891 Qradar Jobs - Page 19

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. Were looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like youThen it seems like youd make a great addition to our vibrant team. Siemens founded the new business unit Siemens Advanta (formerly known as Siemens IoT Services) on April 1, 2019 with its headquarter in Munich, Germany. It has been crafted to unlock the digital future of its clients by offering end-to-end support on their outstanding digitalization journey. Siemens Advanta is a strategic advisor and a trusted implementation partner in digital transformation and industrial IoT with a global network of more than 8000 employees in 10 countries and 21 offices. Highly skilled and experienced specialists offer services which range from consulting to craft & prototyping to solution & implementation and operation- everything out of one hand. We are looking for a Product & Solution Security Professional Youll make a difference by Mandatory Skills - Needs to be specialized in at least one/two of different areasSecure Architecture & Design, Threat & Risk Analysis, Secure Project Integration. Network security- firewall & network IDS, IPS PSSE will be primarily involved in the secure architecture and design, defines secure design principles, supports selection of secure suppliers and technologies and the development of secure configuration standards and security topics such as IDS, security patch management or Anti-Virus systems must be considered. Also, as part of project integration- defines, supervises, and tests the components/ subsystems with regards to system security, defines and establishes zones and conduits taking physical security concerns into account and prepares and performs security handover of complex systems to customers. Supports and consults the project leaders in implementing the required product & solution security. Supports project teams in conducting the corresponding security activities during the project execution process and / or services. Can support multiple projects and should occupy the function for the main part of is defined working time. Reports to the Project / Functional Lead and the Product & Solution Security Officer. Specification and maintenance of secure coding, secure design guidelines, configuration, and hardening guidelines Synchronize adequately with Information Security organization to ensure architecture and design, and integration IT-infrastructure is sufficiently secure. Specification and maintenance of security requirements for the project. Support for meeting international and regional security standards and regulations (like IEC62443, ISO27000, CENELEC, NIST, SANS) in the project. Planning and performing threat and risk analysis and definition of countermeasures in line with risk acceptance criteria of organization. Evaluation of third-party components regarding product & solution security. Clearance of implementation and documentation of security critical components (e.g., cryptographic functions, hidden function, firewall settings) Verification of implementation regarding security requirements (e.g., as part of system test, factory, or site acceptance test). This includes recommendation and creation of security testing tools. Validation (e.g., friendly hacking, penetration testing) to ensure that implementation fulfills security expectations. Involvement in the analysis and handling of security vulnerabilities & incidents. Sound understanding of Product and solution security topic. Hands on experience of Threat and Risk Analysis (TRA) Supporting the systems engineering for security issues. Monitoring and evaluation of vulnerabilities and security incidents Assessment of security-related requirements Proficient in MS Word, Excel (Writing Macros) and PowerPoint Management and Reporting Exhibiting excellent communication and analytical skills Desired Skills: 9+ years of experience is required. Great Communication skills. Analytical and problem-solving skills Join us and be yourself! Make your mark in our exciting world at Siemens. This role is based in Pune and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. Find out more about Siemens careers at & more about mobility at https://new.siemens.com/global/en/products/mobility.html

Position Summary: We are seeking a skilled IT Technician to join our Cyber Security team in India. The successful candidate will be responsible for design and test new Cyber Security portfolio elements, ensuring robust and secure solutions and tools to guarantee the cybersecurity of our installed plant base (brownfield) in accordance with the latest standards and guidelines (NIS2, NERC CIP, etc.) and customers demands. Working with technical experts from other business units, the aim is to ensure that these solutions meet the latest security standards and address potential threats in the IT/OT environment. Especially for our installed systems (brownfield), new cybersecurity technologies need to be assessed, and proof-of-concepts organized/created. As part of a hybrid working model and due to the nature of the role, you will need to travel frequently to Germany. A Snapshot of your Day How Youll Make an Impact (responsibilities of role) Planning, setup, operation and maintenance of an IT/OT test environment for the simulation of production systems. With a special focus on servers, firewalls, routers, switches, etc. and corresponding users and operating software Testing and evaluation of new cybersecurity technologies (HW and SW) for our HVDC/FACTS systems and their implementation in case of positive evaluation Ensuring protection against cyberattacks by implementing the latest technologies Support in the automation and optimization of production processes Collaborate with the Control & Automation team to integrate new technologies Preparation of technical documentation, installation instructions and user manuals Provide technical expertise for bidding activities, present security concepts, and assist in creating customer-centric solutions What You Bring Degree in network/communication technology, computer science or IT security, alternatively a relevant apprenticeship with several years of professional experience Sound knowledge of IT administration, e.g. network security, Windows Server, Active Directory, WSUS, virtualization, firewalls, remote access solutions, etc. Preferably several years of experience in IT/OT cybersecurity in the field of critical infrastructures Desirable, experience in automation technology. Familiarity with national and international IT security standards in an industrial environment (e.g. BDEW, NERC-CIP, IEC 62443) Very good knowledge of English (German will be an added advantage) High level of commitment, ability to work in a team and willingness to solve technical challenges independently, pragmatically and purposefully

OT Cybersecurity Engineer for Digital Industries Customer Services, India About Siemens Accelerating transformation for industries For us, it all starts and ends with our customers. Maximizing value for them is what drives us! Combining the real world of automation with the digital world of information technology opens up completely new possibilities for our customers in all industries, empowering them to make better decisions and enable them to accelerate their transformation to become a Digital Enterprise. With our unique portfolio, we can make a decisive contribution to sustainable industrial innovation- transforming the everyday and creating a better tomorrow for societies and people around the world. Cybersecurity for Industry We give Cybersecurity for Industry the highest priority in successful digitalization, so we place it at the center of our development of innovative products, solutions, and services. We rely on the multilayer Defense in Depth concept strengthened by Zero Trust principles. This ensures reliable and always up-to-date protection on all levels, thanks to three pillars- plant security, network security, and system integrity- including Industrial Cybersecurity Services. At Digital Industries we create and implement digital manufacturing concepts for our vertical customer based on the Digital Enterprise software suite, TIA, MindSphere, Industrial Edge and Industrial cybersecurity offerings from Digital Industries. Are you passionate about safeguarding critical infrastructure and ensuring the security of industrial control systemsJoin our team as a Cybersecurity Engineer and play a pivotal role in protecting our ICS and SIS systems, networks, and information. Key Responsibilities: Security MeasuresEngineer, implement, and monitor robust security measures to protect ICS and SIS systems, related networks, and sensitive information. System Security Identify and define system security requirements to ensure comprehensive protection. Security ArchitectureDesign and develop detailed cybersecurity architectures and designs, adhering to industry-standard blueprints and best practices. Implementing Backup Solutions and ManagementImplement and manage system backup technologies like Acronis, Veritas, Veeam and other providers, overseeing installation and deployment. Threat Detection and Vulnerability monitoringImplement solution like Claroty or Nozomi at ICS for the customers. Installing remediation to risk score for the customer. Endpoint SecurityDeploy and manage endpoint security and application control solutions from providers like McAfee, as well as SIEM solutions such as McAfee, Splunk, and Q-radar etc. Network SecurityImplement and manage network-based firewalls (e.g., Siemens, Fortinet, Palo Alto, CISCO), network troubleshooting, and intrusion detection products. Network ManagementInstall and manage network management solutions like SiNEC NMS, SolarWinds, WhatsUp Gold etc. Firmware UpdatesConduct firmware updates for various automation control systems, switches, and firewalls. Domain Controller ConfigurationConfigure and deploy domain controller settings and policies to defined computer groups as per approved list for ICS. Host-Based SecurityImplement host-based security technologies, including antivirus, data leakage prevention, host IPS, whitelisting, and anomaly detection. Installation and TestingPerform installation, configuration, and testing activities at both factory and customer sites, with experience in Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT). DocumentationPrepare comprehensive system documentation, including functional design specifications, backup systems documentation, firewall configurations, network diagrams, system architectures, asset inventory, FAT and SAT procedures, and operation & maintenance manuals. Experience 5 to 6 years of experience in working for OT Security systems design, implementation and consulting with at least some experience in industrial automation systems design. Proven experience in cybersecurity, particularly in ICS. Strong understanding of cybersecurity principles and best practices. Proficiency in managing backup technologies, endpoint security, SIEM solutions, and network-based firewalls. Hands-on experience with network management solutions and firmware updates. Ability to configure domain controllers and implement host-based security technologies. Excellent documentation skills and experience with FAT and SAT procedures. Education o Bachelors degree in engineering (Electrical Engineering, Computer Engineering, or related field). A degree in Cybersecurity is preferred. o Valid certification in OT security (e.g., CISSP, GICSP, OSCP) would be additional advantage. Business Travel You will be in the delivery and implementation team and hence should be willing to travel and experience various manufacturing sites across India

Introduction At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk. Your Role And Responsibilities Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar) including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Preferred Education Bachelor's Degree Required Technical And Professional Expertise 5+ Years Hands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred Technical And Professional Experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Educational Bachelor of Engineering,Master Of Engineering Service Line Cyber Security Responsibilities 8 years experience in security assessing application designs experience in working in a regulated industry.Experience in System Architecture, Cloud Security, and Security Overall.Secondary Skills: Ability to explain security controls, vulnerabilities and control gaps to solution architectsGood to Have Skills: Very good Communication Skills.Positive Attitude towards work and deliverable. Technical and Professional : 8 years experience in security assessing application designs experience in working in a regulated industry.Experience in System Architecture, Cloud Security, and Security Overall.Secondary Skills: Ability to explain security controls, vulnerabilities and control gaps to solution architectsGood to Have Skills: Very good Communication Skills.Positive Attitude towards work and deliverable. Preferred Skills: Technology-Enterprise Architecture-Digital Architecture

: 1. Monitoring and analysis of cyber security events using Microsoft Sentinel SIEM. 2. Monitor internal and external threats, examine logs, events, and alerts generated by multiple platforms for anomalous activity. 3. Development and execution of SOC and standard operating procedures (SOP). 4. Triage security events and incidents, detect anomalies, and report/direct remediation actions. 5. Timely escalate security incidents whenever SLA's are not met. 6. Assist in incident detection and resolving incidents by following all phases of incident management lifecycle. 7. Integrate and collaborate threat information to improve incident detection capabilities. 8. Should be capable of report generation from security solutions and preparation of report for management or leadership review. 9. Collect evidence of security incidents, and other error conditions that may constitute a breach in security or a degradation of integrity or confidentiality of systems and data. Ability to coordinate and work with stakeholders to track security incidents till closure.

Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions. Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies. SIEM and Incident ResponseHands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Strong skills in incident response, threat hunting, and forensic investigation. Access and Identity ManagementFamiliarity with IAM concepts and tools, including MFA and SSO solutions. Experience with configuring and troubleshooting access control for network and endpoint systems. Automation and ScriptingBasic scripting abilities (e.g., Python, PowerShell) for automating security processes. Excellent analytical and problem-solving skills. Effective communication skills for interacting with team members and stakeholders. Ability to work in a fast-paced environment and handle high-stakes incidents. Certifications (Preferred) CompTIA Security+, Cisco CCNA Security, Certified Ethical Hacker (CEH), or other relevant security certifications. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 10 years of experience in security & infrastructure administration Experience on any Products for Implementation & Operations in SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Expertise of handling industry standard risk, governance and security standard methodologies and incident response processes (detection, triage, incident analysis, remediation and reporting). have shown attention to detail and interpersonal skills and expertise to oversee input and develop relevant metrics and Competence with Microsoft Office, e.g. Word, Presentation, Excel, Visio, etc Preferred technical and professional experience Ability to multitask and work independently with minimal direction and maximum accountability. One or more security certifications. (CEH, Security+, GSEC, GCIH, etc).

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a Level 2 Security Engineer to strengthen our detection and response operations using Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The role focuses on writing advanced KQL queries for hunting and alert tuning, investigating incidents using Sentinel tools. You will help defend against modern cyber threats, contribute to incident investigations, and work closely with senior engineers to mature our detection capabilities.Key Responsibilities:- Develop and fine-tune advanced KQL queries for threat hunting and anomaly detection in Microsoft Sentinel.- Investigate security incidents using Sentinel Incident Graph, Timeline, and related tools to analyze relationships and attack paths.- Utilize Sentinel Fusion to understand and correlate alerts for complex incidents.- Perform deep endpoint investigations using Microsoft Defender for Endpoint (MDE).- Analyzing process trees, alerts, and device timeline.- Supporting remediation actions.- Understanding and leveraging EDR capabilities.- Document incident findings, provide recommendations for containment and eradication, and assist in incident reporting.- Assist in managing and maintaining Sentinel workspaces and data connectors (e.g., Azure AD, Syslog, MDE).- Correlate alerts and artifacts (e.g., IPs, hashes, user accounts) across multiple data sources to build a comprehensive incident picture.- Contribute to improving detection rules, watchlists, and hunting queries based on attacker TTPs aligned with MITRE ATT&CK.- Collaborate with Level 3 engineers, incident responders, and cloud/security architects to enhance detection and response processes.- Support red/blue team exercises by providing incident insights and improving rule effectiveness. Professional & Technical Skills: - 5+ years in Security Operations, Incident Response, or Threat Hunting roles.- Strong experience writing and tuning KQL queries for Sentinel hunting and detection rules.- Hands-on experience investigating incidents using Sentinel Incident Graph, Timeline, and Fusion alerts.- Solid understanding of Microsoft Defender for Endpoint (MDE) including process analysis, alerts, and EDR telemetry.- Familiarity with MITRE ATT&CK, alert mapping, and detection engineering fundamentals.- Preferred Certifications-SC-200:Microsoft Security Operations Analyst (strongly preferred), AZ-500:Microsoft Azure Security Technologies, MITRE -ATT&CK Defender (MAD) certificate (nice to have), SC-900:Microsoft Security, Compliance, and Identity Fundamentals - Strong analytical thinking and ability to investigate complex incidents.- Clear and effective communicator with both technical and non-technical stakeholders.- Eagerness to learn from senior engineers and grow technical depth.- Detail-oriented, proactive, and team-focused.- Ability to work calmly under pressure during active incidents. Additional Information:- The candidate should have minimum 3 years of experience.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled Imperva DAM Administrator to manage, maintain, and enhance our Imperva Database Activity Monitoring infrastructure. The ideal candidate will have deep experience with Imperva DAM, database security, and compliance frameworks such as PCI-DSS, SOX, and HIPAA. This role is crucial for ensuring real-time monitoring, alerting, and reporting of database activity to detect and prevent unauthorized or anomalous access. Roles & Responsibilities:- Administer, configure, and maintain the Imperva SecureSphere DAM platform across various environments (development, staging, production).- Deploy DAM agents/connectors across databases (Oracle, SQL Server, DB2, MySQL, etc.).- Develop and tune security policies, rules, and alerts for detecting suspicious database activity.- Monitor the DAM system health, logs, and performance metrics to ensure high availability and optimal operation.- Manage integrations with SIEM, ticketing systems, and other security tools.- Support audits and compliance reporting through custom report creation and event tracking.- Perform regular upgrades, patches, and configuration changes in accordance with security best practices.- Troubleshoot issues with DAM sensors, agents, and logging mechanisms.- Work closely with database administrators, application teams, and InfoSec stakeholders to ensure seamless data protection and policy enforcement.- Provide documentation, standard operating procedures (SOPs), and training to relevant stakeholders. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of risk assessment methodologies and frameworks.- Experience with security tools and technologies for vulnerability scanning and management.- Knowledge of compliance standards and regulations related to cybersecurity.- Ability to communicate complex security concepts to non-technical stakeholders. Additional Information:- The candidate should have minimum 3 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled Firewall Engineer with hands-on experience in managing and optimizing security infrastructure, specifically Check Point and FortiGate firewalls. The ideal candidate will also have a strong understanding of security policy management tools like Skybox and Tufin. You will be responsible for designing, implementing, maintaining, and supporting firewall environments to ensure the integrity and security of enterprise systems and data.Key Responsibilities:- Design, configure, implement, and maintain firewall infrastructure using Check Point and FortiGate platforms.- Manage and optimize firewall rules, NAT policies, VPNs, and threat prevention features.- Use Skybox and Tufin to audit, analyze, and optimize firewall rules and ensure compliance with security policies.- Monitor firewall logs and network activity to identify and respond to security incidents or misconfigurations.- Participate in security assessments, rule base cleanups, and change management processes.- Assist in the development of network security policies and procedures.- Collaborate with security teams, network engineers, and system administrators to implement robust defense-in-depth strategies.- Stay current on evolving cybersecurity threats and recommend improvements to firewall architecture and policies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Good To Have Skills: Experience with network security protocols and practices.- Strong understanding of threat intelligence and incident response.- Familiarity with compliance frameworks such as ISO 27001 and NIST.- Experience in conducting vulnerability assessments and penetration testing. Additional Information:- The candidate should have minimum 2 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a Level 2 Security Engineer to strengthen our detection and response operations using Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The role focuses on writing advanced KQL queries for hunting and alert tuning, investigating incidents using Sentinel tools. You will help defend against modern cyber threats, contribute to incident investigations, and work closely with senior engineers to mature our detection capabilities. Roles & Responsibilities:- Develop and fine-tune advanced KQL queries for threat hunting and anomaly detection in Microsoft Sentinel.- Investigate security incidents using Sentinel Incident Graph, Timeline, and related tools to analyze relationships and attack paths.- Utilize Sentinel Fusion to understand and correlate alerts for complex incidents.- Perform deep endpoint investigations using Microsoft Defender for Endpoint (MDE).- Analyzing process trees, alerts, and device timeline.- Supporting remediation actions.- Understanding and leveraging EDR capabilities.- Document incident findings, provide recommendations for containment and eradication, and assist in incident reporting.- Assist in managing and maintaining Sentinel workspaces and data connectors (e.g., Azure AD, Syslog, MDE).- Correlate alerts and artifacts (e.g., IPs, hashes, user accounts) across multiple data sources to build a comprehensive incident picture.- Contribute to improving detection rules, watchlists, and hunting queries based on attacker TTPs aligned with MITRE ATT&CK.- Collaborate with Level 3 engineers, incident responders, and cloud/security architects to enhance detection and response processes.- Support red/blue team exercises by providing incident insights and improving rule effectiveness.- Strong analytical thinking and ability to investigate complex incidents.- Clear and effective communicator with both technical and non-technical stakeholders.- Eagerness to learn from senior engineers and grow technical depth.- Detail oriented, proactive, and team-focused.- Ability to work calmly under pressure during active incidents. Professional & Technical Skills: - 5+ years in Security Operations, Incident Response, or Threat Hunting roles.- Strong experience writing and tuning KQL queries for Sentinel hunting and detection rules.- Hands-on experience investigating incidents using Sentinel Incident Graph, Timeline, and Fusion alerts.- Solid understanding of Microsoft Defender for Endpoint (MDE) including process analysis, alerts, and EDR telemetry.- Familiarity with MITRE ATT&CK, alert mapping, and detection engineering fundamentals.- Preferred Certifications-SC-200:Microsoft Security Operations Analyst (strongly preferred), AZ-500:Microsoft Azure Security Technologies, MITRE - ATT&CK Defender (MAD) certificate (nice to have) Microsoft Security, Compliance, and Identity Fundamentals. Additional Information:- The candidate should have minimum 3 years of experience.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

The IBM Technology Expert Labs organization is looking for an IBM zSecurity Delivery Consultant with expertise in IBM Z, RACF and Security products to lead and deliver pre-sales and post-sales client engagements that enable the adoption of IBM zSecure Suite and IBM ZMFA Ideal candidates will have demonstrated a successful history of implementing IBM Zsecure Suite engagements, be familiar with sysplex architectural methods, can independently assess IT infrastructures, evaluate gaps in best practices and create IBM Security solution recommendations for client environments while displaying excellent collaboration and communication with Clients, Sellers, Business Partners and Colleagues by delivering reports to clients. You will be responsible for developing and delivering IBM Security architecture, and implementation of IBM Security products which may include: Implement security policies and procedures to protect the integrity, confidentiality, and availability of information extensive knowledge of security administration by using the zSecure suite products Designing and customizing the ZMFA features, based on the client requirements Integrating and designing security with IBM Guardium Data centre and Quantum safe solutions. Assisting with customer to extract the audit reports for system vulnerabilities and implement security measures to mitigate risks Providing technical guidance and skills transfer to customer personnel for IBM zSecure suite products, ZMFA features, IBM Guardium and Quantum safe Producing planning and implementation reports and documentation. Installation, configuration, testing and maintenance of IBM RACF, and related Z software Other technical tasks as necessary to accomplish successful customer outcomes Aid customers to migrate the other vendor security products to the IBM RACF And Z security software’s. This role requires a strong knowledge of the IBM Systems Z security and software ecosystem, focusing on Strong Security and IBM Zsecure, Guardium and Quantum safe, are needed. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise This role requires a strong knowledge of the IBM Systems Z security and software ecosystem, focusing on Strong Security and IBM Zsecure, Guardium and Quantum safe, are needed. 8+ years’ experience working with: RACF Security Administrators and capabilities of IBM zSecurity products including (zSecure ,ZMFA, Guardium and Quantum safe) z/OS RACF Security Administrators ,zSecure Admin Ability to migrate the other vendor security products to the RACF and IBM z Security related products Successfully delivering IBM Z projects and/or architecting and planning infrastructures for customer’s Security Needs 5+ years’ experience in: Customer or executive facing communications, requirements analysis, documentation, and report presentations. Create and manage RACF user profiles, group profiles, and access rights Implement security policies, extracting the Security audit reports using the zSecure suite products and procedures to protect integrity of the system Ability to lead customer technical workshops up to 20+ people. Strong written and verbal communication skills EnglishFluent. Preferred technical and professional experience Knowledge or experience with RACF ,zsecure products suite ,Guardium data center, ZMFA, Quantum safe Experience on Security Migrations (ACF2 to RACF or TSS to RACF) Practical SMP/E knowledge Assembler, JCL, REXX and CLIST knowledge.

The IBM Technology Expert Labs organization is looking for an IBM zSecurity Delivery Consultant with expertise in IBM Z, RACFand Security products to lead and deliver pre-sales and post-sales client engagements that enable the adoption of IBMzSecureSuite and IBM ZMFA Ideal candidates will have demonstrated a successful history of implementing IBM Zsecure Suiteengagements, be familiar with sysplex architectural methods, can independently assess IT infrastructures, evaluate gaps in best practices and create IBM Securitysolution recommendations for client environments while displaying excellent collaboration and communication with Clients, Sellers, Business Partners and Colleagues by delivering reports to clients. You will be responsible for developing and delivering IBM Securityarchitecture, and implementation of IBM Security productswhich may include: Implement security policies and procedures to protect the integrity, confidentiality, and availability of information extensive knowledge of security administration by using the zSecure suite products Designing and customizing the ZMFA features, based on the client requirements Integrating and designing security with IBM Guardium Data centre and Quantum safe solutions. Assisting with customer to extract the audit reports for system vulnerabilities and implement security measures to mitigate risks Providing technical guidance and skills transfer to customer personnel for IBM zSecure suite products, ZMFA features, IBM Guardium and Quantum safe Producing planning and implementation reports and documentation. Installation, configuration, testing and maintenance of IBM RACF, and related Z software Other technical tasks as necessary to accomplish successful customer outcomes Aid customers to migrate the other vendor security products to the IBM RACF And Z security software’s. This role requires a strong knowledge of the IBM Systems Z security and software ecosystem, focusing on Strong Security and IBM Zsecure, Guardium and Quantum safe , are needed. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 12+ years’ experience working with: RACF Security Administrators and capabilities of IBM zSecurity products including(zSecure ,ZMFA, Guardium and Quantum safe) z/OSRACF Security Administrators ,zSecure Admin Ability to migrate the other vendor security products to the RACF and IBM z Security related products . Successfully delivering IBM Z projects and/or architecting and planning infrastructures for customer’s Security Needs 5+ years’ experience in: Customer or executive facing communications, requirements analysis, documentation, and report presentations. Create and manage RACF user profiles, group profiles, and access rights Implement security policies, extracting the Security audit reports using the zSecure suite products and procedures to protect integrity of the system Ability to lead customer technical workshops up to 20+ people. Strong written and verbal communication skills Preferred technical and professional experience Knowledge or experience with RACF ,zsecure products suite ,Guardium data center, ZMFA, Quantum safe Experience on Security Migrations (ACF2 to RACF or TSS to RACF) Practical SMP/E knowledge Assembler, JCL, REXX and CLIST knowledge

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing... You'll be part of the "Verizon Global Infrastructure (VGI), Network & Information Security” group working on securing the network and infra devices, harden the operating systems, configurations and build use cases to automate these tasks. Protect against cyber threats within the VGS Technology organization. You will work with a team of cybersecurity engineers with network & infrastructure background, threat intelligence analysts to align common technologies and practices that fortify our applications, systems, IT network and infrastructure. Some of your daily responsibilities would be the following. Leverage industry proven tools to identify and reduce Cyber Risks Implement next generation network security architecture, create advanced policies and controls against future threats Ensure effectiveness and coverage of security, policies and controls of VGS Network & Infrastructure, prioritizing risk level. Ensure Security posture of VGS Network & Infrastructure, e.g., access management, vulnerabilities remediation, etc. Develop awareness, training & compliance programs focused on Network & Infrastructure Cyber Security practices. Coordinate activities like network, penetration testing, incident response, data collection etc by partnering with the CISO teams. Assist in Crisis Management, Ransomware Recovery and Business Continuity planning. Identify, investigate and resolve global security breaches / incidents Develop and maintain network and infrastructure security reporting dashboards and scorecards used to measure our Cyber Practice. Identify opportunities and use cases for automation to remediate vulnerabilities, implement controls, orchestrate between tools and automate security practices. What We’re Looking For... You are passionate about network security and automation as a career. You are self-driven and motivated, with good communication and analytical skills. You’re a sought-after team member that thrives in a dynamic work environment. You will be working with multiple partners from the business groups, so networking and managing effective working relationships should be your top most priority. You have an understanding of industry trends in all areas of Information Security. You'll Need To Have Bachelor’s degree or four or more years of work experience. Four or more years of relevant work experience. Four or more years of experience in network / information security, risk and compliance management. Understanding of network fundamentals, switching, routing protocols, load balancers, web proxies, firewalls and software defined networking solutions. Understanding of security fundamentals Confidentiality, Integrity, Availability, access control, Authentication, Authorization, Auditing secure design concepts like Experience in design and implementation of network security solutions like firewalls, intrusion detection and prevention systems, VPN, web proxies etc using vendor products like Cisco, Juniper, Checkpoint, Palo Alto etc Experience in managing public cloud infrastructure like AWS, Azure, GCP etc Experience working in any one of the SIEM / SOAR solutions like Splunk SOAR, Cortex XSOAR by Palo Alto Networks, IBM Security QRadar SOAR, Swimlane etc Experience working on IT ticketing systems like JIRA, Service Now and ability to partner and collaborate with other teams in the organization Experience with hosting security awareness campaigns, gamification and bug bounty programs will be an added advantage Strong analytical problem solving, communication and interpersonal skills Passion to stay abreast with emerging technologies, network security trends, tools and techniques. Even better if you have one or more of the following: Master’s degree in Computer Science / Information Technology Engineering. Industry relevant security certifications Security+, OSCP, CEH, CISSP, GIAC, etc Cloud relevant certifications CCSP, CCSK Strong expertise in at least one operating system Window or Linux. Strong Scripting expertise in any one of Python, R, Perl, Javascript, Powershell, bash, VBScript etc Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Security Information and Event Management (SIEM) Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a Level 2 Security Engineer to strengthen our detection and response operations using Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The role focuses on writing advanced KQL queries for hunting and alert tuning, investigating incidents using Sentinel tools. You will help defend against modern cyber threats, contribute to incident investigations, and work closely with senior engineers to mature our detection capabilities.Key Responsibilities:- Develop and fine-tune advanced KQL queries for threat hunting and anomaly detection in Microsoft Sentinel.- Investigate security incidents using Sentinel Incident Graph, Timeline, and related tools to analyze relationships and attack paths.- Utilize Sentinel Fusion to understand and correlate alerts for complex incidents.- Perform deep endpoint investigations using Microsoft Defender for Endpoint (MDE).- Analyzing process trees, alerts, and device timeline.- Supporting remediation actions.- Understanding and leveraging EDR capabilities.- Document incident findings, provide recommendations for containment and eradication, and assist in incident reporting.- Assist in managing and maintaining Sentinel workspaces and data connectors (e.g., Azure AD, Syslog, MDE).- Correlate alerts and artifacts (e.g., IPs, hashes, user accounts) across multiple data sources to build a comprehensive incident picture.- Contribute to improving detection rules, watchlists, and hunting queries based on attacker TTPs aligned with MITRE ATT&CK.- Collaborate with Level 3 engineers, incident responders, and cloud/security architects to enhance detection and response processes.- Support red/blue team exercises by providing incident insights and improving rule effectiveness.- Strong analytical thinking and ability to investigate complex incidents.- Clear and effective communicator with both technical and non-technical stakeholders.- Eagerness to learn from senior engineers and grow technical depth.- Detail-oriented, proactive, and team-focused.- Ability to work calmly under pressure during active incidents. Professional & Technical Skills: - Experience in Security Operations, Incident Response, or Threat Hunting roles.- Strong experience writing and tuning KQL queries for Sentinel hunting and detection rules.- Hands-on experience investigating incidents using Sentinel Incident Graph, Timeline, and Fusion alerts.- Solid understanding of Microsoft Defender for Endpoint (MDE) including process analysis, alerts, and EDR telemetry.- Familiarity with MITRE ATT&CK, alert mapping, and detection engineering fundamentals.- SC-200:Microsoft Security Operations Analyst (strongly preferred).- AZ-500:Microsoft Azure Security Technologies.- MITRE ATT&CK Defender (MAD) certificate (nice to have).- SC-900:Microsoft Security, Compliance, and Identity Fundamentals Additional Information:- The candidate should have minimum 3 years of experience.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Senior SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This Senior SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Senior SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack. Preferred technical and professional experience Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred ExperienceExperience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures

Analyze and triage security incidents to determine their severity and impact on Infrastructure systems. Primary point of contact for Cyber Security Incident response in the Cyber Security Escalations team. Provide a first point of contact for L3 security escalations from the SOC team, ensuring a thorough review, escalation Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Conduct in-depth analysis of security events, collaborating directly with different stakeholders to escalate and thoroughly investigate incidents. Participate in Security Incident Response Team in the identification, containment, eradication, and resolution of security issues, This involves understanding the scope, impact, and root cause of incidents to tailor the response effectively, Collaborate with SOC teams to ensure effective incident response and continuous improvement. Assist in the development and refinement of SOC processes, procedures, and playbooks, Create and maintain incident reports, documenting findings, actions taken, and lessons learned Preferred technical and professional experience Stay current with emerging threats, vulnerabilities, and security technologies to proactively protect the organization. Notify Client of incident and required mitigation works. Track and update incidents and requests based on client’s updates and analysis results. Good understanding on Phishing email analysis and their terminologies Having knowledge on EDR solutions (Preferred CrowdStrike), Participate in regular SOC team meetings and provide input on improving security posture. Communicate vertically and horizontally to keep stakeholders informed and involved on Security Operations matters

Role Description: If you live and breathe technology, we want to talk to you. We are looking for highly energetic, tech savvy go-getters who are inquisitive by nature, can perform multiple tasks and are quick learners. This high potential team will be working in close coordination with our domain consultants and technology specialist in supporting them with mission-critical insights, solutioning approach and research papers. We intend to hire candidates and groom potential candidates into the domain of Consultants and Engineers in the below areas.  Engineering and design for enterprise grade log management/SIEM platforms.  Enterprise security administration and management.  Observability and IT monitoring  Platforms such as Splunk, Sentinel, Sentinel, QRadar, New relic, CrowdStrike, Data dog etc. Skills and education  B. Tech/M. Tech/BSC/MCA/MS IT (only candidates passed out in year 2021 and later can apply)  Energetic, quick learner and tech savvy, inquisitive by nature and problem solver  Ability to speak fluent and articulative English, written and oral communication skills.  Ability to coordinate and complete multiple tasks within established and changing deadlines.  Familiarity with key concepts around:  Installing, configuring, and troubleshooting in UNIX/Linux based environments  IT networking and systems (OSI network layers, TCP/IP, servers, clients, OS, etc.)  It would be an advantage to have familiarity with key concepts around:  Understanding of public cloud IaaS (AWS, GCP)  Understanding of virtualization (e.g., VMware, Virtual Box)  Understanding monitoring systems (e.g., Splunk, SolarWinds, Datadog) and/or automation software (e.g., Puppet, Chef) would be an advantage.  Understanding of cybersecurity (e.g., SIEM, network security, endpoint security, etc.)  It would be an advantage to have completed any of these IT related certifications such as:  DBA (Oracle, MSSQL, DB2) , AWS/Azure/GCP Associate. Employment Details  The opportunity to work with a set of hardworking and dedicated peers, all the way from engineering and QA to product management and support.  A constant stream of new things for you to learn and an opportunity for growth and mentorship. We believe in growing engineers through ownership and leadership opportunities.  A fun and collaborative environment with many exciting events from interacting with other trainees to conversations with our executive leadership team. Number of Hours - Full time at Company’s Chennai location. The minimum hours that the trainee will have to put in are 40 hours per week. Training period ranges from 6 month (min) to 9 month(max). Stipend – During the program, the trainee will be paid a stipend of Rs. 15,000/- per month. On successful completion of the trainee program with Positka and the Degree (if any), the trainee will be eligible to be absorbed as a permanent employee, subject to selection criteria and successful completion of our recruitment process. Career Path This role will expose the candidates to acquire skills in monitoring, consulting and analytics across the IT operations and security domains. We will help the candidate work on Splunk, IBM, Palo Alto or any similar. High performing candidates will have a career path leading to specialized roles in engineering and technology.

We are looking for a skilled professional with 6-9 years of experience to join our team as an SIEM specialist. The ideal candidate will have a strong background in security information and event management. Roles and Responsibility Design, implement, and manage SIEM systems to ensure the security and integrity of our organization's data. Develop and maintain dashboards and reports to provide insights into security threats and trends. Collaborate with cross-functional teams to identify and mitigate potential security risks. Conduct regular vulnerability assessments and penetration testing to identify weaknesses. Analyze log files and system logs to detect anomalies and suspicious activity. Develop and enforce security policies and procedures to ensure compliance with industry standards. Job Requirements Strong understanding of security principles and technologies such as firewalls, intrusion detection systems, and encryption. Experience with SIEM tools such as Splunk, LogRhythm, or QRadar. Excellent analytical and problem-solving skills with attention to detail. Ability to work effectively in a fast-paced environment and meet deadlines. Strong communication and collaboration skills to work with technical and non-technical stakeholders. Familiarity with industry standards and regulations related to security such as HIPAA, PCI-DSS, or NIST.

Immediate Job Openings on Security Analyst _ Gurgaon_ Contract Experience 4+ Years Skills Security Analyst Location Gurgaon Notice Period Immediate . Employment Type Contract Work Mode WFO 1. 4 to 8 years of exp in Security Analyst. 2. 2 to 3 Years of exp in Fine-tune SIEM rules to reduce false positive and remove false negatives. 3. Good exp in SOC (Security Operation Center)

Oversees IT incident response processes, ensuring timely resolution of critical system issues and minimizing downtime.

Conduct investigations into phishing emails and security threats, analyzing patterns and identifying potential risks. You will collaborate with teams to mitigate cybersecurity risks. Experience in threat analysis and phishing investigations is required.

Implement and manage identity and access management (IAM) solutions. Ensure regulatory compliance and enhance security protocols.

Manage Microsoft Sentinel SIEM platform to detect, investigate, and respond to security incidents. Configure alerts, monitor security events, and ensure compliance with security policies and best practices.