394 Qradar Jobs - Page 2

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you. About The Role As a Senior Technical Account Manager (TAM) at CrowdStrike, you will be a trusted advisor and technical partner to our most strategic customers. This role is all about building strong relationships, delivering expert guidance, and ensuring the long-term success and security of our customers' environments. You’ll work closely with Security, Product and IT teams to proactively resolve complex technical challenges, and help customers maximise the value of our platform. In this role, you’ll combine deep technical knowledge with strong communication and customer management skills to provide tailored support and strategic planning. You will serve as a bridge between customers and our internal teams, helping to prioritize issues, share product feedback, and advocate for customer needs. Success in this role requires a proactive mindset, a passion for cybersecurity, and the ability to navigate complex technical environments with confidence and care. What You’ll Do Serve as primary technical contact and augment our customer support teams Onboard new Elite Enterprise customers to the CrowdStrike platform. Ensure customer success through proactive periodic health checks, product training, and developing and sharing best practices focusing on Executive level interaction\ Lead efforts with internal CrowdStrike stakeholders to ensure needed customer feedback is adequately documented and assessed by internal parties. Leads meetings with Product Leadership to ensure customer must-have features and impacting issues are addressed Be the solution expert from the front lines of the SOC to the C-suite. Research complex technical issues in a timely manner and follow up with recommendations and action plans. Drive escalations with executive management and stakeholders Lead cross-functional groups to achieve resolution for any escalated issues. Contribute and utilize internal technical expertise, including development engineers, knowledge base, and other internal tools to provide the most effective solutions to customer issues Create knowledge content and systems to capture new learning for reuse throughout the company and user base. Lead technical communications within the team to share best practices and learn about new technologies and complimentary security applications. Manage renewal risk and collaborate with sales executive teams to remediate and ensure a successful renewal and upsell of product across assigned territory Conduct and lead quarterly onsite briefings with customers and executive staff. Participate in a corporate mentorship program. What You’ll Need Bachelor’s Degree or equivalent experience Industry recognized security certification Experience working with all supported operating systems Knowledge of enterprise web technologies, security and cutting-edge infrastructures Network infrastructure experience Security Operations Center working knowledge and experience Excellent customer service skills and ability to quickly establish technical credibility with customers Excellent communication skills, written and verbal with the ability to effectively communicate at all levels. Experience working independently to determine methods and procedures on new assignments Demonstrable problem-solving skills Collaborative attitude Commitment to customer success Bonus Points Experience with cloud platforms (e.g., AWS, Azure, GCP) Familiarity with SIEM tools and log analysis (e.g., Splunk, QRadar) Industry-recognized security certifications (e.g., CISSP, CISM, GIAC) Scripting knowledge (e.g., Python, PowerShell, Bash) Experience working with APIs for integration and automation Deep expertise in Windows, Linux and Mac platforms Benefits Of Working At CrowdStrike Remote-friendly and flexible work culture Market leader in compensation and equity awards Comprehensive physical and mental wellness programs Competitive vacation and holidays for recharge Paid parental and adoption leaves Professional development opportunities for all employees regardless of level or role Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections Vibrant office culture with world class amenities Great Place to Work Certified™ across the globe CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance. Show more Show less

Job requisition ID :: 82322 Date: Jun 13, 2025 Location: Delhi Designation: Assistant Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Assistant Manager in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - We are seeking a skilled SIEM QRadar Engineer to manage, maintain, and enhance our QRadar SIEM platform, ensuring effective monitoring, detection, and response to security incidents. The ideal candidate will have strong experience in QRadar administration, threat detection, and SOC operations to provide continuous security improvements and support to the SOC team. Key Responsibilities: QRadar Administration: Install, configure, and manage QRadar components, including log sources, custom log parsers, and correlation rules. Log Source Management: Integrate and manage various log sources from network devices, servers, applications, and security tools to ensure proper log ingestion and parsing. Rule Development: Develop and fine-tune correlation rules, offenses, and custom use cases to detect malicious activity. Threat Detection: Monitor, analyze, and respond to security events and incidents detected by QRadar. Performance Tuning: Optimize QRadar’s performance, including storage management, event processing, and tuning for high EPS environments. Integration and Customization: Work with APIs and custom integrations to extend the capabilities of QRadar with other security tools (firewalls, EDR, DLP, etc.). Incident Response Support: Collaborate with the SOC team in investigating security incidents, using QRadar for root cause analysis and mitigation strategies. Dashboard & Report Creation: Design and manage QRadar dashboards and reports for management and security operations teams. Compliance and Auditing: Ensure QRadar operations align with regulatory standards, such as GDPR, HIPAA, or PCI-DSS, as required. Troubleshooting: Resolve QRadar-related issues, including log ingestion problems, performance issues, and system errors. Upgrades and Patching: Plan and execute system upgrades, patching, and version updates to maintain system integrity and security. Desired qualifications Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 4+ years of experience with QRadar SIEM, including installation, configuration, and administration. Strong knowledge of SIEM operations, event correlation, and log management. Experience in SOC operations, threat detection, and incident response. Proficiency in scripting and automation (Python, Bash, or PowerShell) is a plus. Familiarity with network security tools, firewalls, IDS/IPS, EDR, and other security technologies. In-depth knowledge of security frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001). Preferred Certifications IBM QRadar SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Gurgaon Professional is required to work from office Your role as a Assistant Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job requisition ID :: 82321 Date: Jun 13, 2025 Location: Delhi Designation: Deputy Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Deputy Manager in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - We are seeking a skilled QRadar Engineer to manage, maintain, and enhance our QRadar SIEM platform, ensuring effective monitoring, detection, and response to security incidents. The ideal candidate will have strong experience in QRadar administration, threat detection, and SOC operations to provide continuous security improvements and support to the SOC team. Key Responsibilities: QRadar Administration: Install, configure, and manage QRadar components, including log sources, custom log parsers, and correlation rules. Log Source Management: Integrate and manage various log sources from network devices, servers, applications, and security tools to ensure proper log ingestion and parsing. Rule Development: Develop and fine-tune correlation rules, offenses, and custom use cases to detect malicious activity. Threat Detection: Monitor, analyze, and respond to security events and incidents detected by QRadar. Performance Tuning: Optimize QRadar’s performance, including storage management, event processing, and tuning for high EPS environments. Integration and Customization: Work with APIs and custom integrations to extend the capabilities of QRadar with other security tools (firewalls, EDR, DLP, etc.). Incident Response Support: Collaborate with the SOC team in investigating security incidents, using QRadar for root cause analysis and mitigation strategies. Dashboard & Report Creation: Design and manage QRadar dashboards and reports for management and security operations teams. Compliance and Auditing: Ensure QRadar operations align with regulatory standards, such as GDPR, HIPAA, or PCI-DSS, as required. Troubleshooting: Resolve QRadar-related issues, including log ingestion problems, performance issues, and system errors. Upgrades and Patching: Plan and execute system upgrades, patching, and version updates to maintain system integrity and security. Desired qualifications Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience. 4+ years of experience with QRadar SIEM, including installation, configuration, and administration. Strong knowledge of SIEM operations, event correlation, and log management. Experience in SOC operations, threat detection, and incident response. Proficiency in scripting and automation (Python, Bash, or PowerShell) is a plus. Familiarity with network security tools, firewalls, IDS/IPS, EDR, and other security technologies. In-depth knowledge of security frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001). Preferred Certifications IBM QRadar SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Mumbai/Gurgaon Professional is required to work from office Your role as a Deputy Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Bangalore,Karnataka,India Job ID 768423 Join our Team About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

SIEM Implementation Lead Experience: 7-9 years Location: Pune Employment Type: Full-time Job Overview We are looking for an experienced SIEM Implementation Lead to manage and drive end-to-end SIEM deployments across enterprise environments. The ideal candidate will have deep technical expertise in security monitoring, incident detection, and security architecture using SIEM platforms. Key Responsibilities (KRAs) Lead the design, implementation, and configuration of SIEM platforms (e.g., Splunk, QRadar, ArcSight, LogRhythm) Integrate security data sources and ensure effective log management across all layers Define and tune use cases, correlation rules, and alerting mechanisms Work with SOC and IT teams to refine alert triaging and incident escalation workflows Perform SIEM health checks, capacity planning, and optimization Document SIEM architecture, configurations, and operational procedures Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, ISO 27001) Required Skillsets Hands-on experience with leading SIEM tools (e.g., Splunk, IBM QRadar, ArcSight) Deep understanding of log parsing, normalization, and data ingestion techniques Strong knowledge of cybersecurity frameworks (e.g., MITRE ATT&CK, NIST) Experience in scripting languages (e.g., Python, Bash) for automation Familiarity with firewall, IDS/IPS, antivirus, endpoint security solutions Strong leadership and project management skills Certifications like SIEM Engineer, CISSP, or GCIA preferred (ref:hirist.tech) Show more Show less

Sales Specialist Meet the Team Indian enterprise sector is going through huge digital transformation. Areas like Cloud adaption, Sophisticated Analytics, AI, IOT, Block chain & Robotic Process Automation, Information Security are key building block towards this transformation. You would be responsible for Building Cisco Security Business pipeline & achieve the Security Annual targets in the large enterprise segment Your Impact Lead Large Customer Engagement with CISO level conversation within Ciscos top enterprises and conglomerate. Support Sales Account Management (AMs) as Cyber Security Sales Specialist in large sophisticated projects (comprising of Zero Trust Architecture, Securing cloud work loads, transforming SOC, Micro segmentation and others) Understand the client/sector requirements and Map Cisco Security products & Services & Build Solution Stack for Sales Account Managers Understand NIST, CERTIN guidelines, mitre att&ck framework, OT Security. Good understanding of Cisco Security products. Well engaged with Tier-1 & Tier-2 SI Drive Cisco Security product sales within commercial segment in Manufacturing, PSU, ITeS, Digital Native and Pharma Who You'll Work With GSSO SE team Account Manager Product Engineering BU across vertical Regional SE Team Regional Channel Team Minimum Qualifications 8-10 Years of experience in Security OEM / Service Provider Environment in managing Sales/ Pre-Sales/Product Management function Good understanding of business scenarios with solution expertise to formulate a realistic and executable strategy for Security adoption among enterprises. Possess blend of technology expertise across various cyber security vendors, enterprise networks, datacenter, cloud networking and Information systems security. Good connects with Cybersecurity decision makers in enterprises

The SIEM Administrator will be responsible for administering the deployed SIEM service. The candidate is also expected to have hands on experience of deploying a SIEM solution from scratch, where the candidate should have the skills and knowledge to gather all the required information to build the SIEM solution. In-depth knowledge of technical approaches in security analytics, monitoring and alerting. Maintains technical knowledge within areas of expertise. This role is also responsible for identifying, analyzing, developing new or tuning & Refinement of the content or use cases. Strong problem solving and troubleshooting skills including the ability to perform root cause analysis for preventative investigation Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Should have experience in any of the query language i.eAQL ,KQL, SPL, LEQL etc for writing the complex queries & saved search creation. Should have strong knowledge of different cybersecurity frameworks i.e.MITRE, NIST and Cyber kill chain model. Should have understanding of regular expression writing and custom parsing Preferred technical and professional experience Collaborate with key stakeholders within technology, application and cyber security to develop use cases to address specific business needs. Create technical documentation around the content deployed to the SIEM. Creates and develops correlation and detection rules with SIEM solution, reports & dashboards to detect emerging threats

As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. * Responsible for security researcher to provide insight and understanding of new and existing information security threats * Responsible to participate in recommending improvements to SOC security process, procedures, policies, security incident management and vulnerability management processes * You will be involved in evaluating, recommending, implementing, and solving problems related to security solutions and evaluating IT security of the new IT Infrastructure systems * Keep yourself up-to-date with emerging security threats including applicable regulatory security requirements * Work in a 24x7 Security Operation Centre (SOC) environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * Minimum 2+ years’ experience in SIEM. * Proven expertise in handling the daily monitoring of Information Security events on the QRadar / ArcSight / Splunk console platform * Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists * Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Managed Cloud Security Services Good to have skills : Security Information and Event Management (SIEM), Incident Management, Delivery & Service ManagemMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). A typical day involves overseeing project implementation and ensuring successful delivery of security services. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead the implementation and delivery of Security Services projects- Leverage global delivery capability for successful project execution- Ensure adherence to project timelines and quality standards Professional & Technical Skills: - Must To Have Skills: Proficiency in Managed Cloud Security Services- Good To Have Skills: Experience with Incident Management- Strong understanding of security protocols and best practices- Knowledge of Security Information and Event Management (SIEM) systems- Experience in managing security incidents and response procedures Additional Information:- The candidate should have a minimum of 7.5 years of experience in Managed Cloud Security Services- This position is based at our Bengaluru office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Work with asset owners to ensure the timely and efficient collection of computer security events and logs for the purpose of detecting and responding to information security incidents. Roles & Responsibilities:- Lead the implementation and delivery of Security Services projects- Leverage global delivery capability for successful project execution- Ensure adherence to project timelines and quality standards Professional & Technical Skills- Proficiency in any Security Information and Event Management (SIEM)- Experience with Security Risk Assessment, Google SecOps- Strong understanding of security principles and practices- Experience in implementing security solutions- Knowledge of threat detection and incident response- Ability to analyze and interpret security data- Engage with multiple teams and contribute on key decisions- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Provide solutions to problems for their immediate team and across multiple teams- Verify custom reports, manage log source groups, and validate log sources with client- Maintain a close partnership with SIEM on feature requests, upgrade planning, and product roadmap alignment- Focus on content creation regarding advanced threat analysis (rules, variables, trending, watch lists, etc.) of incoming data and for self-monitoring of the solution itself.- Perform supporting tasks such as system hardening, high availability configurations, and developing backup strategies.- Identify and implement Automation opportunities in project- Troubleshoot issues with log sources or systems with vendor, and report system defects as needed- Coordinate & lead the technical discussions with Client/vendors.- Identify root cause of security incidents.- Implement SOC best practices to deliver business outcomes Professional & Technical Skills: -Experience in Information Security, Risk Management, Infrastructure Security and Compliance- Experience on SOC Operation-Experience in working UBA and Advanced Threat Detection- Any Security device Installations, Configuration, and troubleshooting (e.g., firewall, IDS, etc.)- Hands on experience in any SIEM tool- Mid-level expertise in UNIX, Linux, and Windows- Experience working in a diversified, virtual environment.-Scripting experience in any language- Experience in data manipulation and regular expressions- Experience with Database installation & configuration- Certifications such as CISSP, ITIL, CISA, CISM, GIAC-GCIA, AWS/Azure/Cloud based Certifications- Advanced Certification from any SIEM vendor on products such as ArcSight, QRadar, McAfee Nitro, RSA SA, SPLUNK, Google SecOps etc. Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Information and Event Management (SIEM)- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Job requisition ID :: 82314 Date: Jun 11, 2025 Location: Hyderabad Designation: Deputy Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Manager in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Deloitte India is seeking a SOC Manager Lead team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Key Responsibilities: Skills & Knowledge : Lead a team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Training of L1 and L2 resources on latest attack vectors and log analysis. Work with the SIEM Engineering team to fine tune the use cases and content on the SIEM platform. Bring down the false positives to a manageable level. Manage the work pressure on the project and keep the team alert and manage their work life balance. Ensure timely preparation of daily/weekly/monthly reports. Desired qualifications Sound Cyber Security Principles and well versed in security domains of Endpoint , Network, Database, Cloud Security technologies like IPS, WAF, Firewall, Deception, Cloud Security, AV, EDR, . Conduct senior level log analysis, proactive monitoring, mitigation & response to network & security incidents. Triage security events and carry out incident response steps. Implement & Maintain Extensive Security Operation Policies and procedures documentation including AWS cloud Proactively Hunt & research potential malicious activity using tool like Cortex, Shodan, Qrdar etc. Identify Indicator of Compromise through static & dynamic analysis of commodity and 0-day malware Perform advanced security event detection and threat analysis for complex and/or escalated security events. QRadar , Demisto/XSOAR , Qualys, MITRE Framework Attack Methodology. Preferred Certifications IBM QRadar SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Hyderabad Professional is required to work from office Your role as Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. Professionals with 8-10 years of relevant experience in SOC platform engineering (AWS OpenSearch SIEM, Logstash, ElastAlert) Subject Matter Expert in AWS cloud deployments & Kubernetes configurations Work with client's Cybersecurity management to continue to mature the SOC platform Maintain SOC compliance adhering to RBI Fintech regulations Lead the SOC platform engineering team Usecases management - Creation of new usecases / fine-tune existing usecases specific for client environment Develop custom dashboards and reporting templates Document & maintain relevant SOPs related to SOC platform engineering How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Role Overview: We are seeking a dynamic and results-driven Cybersecurity Enterprise Sales professional to join our team. This role is focused on selling advanced cybersecurity solutions, including SIEM, SOAR, and Adaptive MDR offerings, to mid-to-large enterprises. The ideal candidate will have a strong foundation in cybersecurity operations, particularly SIEM engineering, and a proven track record in enterprise technology sales. Key Responsibilities : Develop and execute a strategic sales plan to meet and exceed quarterly and annual sales targets. Identify, qualify, and pursue new business opportunities in enterprise accounts. Conduct engaging product presentations and solution demonstrations to prospective clients. Understand customer security needs and map solutions accordingly, with a focus on SIEM, SOAR, and MDR. Lead contract negotiations and close deals. Build and maintain long-term relationships with key stakeholders and channel partners. Stay current on the latest cybersecurity trends and emerging technologies. Collaborate with internal technical and product teams to align solutions with customer needs. Required Qualifications: Bachelor's degree in Business, Computer Science, Information Security, or a related field. 4–8 years of experience in cybersecurity sales, with a focus on enterprise customers. Hands-on understanding of SIEM tools (e.g., Splunk, IBM QRadar, Securonix) and security operations workflows. Proven ability to meet or exceed sales targets in a complex, solution-oriented environment. Excellent communication, presentation, and negotiation skills. Self-starter with the ability to work independently and cross-functionally. Preferred Skills: Experience selling MDR, SIEM, SOAR, or AI-driven security solutions. Familiarity with SaaS security platforms and cloud security posture management. Background in threat detection, incident response, or SIEM engineering is a strong plus. Job Type: Full-time Schedule: Day shift Work Location: In person

Job requisition ID :: 79715 Date: Jun 11, 2025 Location: Hyderabad Designation: Assistant Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Assistant Manager in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Deloitte India is seeking a SOC Manager Lead team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Key Responsibilities: Skills & Knowledge : Lead a team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Training of L1 and L2 resources on latest attack vectors and log analysis. Work with the SIEM Engineering team to fine tune the use cases and content on the SIEM platform. Bring down the false positives to a manageable level. Manage the work pressure on the project and keep the team alert and manage their work life balance. Ensure timely preparation of daily/weekly/monthly reports. Desired qualifications Sound Cyber Security Principles and well versed in security domains of Endpoint , Network, Database, Cloud Security technologies like IPS, WAF, Firewall, Deception, Cloud Security, AV, EDR, . Conduct senior level log analysis, proactive monitoring, mitigation & response to network & security incidents. Triage security events and carry out incident response steps. Implement & Maintain Extensive Security Operation Policies and procedures documentation including AWS cloud Proactively Hunt & research potential malicious activity using tool like Cortex, Shodan, Qrdar etc. Identify Indicator of Compromise through static & dynamic analysis of commodity and 0-day malware Perform advanced security event detection and threat analysis for complex and/or escalated security events. QRadar , Demisto/XSOAR , Qualys, MITRE Framework Attack Methodology. Preferred Certifications IBM QRadar SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Hyderabad Professional is required to work from office Your role as Consultant/Sr Consultant. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. Professionals with 3-5 years of platform engineering experience in AWS OpenSearch SIEM Good understanding of cloud services and DevSecOps practices Experience in multi-tenant platform deployment using Kubernetes / Docker Manage the integration of new log sources with AWS OpenSearch SIEM tool Identify and resolve issues in the ingestion of logs to SIEM Manage and administer the SIEM / SOC platform through DevSecOps centric approach Manage the patch / version / OS upgrades of SIEM / SOC components How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

About Zscaler Serving thousands of enterprise customers around the world including 40% of Fortune 500 companies, Zscaler (NASDAQ: ZS) was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. As the operator of the world’s largest security cloud, Zscaler accelerates digital transformation so enterprises can be more agile, efficient, resilient, and secure. The pioneering, AI-powered Zscaler Zero Trust Exchange™ platform, which is found in our SASE and SSE offerings, protects thousands of enterprise customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Named a Best Workplace in Technology by Fortune and others, Zscaler fosters an inclusive and supportive culture that is home to some of the brightest minds in the industry. If you thrive in an environment that is fast-paced and collaborative, and you are passionate about building and innovating for the greater good, come make your next move with Zscaler. At Zscaler, our Customer Success Organization is a global, customer-focused team dedicated to delivering high-impact experiences and identifying innovative solutions. We leverage valuable data and research to provide expert, hands-on support starting from the implementation phase and beyond, ensuring customers achieve their goals and leverage our technology to its fullest potential. Together, we create a customer-centric culture that fosters success, adoption, and continuous growth. We're looking for an experienced Product Support Engineer III - DLP to join our Global Customer Support team. Reporting to the Manager, Product Support you'll be responsible for: Serving as the primary point of contact for escalated DLP issues, providing advanced troubleshooting and resolution for the escalated DLP cases Taking ownership of complex and critical cases, ensuring they are resolved effectively and efficiently Performing detailed root cause analysis to identify underlying issues and implement long-term solutions for the customers Working closely with product development, engineering, and other cross-functional teams to resolve issues and improve Zscaler DLP products and services Maintaining clear and proactive communication with customers throughout the escalation process, providing regular updates and managing expectations What We're Looking for (Minimum Qualifications) Minimum of 7+ years of experience in technical support, with at least 3 years focused on DLP/CASB solutions and escalations Expert knowledge of DLP technologies and tools (e.g., Symantec DLP, McAfee DLP, Forcepoint DLP, etc.) Experience with data loss prevention, securing SaaS and Cloud Access Security Brokers (CASB) Good understanding of Unix/Linux and Windows operating systems Strong understanding of data protection principles and practices What Will Make You Stand Out (Preferred Qualifications) Experience with scripting and automation e.g., Python, PowerShell Knowledge of regulatory requirements and compliance standards (e.g., GDPR, HIPAA, PCI-DSS) Familiarity with ticketing systems and support tools (e.g., ServiceNow, Salesforce, JIRA etc) #LI-Hybrid #LI-RR1 At Zscaler, we are committed to building a team that reflects the communities we serve and the customers we work with. We foster an inclusive environment that values all backgrounds and perspectives, emphasizing collaboration and belonging. Join us in our mission to make doing business seamless and secure. Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including: Various health plans Time off plans for vacation and sick time Parental leave options Retirement options Education reimbursement In-office perks, and more! By applying for this role, you adhere to applicable laws, regulations, and Zscaler policies, including those related to security and privacy standards and guidelines. Zscaler is committed to providing equal employment opportunities to all individuals. We strive to create a workplace where employees are treated with respect and have the chance to succeed. All qualified applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy or related medical conditions), age, national origin, sexual orientation, gender identity or expression, genetic information, disability status, protected veteran status, or any other characteristic protected by federal, state, or local laws. See more information by clicking on the Know Your Rights: Workplace Discrimination is Illegal link. Pay Transparency Zscaler complies with all applicable federal, state, and local pay transparency rules. Zscaler is committed to providing reasonable support (called accommodations or adjustments) in our recruiting processes for candidates who are differently abled, have long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support.

6+ years of hands-on experience in QRadar administration and content development. Deep knowledge of QRadar rule engine , flows , log source protocols (Syslog, CEF, LEEF) , Integration of Non supported devices and parser tuning . Experience with AQL (Advanced Query Language) and QRadar APIs. Familiarity with MITRE ATT&CK , threat detection use cases, and security operations workflows. Develop, test, and tune custom correlation rules , building blocks , custom properties , reference sets , and offenses to enhance threat detection. Perform offense triage , false positive reduction , and collaborate with threat intelligence teams to enrich detection content Knowledge of SOAR and threat hunting Strong background in Windows/Linux log analysis, networking, and common attack vectors. Strong background of implementation of DC/DR setup of Qrardar/other tools Comfortable working in large-scale environments with high EPS and distributed QRadar components. Monitor and maintain the health and performance of the QRadar environment (HA, storage, patching, backup, etc.). Strong communication skills, both written and verbal Good understanding of Internal/External Audit and risk assessment of the tools Show more Show less

Job requisition ID :: 84053 Date: Jun 12, 2025 Location: Delhi Designation: Senior Executive Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile Deloitte India is seeking a SOC Analyst L1 with expertise in QRadar SIEM tool to join our Security Operations Center (SOC) team. The ideal candidate will have hands-on experience in configuring, managing, and optimizing QRadar SIEM tool, as well as a strong understanding of threat hunting techniques and SOAR tools. Desired qualifications 2 years of experience. Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams and stakeholders. Certification’s requirements: CEH/ CISSP/CISM/ CompTIA/ CASP+, or equivalent. Hands-on experience with QRadar SIEM Bachelor’s degree in engineering, information security, or related field. Location and way of working Base location: Mumbai Professional is required to work from office. Your role as a Deputy Manager Monitor security alerts and events from various sources, including QRadar SIEM. Perform initial triage and classification of incidents. Investigate alerts to identify potential security incidents. Escalate confirmed incidents to SOC L2 Analysts and/or Incident Response Team. Document incident details, actions taken, and resolution steps in the incident management system. Assist in the containment and mitigation of security threats. Utilize threat intelligence feeds and tools to enhance detection capabilities. Generate and deliver security reports and metrics to stakeholders. Participate in post-incident reviews to identify gaps and improvements in the SOC processes. Stay updated with the latest security trends, vulnerabilities, and attack vectors. Willingness to work in a 24x7 rotational shift model, including night shifts, is mandatory. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role We are seeking a skilled SIEM Administrator to manage and optimize different SIEM solutions. The ideal candidate will be responsible for system administration, log integration, troubleshooting, Deployment, Implementation and maintaining security posture for the organization. Key Responsibilities SIEM Administration: Install, configure, maintain, and upgrade SIEM components. (IBM Qradar SIEM, DNIF, Splunk & Securonix). Log Management Onboard, parse, and normalize logs from various data sources (firewalls, servers, databases, applications, etc.) Custom log source integration and parser development. System Monitoring & Troubleshooting Ensure SIEM tools are functioning optimally. Monitor & regular health check perform for SIEM tools. troubleshoot system errors and resolve performance issues. Conduct regular performance tuning and capacity planning Perform root cause analysis for system failures & performance issues. Optimize system performance and storage management for SIEM Integration & Automation Integrate third-party security tools (firewalls, EDR, threat intelligence feeds) with SIEM. Compliance & Audits Ensure log retention policies comply with regulatory standards. Develop & enforce SIEM access controls & user roles/permissions. Documentation & Training Document system configurations, SOP’s & troubleshooting documents. Prepare monthly/ weekly reports and PPT, onboarding documentation as per business/ client requirement. Dashboard & Report Development Create & maintain custom dashboards & reports Optimize searches & reports for performance and efficiency. Other Knowledge Base Hands on experience with Linux OS & Windows OS Basic to mediator level knowledge in networking skills Should be familiar with Azure, AWS or GCP products Required Skills & Qualifications B.E/B.Tech degree in computer science, Cybersecurity, or related field (preferred). 1-3 years experience as Soc Admin Strong knowledge of SIEM architecture, log sources, and event correlation. Proficiency in log management, regular expressions, and network security concepts. Experience integrating SIEM with various security tools (firewalls, IDS/IPS, antivirus, etc.). Scripting knowledge (Python, Bash, or PowerShell) is a plus. Training or Certificate on Splunk or IBM Qradar Preferred. Soft Skills Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Ability to work independently and in a team. Must Have Skills Hands-on experience with SIEM tools like IBM QRadar, Splunk, Securonix, LogRhythm, Microsoft Sentinel, DNIF etc. Proficiency in IBM Qradar & Splunk administration Configuring, maintaining, and troubleshooting SIEM solutions. Log source integration, parsing, and normalization. Strong knowledge of TCP/IP, DNS, HTTP, SMTP, FTP, VPNs, proxies, and firewall rules. Familiarity with Linux and Windows system administration. Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted. Show more Show less

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role We are seeking a highly skilled Security Analyst (Level 2) to join our MSSP SOC team. The ideal candidate will have expertise in SIEM (Splunk, QRadar), XDR/EDR solutions, and security analysis with hands-on experience in investigating and responding to security alerts. This role requires proficiency in reviewing and analyzing Level 1 alerts, providing detailed recommendations, and engaging with customers for incident handling. The candidate should also have basic SIEM administration knowledge and Python scripting skills for troubleshooting and playbook development. Key Responsibilities Threat Detection & Response: Analyze and investigate security alerts, events, and incidents generated by SIEM, XDR, and EDR solutions. Incident Investigation & Handling: Conduct in-depth security incident investigations, assess impact, and take appropriate actions. Incident Escalation & Communication: Escalate critical incidents to Level 3 analysts or senior security teams while maintaining detailed documentation. Content Management: Develop and fine-tune correlation rules, use cases, and alerts in SIEM/XDR platforms to improve detection accuracy. Malware Analysis: Perform basic malware analysis and forensic investigation to assess threats. Customer Request Handling: Collaborate with customers to address security concerns, provide recommendations, and respond to inquiries. SIEM Administration: Assist in the administration and maintenance of SIEM tools like Splunk or QRadar, ensuring smooth operations. Automation & Playbooks: Utilize Python scripting for automation, troubleshooting, and playbook development to enhance SOC efficiency. Reporting & Documentation: Prepare detailed reports on security incidents, trends, and mitigation strategies. Basic Qualifications B.E/B. Tech degree in computer science, Information Technology, Masters in Cybersecurity 3+ years of experience in a SOC or cybersecurity operations role. Strong knowledge of SIEM tools (Splunk, QRadar) and XDR/EDR solutions. Hands-on experience in threat detection, security monitoring, and incident response. Knowledge of network security, intrusion detection, malware analysis, and forensics. Basic experience in SIEM administration (log ingestion, rule creation, dashboard management). Proficiency in Python scripting for automation and playbook development. Good understanding of MITRE ATT&CK framework, security frameworks (NIST, ISO 27001), and threat intelligence. Strong analytical, problem-solving, and communication skills. Ability to work in a 24x7 SOC environment (if applicable) Preferred Qualifications Certified SOC Analyst (CSA) Certified Incident Handler (GCIH, ECIH) Splunk Certified Admin / QRadar Certified Analyst CompTIA Security+ / CEH / CISSP (preferred but not mandatory Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted. Show more Show less

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role We are seeking a skilled SIEM Administrator to manage and optimize different SIEM solutions. The ideal candidate will be responsible for system administration, log integration, troubleshooting, Deployment, Implementation and maintaining security posture for the organization. Key Responsibilities SIEM Administration: Install, configure, maintain, and upgrade SIEM components. (IBM Qradar SIEM, DNIF, Splunk & Securonix). Log Management Onboard, parse, and normalize logs from various data sources (firewalls, servers, databases, applications, etc.) Custom log source integration and parser development. System Monitoring & Troubleshooting Ensure SIEM tools are functioning optimally. Monitor & regular health check perform for SIEM tools. troubleshoot system errors and resolve performance issues. Conduct regular performance tuning and capacity planning Perform root cause analysis for system failures & performance issues. Optimize system performance and storage management for SIEM Integration & Automation Integrate third-party security tools (firewalls, EDR, threat intelligence feeds) with SIEM. Compliance & Audits Ensure log retention policies comply with regulatory standards. Develop & enforce SIEM access controls & user roles/permissions. Documentation & Training Document system configurations, SOP’s & troubleshooting documents. Prepare monthly/ weekly reports and PPT, onboarding documentation as per business/ client requirement. Dashboard & Report Development Create & maintain custom dashboards & reports Optimize searches & reports for performance and efficiency. Hands on experience with Linux OS & Windows OS Basic to mediator level knowledge in networking skills Should be familiar with Azure, AWS or GCP products Basic Qualifications B.E./B.Tech in Computers or related field (preferred). 4+ Years of Experience in SOC Administration. Strong knowledge of SIEM architecture, log sources, and event correlation. Preferred Qualifications Proficiency in log management, regular expressions, and network security concepts. Experience integrating SIEM with various security tools (firewalls, IDS/IPS, antivirus, etc.) Scripting knowledge (Python, Bash, or PowerShell) is a plus. Training or Certificate on Splunk or IBM Qradar Preferred. Experience with SIEM tools like IBM QRadar, Splunk, Securonix, LogRhythm, Microsoft Sentinel, DNIF etc. Proficiency in IBM Qradar & Splunk administration. Configuring, maintaining, and troubleshooting SIEM solutions. Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted. Show more Show less

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Key responsibilities : Working as part of multi-skilled IOT platform team working across different tech areas on various Linux based operating systems. Contributing to end-to-end software execution of Qualcomm SoC based IOT products. Work closely with Product Marketng team to understand new platforms, and requirements, Evaluate feature requirements, come up with resource planning, lead a small team on engineers with varied skills Feature development for Android and Linux/Ubuntu based Snapdragon products. Support platform bringups across various SoCs, co-ordianate with cross functional teams on identifying and fix the issues Work with customer engineering team to support customer esclated issues which are platform specific Ensuring that the product deliverables are made on-time, and are competitive with respect to functionality, stability and performance. Working closely with geographically distributed core & execution teams spread across time-zones. : Bachelors/Masters degree in Engineering, Information Systems, Computer Science, or related field. Strong development experience with C/C++ and good programming skills. Experience scoping new requirements, working with cross functional teams, assigning works and managing teams Strong communication skills and analytics skills Strong hands-on experience on Android and/or Ubuntu and understanding of Linux related concepts like systemd, SELinux, Snaps, Sandboxing, Container, Docker, etc. Strong understanding of Linux kernel and internals. Strong understanding of SOC systems and related concepts, including bring-up. Good know-how of Multimedia subsystems like Camera, Video, Audio, Display and Graphics. Strong hands-on experience with troubleshooting software and system issues. Strong hands-on experience with full software development life cycle including design, implementation, deployment and support. Strong aptitude, quick learner, self-motivated, willing to explore and work across breadth of various technology areas. Deductive problem solving, good verbal and written communication skills for collaboration across teams. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 1+ year of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field. 2+ years of academic or work experience with Programming Language such as C, C++, Java, Python, etc.

Job Area: Engineering Group, Engineering Group > Systems Engineering General Summary: In this position you will join the team responsible for the security architecture of Qualcomm Snapdragon processors. The team works at a system level spanning across hardware, software and infrastructure while striving for industry-leading solutions. This team interacts with product management, customers (e.g., OEMs), partners, HW/SW engineering, and Services engineering teams to find the optimal Security solution. Snapdragon processors are utilized in a variety of devices, including mobile phones, laptops, automotive systems, and data centers, each with distinct security needs. These processors are engineered to address most of these requirements, encompassing a wide range of security technologies found in consumer electronics, such as Root of Trust, Integrated Secure Element, Virtualization, and Confidential Compute. Minimum Qualifications 10+ years industry experience in SoC Security encompassing both architecture and design 5+ years industry experience in Compute and/or Data Centre SoC Architecture Demonstrated expertise in Security Technologies (Root of Trust, TEE, Access Control, I/O Security) Proficient in Confidential Compute Architecture (RME, TDX, SEV-SNP, TDISP) Strong understanding of Security Software Architecture for Compute and Data Centers, with a focus on Secure Boot. Skilled in HW/SW threat analysis Strong capabilities in creating and presenting architecture-level documentation. Preferred Qualifications Proficient in isolation-related extensions, including TrustZone, Virtualization, and RME. Extensive knowledge of Server Platform security architecture covering lifecycle/debug management, provisioning, attestation/measurement. Expertise in Applied Cryptography and Protocols. Knowledgeable about Security Certification Processes and (such as OCP) Excellent communication and teamwork skills. Leadership and management experience at the project level Key Responsibilities Establish system security requirements (both hardware and software) for Server SoC focusing on functionality, performance, and security levels. Specify and review the architecture and implementation of System/SoC level security mechanisms. Conduct platform security threat analysis. Perform competitive analysis of security systems and features Explore future and roadmap server security-related technologies. Serve as the technical interface to product management and standards teams. Minimum Qualifications: Bachelors degree in engineering, Computer Science, or related field and 8+ years of Security Engineering or related work experience. ORMasters degree in engineering, Computer Science, or related field and 7+ years of Security Engineering or related work experience.ORPhD in Engineering, Computer Science, or related field and 6+ years of Security Engineering or related work experience. Note References to a particular number of years experience are for indicative purposes only. Applications from candidates with equivalent experience will be considered, provided that the candidate can demonstrate an ability to fulfill the principal duties of the role and possesses the required competencies. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 4+ years of Systems Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 3+ years of Systems Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 2+ years of Systems Engineering or related work experience.

Rackspace Security (Public Cloud) Security Engineer L3 (Endpoint Security) About Rackspace Cyber Defence Rackspace Cyber Defence is our next generation cyber defence and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services. Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads. Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive , threat-informed , risk-based , intelligence-driven approach to detecting and responding to threats. Our mission is to help our customers: Defend against new and emerging risks that impact their business Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments Reduce their exposure to risks that impact their identity and brand Develop operational resilience Maintain compliance with legal, regulatory and compliance obligations What we’re looking for To support our continued success and deliver a Fanatical Experience™ to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspace’s strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection & Response (EDR) services to customers. The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection & Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers. You will also be required to liaise closely with the customer’s key stakeholders, which may include incident response and disaster recovery teams as well as information security. Key Accountabilities Ensure the Customer’s operational and production environment remains healthy and secure at all the times Assist with customer onboarding – customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s). Advance platform administration. Critical platform incident handling & closure. As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection & Response. Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams. Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s) Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc. Co-ordinate with vendor for issue resolution. Required to work flexible timings Skills & Experience Should have 8+ years experience in Security Engineering Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection & Response Experience of working with cloud native Endpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud Experience of working in two (or more) of the following additional security domains: o SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc. o AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail . Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell Knowledge of Malware reverse engineering, threat detection and threat hunting. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - o Microsoft Certified: Azure Security Engineer Associate (AZ500) o Microsoft Certified: Security Operations Analyst Associate (SC-200) o Systems Security Certified Practitioner (SSCP) o Certified Cloud Security Professional (CCSP) o GIAC Certified Incident Handler (GCIH) o GIAC Security Operations Certified (GSOC) o CrowdStrike admin Certified A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure An individual who shows a willingness to go above and beyond in delighting the customer A good communicator who can explain security concepts to both technical and non-technical audiences About Rackspace Technology We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data, and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes, and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future. More about Rackspace Technology Though we are all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, colour, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know. Show more Show less

Description And Requirements CareerArc Code CA-JF Hybrid "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! Our IS&T (Information Services and Technology) department provides all the required technology and operational support services to run our business here in BMC! We have over 200 servers on premises to support production, disaster recovery, databases, applications and over 1000 servers in Lab environment. IS&T is transformational not only for BMC but also for the customer experience, because we give a 360 degrees view to the customer about the products they should know, opportunities in the pipeline, and any service issues outstanding with the customer. We use cutting-edge technologies to manage BMC's infrastructure and showcase it to the customers – program is called BMC on BMC! We are seeking a proactive and technically capable Cyber Threat Management Engineer to join our cybersecurity threat management team. This early-career role is ideal for individuals with foundational experience in cybersecurity who are ready to grow their technical skills and contribute to BMC’s threat detection and response capabilities. You will play an integral part in identifying, analyzing, and mitigating cyber threats across BMC’s global environment. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Monitor and analyze data from security systems including open source and enterprise solutions. Effectively communicate identified threats and track remediations until completion. Participate in the investigation and technical analysis of security incidents and provide remediation guidance. Integrate threat intelligence feeds and use frameworks like MITRE ATT&CK to assess and defend against current adversary tactics. Contribute to automation initiatives to streamline threat detection, alerting, and response workflows. Support threat hunting and red team exercises. Document findings, techniques, and outcomes in knowledge bases and reports. To ensure you’re set up for success, you will bring the following skillset & experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field—or equivalent hands-on experience. Foundational experience (e.g., 1–2 years) in cybersecurity operations, threat analysis, or incident response. Proficiency with at least one SIEM platform (e.g., Splunk, QRadar, Sentinel). Proficiency with enterprise solutions providing dark web monitoring, attack surface management, threat intelligence, and risk rating. Understanding of network protocols, operating systems, and cybersecurity fundamentals. Strong scripting or automation skills (e.g., Python, PowerShell, Bash) Excellent communication and documentation abilities. Whilst these are nice to have, our team can help you develop in the following skills: Familiarity with threat intelligence tools and frameworks (e.g., MISP, STIX/TAXII). Knowledge of cloud security practices (AWS, Azure, or GCP). Relevant certifications such as CompTIA Security+, CySA+, SC-200, or GIAC (GCIH, GCIA, GCTI). Curiosity for cybersecurity and continuous learning. BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,725,800 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Min salary 1,294,350 Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. Mid point salary 1,725,800 Max salary 2,157,250 Show more Show less

Job Title : Presales Lead Job Location: Mumbai (Thane/Andheri) Job Purpose: The Presales Lead will drive cybersecurity solutioning, customer engagement, and sales enablement across MDR/CES/MSSP services. They must have strong expertise in security technologies (SIEM, EDR, firewalls, cloud security) and IT infrastructure. Responsibilities include responding to RFPs, conducting PoCs, crafting proposals, and engaging with C-level executives. Strong consultative selling, presentation, and negotiation skills are essential. The role requires collaboration with sales, technical, and product teams, along with CRM proficiency. Roles & Responsibilities 1. Solutioning & Technical Expertise Understand customer security needs and design tailored cybersecurity solutions across MDR/CES/MSSP services. Conduct Proof of Concepts (PoCs), product demos, and technical workshops to showcase solutions. Stay updated on cybersecurity trends and technologies (SIEM, SOAR, XDR, Cloud Security, IAM/PAM, Firewalls, Endpoint Security, Threat Intelligence). 2. RFP/RFI & Proposal Management Lead technical responses to RFPs/RFIs, ensuring high-quality proposal submissions. Develop and present compelling business cases, solution architectures, and value propositions for clients. Work with internal teams to create pricing models, service offerings, and customized solutions based on client needs. 3. Sales & Customer Engagement Engage with C-level executives, IT teams, and security stakeholders to drive technical discussions. Act as a trusted advisor , translating complex cybersecurity concepts into business-friendly solutions. Support the sales team in deal closure by addressing objections, defining technical scopes, and guiding the sales cycle. 4. Market Intelligence & Competitive Analysis Analyze competitor offerings, industry trends, and emerging threats to refine presales strategies. Collaborate with marketing and product teams to enhance solution messaging and positioning. Identify upselling and cross-selling opportunities by aligning solutions with customer business goals. 5. Internal & Cross-Functional Collaboration Work closely with the delivery, technical, and product teams to ensure seamless solution deployment. Train and enable sales teams on cybersecurity products, services, and market differentiators . Maintain accurate pipeline tracking and reporting using CRM tools (Salesforce, HubSpot, Zoho, etc.) . Skills / Certificates Required: The Presales Lead should have expertise in cloud security (AWS, Azure, GCP), Zero Trust, IAM, PAM, and SOC operations, along with knowledge of automation (SOAR, XDR) and AI-driven threat detection. Strong business acumen, leadership, and stakeholder management skills are essential. Preferred certifications include AWS Security, SC-900, CISA, CRISC, OSCP, GPEN, and ITIL or PMP for project management. Experience with SIEM tools like Splunk and QRadar is a plus. The role requires a strategic mindset, problem-solving skills, and the ability to assess security investments and ROI while aligning cybersecurity solutions with business needs. Experience: 4+ years in a pre-sales or solution consulting role, preferably in MDR, MSSP, CES, or cybersecurity services. Show more Show less