About The Role : Job Title- Engineer, Associate Location- Pune, India Role Description This role combines engineering expertise with operational excellence to enhance the security posture of DBs devices, servers, and cloud workloads. You will collaborate with cross functional teams to design strategies, deploy solutions, and address security challenges. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Manage and optimize tools EDR (e.g., Microsoft Defender for Endpoint, CrowdStrike etc.), Antimalware solutions, and Tanium Endpoint Platform. Lead POCs for new security tools and features, evaluating their effectiveness, compatibility, and scalability. Document finding and provide detailed recommendation for production deployment. Develop and enforce endpoint policies, ensuring alignment with DBs security standards. Maintain security for cloud workloads using platforms such as Prisma cloud or equivalent solutions. Ensure container image scanning, vulnerability management, and security configurations are in place for cloud workloads. Lead efforts in endpoint attack surface reduction and hardening initiatives. Monitor and respond to endpoint and cloud workload security alerts and incidents, collaborating with the threat operations and other teams for resolution. Perform root cause analysis and remediation for security related issues. Drive the resolution of audit findings by working with cross functional teams to implement required controls on endpoints. Provide updates, maintain documentation, and ensure alignment with regulatory standards. Create scripts(PowerShell, Python etc.) for testing, monitoring, and compliance-related tasks. Your skills and experience Required: 5+ years of experience in endpoint security engineering or operations roles Expertise in EDR, Tanium, Antimalware, Device Control and Attack Surface Reduction strategies. Strong scripting skills in PowerShell or Python for automation and compliance checks. Relevant certifications in cybersecurity or related fields. Excellent communication skills. Experience in a banking or financial services environment. Preferred: Familiarity with SIEM tools and other security technologies. Expertise in vulnerability management and risk remediation. Familiarity with cloud platforms (preferably GCP) How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information SOAR Developer JD- Client looking for a strong playbook developer resource for XSOAR/Splunk Phantom/Splunk SOAR who has SOC/CSIRT practical experience along with technical skills for developing playbooks. The resource would be helping to develop playbooks for our existing requirements and also work more directly with our analysts to leveraging their SOC/CSIRT experience to help come up with the best solution to solve the business need. This may require influencing process change on the SOC side to provide the best solution to meet their needs. Looking for well experienced (5+ yrs) XSOAR developer who understand SOC use cases and develop new playbook automations and work on enhancement requests. Palo XSOAR playbook development, Security Incident Response, SOC operations 2. Operation Manger- splunk JD- We are seeking an experienced Operations Manager to oversee and optimize our daily operations. The Operations Manager will be responsible for ensuring that our business processes run smoothly and efficiently, coordinating between various departments, managing resources, and driving continuous improvement initiatives. The ideal candidate will have strong leadership skills, a deep understanding of operational processes, and the ability to implement strategies that enhance productivity and profitability. Key Responsibilities: - Operations Management: - Oversee the day-to-day operations of the organization, ensuring that all processes are running efficiently and effectively. - Monitor key performance indicators (KPIs) to identify areas for improvement and implement strategies to enhance productivity. - Coordinate between departments (e.g., production, logistics, customer service) to ensure seamless operations and the timely delivery of products or services. - Resource Management: - Manage and allocate resources (e.g., personnel, equipment, budget) to optimize operational efficiency and meet organizational goals. - Develop and implement resource management plans to address current and future operational needs. 3. Splunk Content Developer L3 JD- C ontent Development: - Design and develop custom dashboards, reports, and alerts within Splunk to meet the needs of various business units, including IT operations, security, and business intelligence. - Create and optimize complex SPL queries to extract meaningful data and insights. - Develop and maintain data models, saved searches, and macros to streamline content creation and improve performance. - Requirement Gathering: - Work closely with stakeholders to understand their needs and translate business and technical requirements into effective Splunk content. - Collaborate with cross-functional teams to ensure the content aligns with organizational goals and objectives. 4. Splunk Analyst JD The Splunk Analyst will be responsible for the design, implementation, and maintenance of Splunk solutions. This role involves working with large datasets, creating dashboards, alerts, and reports to provide actionable insights, and supporting the organizations IT security, compliance, and operational monitoring needs. Key Responsibilities: - Data Onboarding & Management: - Collect, monitor, and analyze data from various sources by configuring and deploying Splunk forwarders and ingesting data into the Splunk platform. - Optimize Splunk data models and indexes for performance. - Ensure data integrity, proper parsing, and normalization of data. - Dashboard & Report Development: - Design, develop, and maintain Splunk dashboards, alerts, and reports to provide insights into system performance, security events, and operational metrics. - Collaborate with stakeholders to gather requirements and tailor reports/dashboards to meet business needs. - Monitoring & Alerting: - Implement and fine-tune Splunk alerts to proactively monitor for security incidents, performance issues, and anomalies. - Conduct regular system health checks to ensure the stability and performance of the Splunk environment. - Troubleshooting & Support: - Investigate and resolve issues with Splunk performance, data ingestion, and search/query errors. - Provide support to end-users, helping them to use Splunk effectively

Job Duties (Summary): Senior Security SOC Analyst works in 24/7 team and in shifts which include nights and rotational weekends. The role is a key part of our Security Monitoring Incident Response team, involving in investigating alerts/events that trigger from MS Sentinel / SIEM and EDR Tools and other end point tools. Senior Analyst will be the internal escalation point for the Security analysts within the shift/team and will assist Security Analysts in responding to Security Incidents. This role also needs exceptional communication skills (verbal and written), and an ability quickly understand complex information while recognizing familiar elements within complex situations. Required Skills & Experience: Responsible for 24/7 monitor, triage, analysing security events and alerts. Including Malware analysis. Should have good hands-on in Microsoft Sentinel and should have ability to query using KQL [Mandatory] Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc... Strong knowledge of email security threats and security controls, including experience analysing email headers. Analysing Phishing emails and associated Threats and to remediate them by blocking the Urls analysing the malware(s),link(s),IOCs. Good understanding of Threat Intel and Hunting. Good hands on experience in investigating EDR alerts (Tanium, CrowdStrike, etc..) Good hands on experience in using XSOAR Platforms (Demisto, Phantom, etc..) Strong technical understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP. Experience analysing network traffic using tools such as Wireshark, to investigate either security issues or complex operational issues. Experience reviewing system and application logs (e.g., web or mail server logs), either to investigate security issues or complex operational issues. Knowledge in investigating security issues within Cloud infrastructure such as AWS, GCP, Azure (Preferred not mandatory) Good knowledge and hands-on experience with SIEM systems such as SentinelOne/RSA Netwitness/Splunk/AlienVault/QRadar, ArcSight or similar in understanding/creating new detection rules, correlation rules etc... Experience In defining use cases for playbooks and runbooks (Preferred) Experience in understanding log types and log parsing Strong passion in information security, including awareness of current threats and security best practices. Basic Qualifications (Preferred not mandatory ? if Candidate has equivalent knowledge) Bachelors Degree in Computer Sciences or equivalent (Preferred not mandatory) Minimum of 3 years of experience in a Security Operations Centre (SOC) or incident response team (CSIRT Team member). Overall 3+ experience in Information Security/IT Security/Network Security. CEH, CISSP, OSCP, CHFI, ECSA, GCIH, GCIA, GSEC, GCFA certification (minimum One certification - Preferred not mandatory) A relevant specialist degree (e.g., information security or digital forensics). Knowledge in NIST CSF, MiTRE & ATTACK Framework. Active involvement in the Information Security community. Certified in Azure Security [SC-200, AZ-500, AZ-900] ? Either one or more [Mandatory]

Wipro Limited (NYSE:WIT, BSE:507685, NSE:WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. About The Role : Role Purpose The purpose of this role is to provide significant technical expertise in architecture planning and design of the concerned tower (platform, database, middleware, backup etc) as well as managing its day-to-day operations Do Provide adequate support in architecture planning, migration & installation for new projects in own tower (platform/dbase/ middleware/ backup) Lead the structural/ architectural design of a platform/ middleware/ database/ back up etc. according to various system requirements to ensure a highly scalable and extensible solution Conduct technology capacity planning by reviewing the current and future requirements Utilize and leverage the new features of all underlying technologies to ensure smooth functioning of the installed databases and applications/ platforms, as applicable Strategize & implement disaster recovery plans and create and implement backup and recovery plans Manage the day-to-day operations of the tower Manage day-to-day operations by troubleshooting any issues, conducting root cause analysis (RCA) and developing fixes to avoid similar issues. Plan for and manage upgradations, migration, maintenance, backup, installation and configuration functions for own tower Review the technical performance of own tower and deploy ways to improve efficiency, fine tune performance and reduce performance challenges Develop shift roster for the team to ensure no disruption in the tower Create and update SOPs, Data Responsibility Matrices, operations manuals, daily test plans, data architecture guidance etc. Provide weekly status reports to the client leadership team, internal stakeholders on database activities w.r.t. progress, updates, status, and next steps Leverage technology to develop Service Improvement Plan (SIP) through automation and other initiatives for higher efficiency and effectiveness Team Management Resourcing Forecast talent requirements as per the current and future business needs Hire adequate and right resources for the team Train direct reportees to make right recruitment and selection decisions Talent Management Ensure 100% compliance to Wipros standards of adequate onboarding and training for team members to enhance capability & effectiveness Build an internal talent pool of HiPos and ensure their career progression within the organization Promote diversity in leadership positions Performance Management Set goals for direct reportees, conduct timely performance reviews and appraisals, and give constructive feedback to direct reports. Ensure that organizational programs like Performance Nxt are well understood and that the team is taking the opportunities presented by such programs to their and their levels below Employee Satisfaction and Engagement Lead and drive engagement initiatives for the team Track team satisfaction scores and identify initiatives to build engagement within the team Proactively challenge the team with larger and enriching projects/ initiatives for the organization or team Exercise employee recognition and appreciation Deliver NoPerformance ParameterMeasure1Operations of the towerSLA adherence Knowledge management CSAT/ Customer Experience Identification of risk issues and mitigation plans Knowledge management2New projectsTimely delivery Avoid unauthorised changes No formal escalations Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Role & responsibilities Plan, implement, configure, and migrate market-leading cyber security solutions (Qradar, Sentinel, Defender etc.) Creation and implementation of new SIEM use cases (correlation rules), fine tuning, Defender policies etc. Configuration, onboarding, and parsing of new log sources in SIEM solution, working on malware analysis, mail analysis, Threat intelligence/hunting etc. Assessment of the effects of an attack, taking initial measures and making concrete recommendations for action, Improvement of response plans and incident playbooks. Classification and investigation of alarms from different threat detection platforms and provision of the processed results to our customers Anomaly and attack pattern detection at all stages of the cyber killchain Anomaly and attack pattern detection at all stages of the cyber killchain Tool-based and manual threat hunting to detect attacks after zero-day exploits or vulnerabilities with a potentially severe impact on customer environments become known Creation of security reports based on the security incidents within the reporting period Creation of reports and dashboards Ensure adherence to and implementation of best incident response procedures as well as internal and industry standards Participation in on-call duty to ensure incident response even outside of business hours 24*7 onsite cybersoc support to customer including weekends & public holidays Preferred candidate profile 4+ years related work experience in customer facing organizations within cybersoc services. Mandatory skill set Good hands-on experience on SIEM tools like Qradar, MS Sentinel. Knowledge on Microsoft Defender Good experience on Incident handling & response Certification in IBM Qradar SOC Analyst/Administrator, SC-200. Secondary skill set Knowledge on Python, any scripting language Malware investigation and reporting Forensic investigation of SPAM / Phising email incidents Knowledge on threat intelligence & threat hunting

Managed Services SOC Senior Analyst Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

Managed Services SOC Senior Analyst Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

Managed Services SOC Senior Analyst Job Summary: The Security Operations Center (SOC) Security L-2 Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). The L2 SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts and should be ready to work in shifts. An engineer in this position act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Job Description : Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams Generate monthly reports on SOC activity Secondary skills like AV, HIPS, DCS, VA/ PT desirable Required Technical Expertise Must have experience in SIEM Management tool (QRADAR) Should have certifications like, ITIL, CCNA, CEH, VA (Product) Certification, CISM Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host based firewalls, Anti-Malware, HIDS General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows NT