of risks associated with third-party vendors and partners. Maintain the IT risk register, documenting risks, issues, and remediation actions. Risk Mitigation and Monitoring: Recommend risk mitigation strategies and implement risk management controls across IT infrastructure. Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks and vulnerabilities. Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST). Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices. Support the development and implementation of IT governance, risk, and compliance frameworks. Vendor Risk Management: Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications and Experience Education: Bachelor’s degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable. Experience 4-6 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools and frameworks (e.g., ISO 27001, NIST, COBIT). Skills and Competencies: Strong understanding of IT infrastructure, systems, and security best practices. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex risk concepts to non-technical stakeholders. Ability to assess and interpret security-related clauses in third-party contracts, such as Security Requirements Schedules (SRS) Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). Technical Knowledge: Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills Collaboration with global teams What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

SOC Analyst Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 1-3 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: As a SOC Analyst, you will be part of our in-house 24x7 Security Operations Centre based in Pune. You will be responsible for monitoring, analyzing, and responding to security incidents and alerts using cutting-edge security technologies and platforms. This role is a great opportunity to grow in a fast-paced FinTech environment leveraging tools like QRadar SIEM, CrowdStrike XDR, Netskope DLP, AWS Cloud Security, Sysdig, Falco, Canary Tokens, and G-Suite Security and other security solutions. Key Responsibilities: Continuously monitor security alerts and events using QRadar SIEM , CrowdStrike , Falco , and other integrated tools. Perform initial triage and analysis to assess the nature and severity of potential security incidents. Escalate incidents in line with established procedures and severity levels. Create, update, and manage incident tickets throughout their lifecycle using ticketing systems. Analyze logs and security data from various sources, including AWS Cloud , G-Suite , and endpoint solutions. Assist in proactive threat hunting and detection of malicious activity across systems and applications. Technical experience working in a SOC and cybersecurity incident response. Generate daily, weekly, and ad-hoc reports detailing SOC operations and incident statistics. Support 24x7 operations by participating in rotational shifts, including nights and weekends. Understanding of AWS Services for security detection and mitigation. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience : 1-3 years of hands-on experience in SOC operations or cyber security monitoring. Exposure to SIEM tools, preferably IBM QRadar . Experience with Endpoint Detection & Response (EDR) solutions such as CrowdStrike . Familiarity with DLP (preferably Netskope) and cloud-native security tools. Working knowledge of Linux/Unix command line and scripting basics. Understanding of AWS Cloud Security concepts . Knowledge of TCP/IP, DNS, HTTP, and other networking protocols. Familiarity with common attack vectors and threat landscape (MITRE ATT&CK framework is a plus). Good to Have: Experience with Falco , Sysdig , or other container security tools. Exposure to Canary tokens or deception technologies. Basic certifications such as CompTIA Security+, CEH, AWS Security Specialty, or CrowdStrike CCFA . What We Offer: Opportunity to work with modern cloud-native security stack. Learn and grow in an innovative FinTech environment. Mentorship and training on advanced threat detection and response practices. Strong team culture focused on collaboration and technical excellence. Competitive salary and shift allowances.

Job description Ensure the development of policies, procedures & documentations. Establish, document, and manage the scope, schedule and resource allocation for projects and sustaining activities to ensure successful project execution. Implement and maintain integrated work schedules and plans which ensure that the necessary deliverables are ready & available. Oversee the daily operations of 24X7X365 Security Operations Center, Develop & maintain SOC documentations, produce relevant cyber security metrics that allow the SOC to provide Executive Leadership with metrics. Support Security Analysts monitoring the network and answering phone calls and emails, about cyber operations to respond to, analyse, and manage the response to cyber incidents affecting the client information and information systems in accordance with the client Incident Response Plan (IRP). Ensure the service quality as per SLA. SOC manager should have a good command over information security solutions and SIEM architecture so that he/she will be able to effectively guide the onsite team on the operations and provide the Bank necessary insights and advice in order to improve the information security posture of the Bank. SOC manager is responsible for overall management of SOC and its operations. Following are the key responsibilities of this role: 1. Continuous review of the operations carried out by the SOC team. 2. Ensure that SOC team is fully compliant to the process defined. 3. Efficiently manage the escalation procedures followed by the SOC team. 4. Regularly monitor and review the incident and cases records. 5. Regularly track the Timeline compliance of the SOC activities. 6. Take measures to carry out SOC activities in an effective and efficient manner. 7. Regularly review the processes and procedures followed by the SOC team and propose changes if there is a scope for improvement. 8. Develop and evaluate metrics to measure the performance of the SOC team. 9. Present the security reports periodically to the IT security team and management. 10.Provide suggestions to add/remove log sources under monitoring scope. 12. Ensure the development of policies, procedures & documentations. 13. Establish, document, and manage the scope, schedule, and resource allocation for projects and sustaining activities to ensure successful project execution. 14. Implement and maintain integrated work schedules and plans which ensure that the necessary deliverers are ready & available, Oversee the daily operations of the 24x7x365 Security Operations Center. 15.Guide L2 Team to Develop and configure use cases on SOC monitoring tools concerning a specific log source upon integration. 16.Guide L2 Team Configure additional modules/packages on Qradar if there are any. 17.Guide L2 Team Develop Log Baseline for the log sources identified to be integrated with Qradar. 18.Guide L2 Team Set up a baseline security level for critical assets by means of Qradar vulnerability scans per quarter.