2439 Qradar Jobs - Page 26

Roles and Responsibility Conduct thorough risk assessments and vulnerability testing to identify potential security threats. Develop and implement comprehensive security strategies to mitigate identified risks. Collaborate with cross-functional teams to ensure seamless integration of security measures. Monitor and analyze security event logs to detect anomalies and respond promptly to incidents. Stay up-to-date with emerging trends and technologies in cybersecurity. Provide expert guidance on security best practices to internal stakeholders. Job Requirements Strong understanding of security principles, including threat analysis and risk management. Proficiency in security tools such as firew...

Job Title: Infosec L2 Security Analyst (Security Operations Center - Advanced) Location: From Kochi Office (Onsite) Job Summary: The L2 Security Analyst is responsible for performing advanced incident analysis, investigating security escalations from L1 analysts, conducting vulnerability assessments, and actively supporting threat hunting and malware analysis. This role acts as a critical link within the SOC by coordinating incident response efforts, ensuring compliance with security frameworks, and enhancing the organization's cybersecurity posture through diligent monitoring and remediation activities. Key Responsibilities: Monitor, analyze, and respond to alerts generated by firewalls, pr...

Job Purpose: The L1 SOC Analyst provides the first line of defense by monitoring alerts, performing initial triage (systematic evaluation, prioritization, and response to security alerts.) and escalating incidents as per SOPs and SLAs. Key Responsibilities: • Monitor SIEM, SOAR, EDR, and security dashboards 24x7. • Validate and triage security alerts. • Escalate potential incidents to L2 with proper documentation. • Track incident tickets and ensure SLA compliance. • Maintain situational awareness by tracking known threats. • Perform log analysis and simple threat correlation. Skills & Competencies: • Knowledge of networking basics (TCP/IP, DNS, HTTP, VPN). • Understanding of common threats ...

Job Overview: The Assistant Manager Academic Operations will be responsible for end-to-end delivery of a course/program. Starting with research, anticipation and evaluation of market needs this role would be responsible for working with stakeholders of a program delivery, including the faculty, mentors, sales & marketing and content preparation teams. The role also requires one to evaluate the current offerings and implement strategies for improving the product. Responsibilities and Duties: Academic Operations: Researching about the requisite coursework to be delivered by the program and supporting the faculty with content creation. Onboarding mentors to deliver the course. Looking after sup...

Level - L4 Reports to: SOC Head Position Summary: The SOC Lead will lead the operations of the Security Operations Centre (SOC). The candidate should have deep expertise in security monitoring, incident response, threat intelligence and security technologies. This role is critical in safeguarding digital assets and ensuring rapid detection, response and mitigation of security incidents. Key Responsibilities: Lead and manage the day-to-day operations of the Security Operations Centre (SOC) team. Oversee monitoring, detection, analysis, and response to security incidents using SIEM tools and other security technologies. Oversee tuning and optimization of SIEM platforms (e.g. Azure sentinel, Lo...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level - L3 The SOC Manager is the operational and strategic leader of the Security Operations Center. This role is responsible for managing people, processes, and technologies to ensure the SOC delivers effective threat detection, incident response, and continuous improvement. The SOC Manager reports to Head of CDC and acts as the bridge between technical teams and business stakeholders Lead and mentor SOC staff across L1, L2, and L3 tiers Oversee hiring, onboarding, training, certification and performance evaluations Coordinate 24x7 shift coverage and ensure readiness for high-severity incidents Manage day-to-day SOC operations, including alert triage, incident escalation, and response coor...

Level - L3 The SOC Manager is the operational and strategic leader of the Security Operations Center. This role is responsible for managing people, processes, and technologies to ensure the SOC delivers effective threat detection, incident response, and continuous improvement. The SOC Manager reports to Head of CDC and acts as the bridge between technical teams and business stakeholders Lead and mentor SOC staff across L1, L2, and L3 tiers Oversee hiring, onboarding, training, certification and performance evaluations Coordinate 24x7 shift coverage and ensure readiness for high-severity incidents Manage day-to-day SOC operations, including alert triage, incident escalation, and response coor...

Level - L3 The SOC Manager is the operational and strategic leader of the Security Operations Center. This role is responsible for managing people, processes, and technologies to ensure the SOC delivers effective threat detection, incident response, and continuous improvement. The SOC Manager reports to Head of CDC and acts as the bridge between technical teams and business stakeholders Lead and mentor SOC staff across L1, L2, and L3 tiers Oversee hiring, onboarding, training, certification and performance evaluations Coordinate 24x7 shift coverage and ensure readiness for high-severity incidents Manage day-to-day SOC operations, including alert triage, incident escalation, and response coor...

Level - L3 The SOC Manager is the operational and strategic leader of the Security Operations Center. This role is responsible for managing people, processes, and technologies to ensure the SOC delivers effective threat detection, incident response, and continuous improvement. The SOC Manager reports to Head of CDC and acts as the bridge between technical teams and business stakeholders Lead and mentor SOC staff across L1, L2, and L3 tiers Oversee hiring, onboarding, training, certification and performance evaluations Coordinate 24x7 shift coverage and ensure readiness for high-severity incidents Manage day-to-day SOC operations, including alert triage, incident escalation, and response coor...

Level - L3 The SOC Manager is the operational and strategic leader of the Security Operations Center. This role is responsible for managing people, processes, and technologies to ensure the SOC delivers effective threat detection, incident response, and continuous improvement. The SOC Manager reports to Head of CDC and acts as the bridge between technical teams and business stakeholders Lead and mentor SOC staff across L1, L2, and L3 tiers Oversee hiring, onboarding, training, certification and performance evaluations Coordinate 24x7 shift coverage and ensure readiness for high-severity incidents Manage day-to-day SOC operations, including alert triage, incident escalation, and response coor...

Level : L3 The AI and Automation Lead is responsible for embedding intelligence, efficiency, and scalability into Security Operations Centers (SOCs) by leveraging AI, GenAI, and automation platforms like Microsoft Sentinel, Azure Logic Apps, and Kyndryl Bridge. This role is pivotal in driving transformation, SLA adherence, and operational excellence across global security operations 1. Design and implement AI models for threat detection, behavioural analytics, and anomaly detection using Microsoft Native Tools and Kyndryl Bridge. 2. Integrate GenAI into SOC workflows for predictive threat modelling, incident summarization, and automated RCA generation 3. Lead the development of agentic AI sy...

Level : L3 The AI and Automation Lead is responsible for embedding intelligence, efficiency, and scalability into Security Operations Centers (SOCs) by leveraging AI, GenAI, and automation platforms like Microsoft Sentinel, Azure Logic Apps, and Kyndryl Bridge. This role is pivotal in driving transformation, SLA adherence, and operational excellence across global security operations 1. Design and implement AI models for threat detection, behavioural analytics, and anomaly detection using Microsoft Native Tools and Kyndryl Bridge. 2. Integrate GenAI into SOC workflows for predictive threat modelling, incident summarization, and automated RCA generation 3. Lead the development of agentic AI sy...

Level : L3 The AI and Automation Lead is responsible for embedding intelligence, efficiency, and scalability into Security Operations Centers (SOCs) by leveraging AI, GenAI, and automation platforms like Microsoft Sentinel, Azure Logic Apps, and Kyndryl Bridge. This role is pivotal in driving transformation, SLA adherence, and operational excellence across global security operations 1. Design and implement AI models for threat detection, behavioural analytics, and anomaly detection using Microsoft Native Tools and Kyndryl Bridge. 2. Integrate GenAI into SOC workflows for predictive threat modelling, incident summarization, and automated RCA generation 3. Lead the development of agentic AI sy...

Level : L3 The AI and Automation Lead is responsible for embedding intelligence, efficiency, and scalability into Security Operations Centers (SOCs) by leveraging AI, GenAI, and automation platforms like Microsoft Sentinel, Azure Logic Apps, and Kyndryl Bridge. This role is pivotal in driving transformation, SLA adherence, and operational excellence across global security operations 1. Design and implement AI models for threat detection, behavioural analytics, and anomaly detection using Microsoft Native Tools and Kyndryl Bridge. 2. Integrate GenAI into SOC workflows for predictive threat modelling, incident summarization, and automated RCA generation 3. Lead the development of agentic AI sy...

Level : L3 The AI and Automation Lead is responsible for embedding intelligence, efficiency, and scalability into Security Operations Centers (SOCs) by leveraging AI, GenAI, and automation platforms like Microsoft Sentinel, Azure Logic Apps, and Kyndryl Bridge. This role is pivotal in driving transformation, SLA adherence, and operational excellence across global security operations 1. Design and implement AI models for threat detection, behavioural analytics, and anomaly detection using Microsoft Native Tools and Kyndryl Bridge. 2. Integrate GenAI into SOC workflows for predictive threat modelling, incident summarization, and automated RCA generation 3. Lead the development of agentic AI sy...

Level : L3 Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs). Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations Assist in troubleshooting sensor-related issues, including log collection and root cause analysis Raise and manage support cases with CrowdStrike for unresolved technical problems Maintain documentation of known issues, fixes, and deployment best practices. Conduct proactive threat hunting using Falcons historical and real-time data. Leverage CrowdStrike...

Level : L3 Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs). Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations Assist in troubleshooting sensor-related issues, including log collection and root cause analysis Raise and manage support cases with CrowdStrike for unresolved technical problems Maintain documentation of known issues, fixes, and deployment best practices. Conduct proactive threat hunting using Falcons historical and real-time data. Leverage CrowdStrike...

Level : L3 Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs). Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations Assist in troubleshooting sensor-related issues, including log collection and root cause analysis Raise and manage support cases with CrowdStrike for unresolved technical problems Maintain documentation of known issues, fixes, and deployment best practices. Conduct proactive threat hunting using Falcons historical and real-time data. Leverage CrowdStrike...

Level : L3 Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs). Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations Assist in troubleshooting sensor-related issues, including log collection and root cause analysis Raise and manage support cases with CrowdStrike for unresolved technical problems Maintain documentation of known issues, fixes, and deployment best practices. Conduct proactive threat hunting using Falcons historical and real-time data. Leverage CrowdStrike...

Level : L3 Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs). Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations Assist in troubleshooting sensor-related issues, including log collection and root cause analysis Raise and manage support cases with CrowdStrike for unresolved technical problems Maintain documentation of known issues, fixes, and deployment best practices. Conduct proactive threat hunting using Falcons historical and real-time data. Leverage CrowdStrike...