891 Qradar Jobs - Page 33

Introduction SOC Analyst L2 Your Role And Responsibilities A SOC Analyst plays a crucial role in cybersecurity, focusing on incident response, threat analysis, and security monitoring . Here’s a general job description: Responsibilities Monitor and analyze security alerts from various sources. Investigate suspicious activities and security incidents. Coordinate and escalate incidents to appropriate teams. Perform root cause analysis and recommend solutions to mitigate risks. Collaborate with Level 1 analysts to enhance detection capabilities. Maintain and update incident response playbooks. Prepare reports and documentation of security incidents. Stay updated with the latest cybersecurity trends and threats. Assist in threat hunting to identify vulnerabilities. Preferred Education Master's Degree Required Technical And Professional Expertise Bachelor’s degree in IT, Cybersecurity, or a related field. 2-3 years of experience in a Security Operations Center (SOC). Certifications like CISSP, CEH, or CompTIA Security+ (preferred). Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. Experience with incident detection and response. SIEM tools (e.g., Splunk, QRadar). Intrusion Detection Systems (IDS) & Intrusion Prevention Systems (IPS). Firewall & VPN technologies. Threat intelligence platforms. Endpoint detection & response tools. Network security protocols. Incident response techniques. Preferred Technical And Professional Experience Scripting languages (e.g., Python, Bash). Understanding of malware analysis & forensics. Show more Show less

About Company: Team1 Consulting is a leading System Integrator specializing in IT infrastructure, software, cyber security, cloud solutions, and generative AI domains. We deliver cutting-edge IT solutions tailored to drive innovation and accelerate business growth. Our expertise empowers organizations across industries to thrive in the digital era with customized, high-impact solutions that ensure success in an ever-evolving landscape. Job Title: Pre-Sales Cybersecurity Specialist Location: NOIDA , HQ Experience Required: 4–8 Years Department: Pre-Sales / Solution Engineering Employment Type: Full-Time About the Role: We are seeking an experienced and proactive Pre-Sales Cybersecurity Specialist to join our high-performance team. The ideal candidate will play a key role in supporting the sales team by understanding client security needs, designing appropriate solutions, delivering technical presentations, and building trust with prospects throughout the sales cycle. Key Responsibilities: Collaborate with the sales team to identify customer requirements and recommend relevant cybersecurity solutions. Conduct discovery sessions with enterprise clients to understand their security posture, threat landscape, and compliance requirements. Prepare and deliver technical presentations and product demonstrations to prospects and customers. Design customized security solutions using a wide range of cybersecurity technologies (e.g., endpoint security, SIEM, SOAR, XDR, IAM, firewalls, cloud security). Respond to RFPs, RFIs, and prepare detailed solution documents, BoMs, and SOWs. Assist in PoCs (Proof of Concept), solution validation, and implementation guidance. Stay updated with the latest threats, security trends, and OEM product updates. Work closely with OEMs and internal product/technical teams to stay aligned with solution capabilities and roadmaps. Support the handover of projects to delivery and ensure smooth transition from pre-sales to execution. Required Qualifications: 4–8 years of experience in cybersecurity pre-sales, solution engineering, or consulting roles. Strong understanding of cybersecurity domains including: Network Security, Endpoint Protection, Cloud Security, Identity & Access Management (IAM), SIEM/SOAR, and Compliance. Hands-on exposure or certifications in tools like: Palo Alto, Fortinet, CrowdStrike, SentinelOne, Splunk, QRadar, Microsoft Defender, Tenable, Rapid7, etc. Excellent communication, presentation, and documentation skills. Strong analytical thinking and problem-solving ability. Willingness to travel to client locations for demos and meetings as needed. Bachelor's degree in Computer Science, Information Security, or related field. Security certifications such as CEH, CompTIA Security+, CISSP (preferred but not mandatory). What We Offer: Competitive compensation with performance-linked incentives. Exposure to leading cybersecurity OEMs and enterprise accounts. Opportunity to grow in a fast-paced and innovation-driven environment. Strong collaborative culture and mentorship from industry leaders. Show more Show less

Role Description We are seeking a detail-oriented and proactive SOC Analyst – Level 2 to strengthen our cybersecurity operations. The ideal candidate will have hands-on experience in reviewing and investigating escalated security events using a variety of security tools and methodologies. This role involves working closely with L1 analysts, Incident Response teams, and Threat Hunters to ensure accurate detection, classification, and escalation of security incidents. Key Responsibilities Review and investigate escalated security events from SOC L1 analysts using tools such as SIEM, EDR, NDR, and other monitoring platforms. Perform initial triage and validation of s, classify incidents, and escalate appropriately to Incident Response or Threat Hunting teams. Leverage threat intelligence to contextualize s and correlate evidence across multiple data sources. Analyze suspicious activity across endpoints, networks, email, and cloud environments. Accurately document investigation steps, findings, and recommendations. Maintain and enhance playbooks, runbooks, and standard operating procedures (SOPs). Participate in purple team exercises, tabletop simulations, and contribute to detection engineering feedback loops. Collaborate with L1 analysts, providing guidance and training on detection logic, triage, and escalation procedures. Required Qualifications Minimum 2 years of experience in a SOC, security monitoring, or cybersecurity operations role. Proficiency with SIEM (e.g., Splunk, QRadar, Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender for Endpoint), and analysis of firewall and proxy logs. Solid understanding of attacker tactics, techniques, and procedures (TTPs), especially those outlined in MITRE ATT&CK and the Cyber Kill Chain. Demonstrated experience in triaging s, classifying threats, and escalating incidents. Strong ability to write concise, accurate incident documentation and reporting. Working knowledge of both Windows and Linux operating systems from a security operations perspective. Preferred Qualifications Familiarity with detection logic tuning, custom rule creation, and threat hunting methodologies. Experience in phishing investigations, malware sandboxing, and basic memory/network forensics. Exposure to scripting languages such as Python, Bash, or PowerShell for task automation and data parsing. Knowledge of cloud security monitoring tools and practices (Azure, AWS, Google Cloud). Relevant certifications such as: Security+, CySA+, GCFE, GCIH, SC-200, or equivalent. Technical Skills Active Directory Red Hat Enterprise Linux Group Policy Management Skills SIEM, EDR, NDR Show more Show less

Analyst Level 3 - Security Operations Centre (SOC) Ways of working – Full-time with rotational shifts and mandatory Work from Office Location: Embassy Tesh Village, Bangalore Year of Experience: 5+ years in a SOC or security operations environment, with at least 2 years in a senior or advanced analyst role. About The Team & Role As a Level 3 Security Operations Centre (SOC) Analyst, you will be responsible for identifying, analyzing, and responding to security incidents and threats within an organization's IT infrastructure. This senior role demands a high level of expertise in security operations, threat analysis, and incident response. You will work closely with other teams, including Level 1 and Level 2 analysts, management, and engineering, to ensure the security of the organization's network and systems. Your work will contribute to detecting and mitigating advanced cyber threats, ensuring that the organization remains protected against emerging risks. What will you get to do here? Incident Response & Investigation Lead investigations of complex security incidents, including intrusion detection, malware analysis, and vulnerability exploitation. Perform in-depth analysis of security incidents to determine their scope, impact, and method of attack. Take immediate and appropriate action to contain, mitigate, and resolve security threats. Threat Hunting Proactively hunt for hidden threats and vulnerabilities within the organization's systems and networks. Analyze logs and data from multiple sources (e.g., firewalls, intrusion detection systems, antivirus solutions) to identify patterns indicative of malicious activity. Utilize advanced threat intelligence to stay ahead of potential attackers and new attack vectors. Security Monitoring & Analysis Oversee and manage security monitoring tools to detect potential security incidents and vulnerabilities. Analyze alerts and reports generated by various security tools, ensuring accuracy and appropriateness. Ensure the effective operation and tuning of SIEM (Security Information and Event Management) systems, IDS/IPS, and other security technologies. Identify and define new use cases as well as modify existing ones Collaboration & Knowledge Sharing Mentor and provide guidance to junior analysts (Level 1 and Level 2) in incident handling, investigation, and security best practices. Collaborate with IT, network, and engineering teams to resolve security issues and implement proactive security measures. Document incidents and maintain accurate records for reporting and auditing purposes. Reporting & Documentation Generate detailed post-incident reports that include findings, recommendations, and remediation steps. Assist in the development and maintenance of SOC procedures, playbooks, and security policies. Report trends and emerging threats to senior management and stakeholders. Create and maintain standard operating procedures (SOPs), playbooks, and runbooks. Lead root cause analysis and develop lessons learned documentation post-incident Continuous Improvement Stay up to date on the latest cybersecurity threats, trends, and technologies. Contribute to the development and improvement of incident response plans and security protocols. Participate in security training programs to continually enhance skills and capabilities. What qualities are we looking for? Education: Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience. Experience: 5+ years of experience in a SOC or security operations environment, with at least 2 years in a senior or advanced analyst role. Technical Skills: Strong experience with security tools and SaaS Application, including SIEM (Splunk, Sentinel One, QRadar, etc.), IDS/IPS, firewalls, Endpoint Protection, DLP, Active Directory/Azure and vulnerability scanners. Expertise in incident response, digital forensics, and malware analysis. Deep understanding of security frameworks, methodologies, and best practices (NIST, ISO 27001, MITRE ATT&CK, etc.). Knowledge and experience of common operating systems (Windows, Mac, Linux) and networking protocols (TCP/IP, HTTP, DNS, etc.). Advanced understanding of cyber threats and attack vectors, including APTs (Advanced Persistent Threats), ransomware, DDoS, and insider threats. Familiarity with cloud security environments and services (AWS, Azure, GCP). Skills & Abilities: Strong written and verbal communication skills, with the ability to report findings to both technical and non-technical stakeholders. Ability to work well under pressure and manage multiple tasks simultaneously. Relevant certifications such as CISSP, CISM, CEH, GIAC, or similar are a plus. Desired Skills: Experience with threat intelligence platforms and frameworks. Proficiency in scripting or automation (Python, PowerShell, etc.) for threat detection and incident response tasks. Experience with network traffic analysis tools (Wireshark, tcpdump, etc.). Knowledge of forensic tools and techniques. Familiarity with security incident management platforms (ServiceNow, Remedy, Jira, Fresdesk etc.). Preferred Certifications: CompTIA Security+ EC-Council Certified SOC Analyst (CSA) CompTIA Cybersecurity Analyst (CySA+) EC-Council SOC Essentials (S|CE) ISACA - CCOA GIAC Security Operations Certified (GSOC): GIAC Certified Incident Handler (GCIH): GIAC Certified Intrusion Analyst (GCIA): (ISC)² Systems Security Certified Practitioner (SSCP): GIAC Cyber Threat Intelligence (GCTI): GIAC Certified Forensic Analyst (GCFA) / GIAC Certified Forensic Responder (GCFR) AWS Certified Security - Specialty / Certified Cloud Security Professional (CCSP) Visit our tech blogs to learn more about some of the challenging Problem Statements the team works at:- https://bytes.swiggy.com/engineering-challenges-at-swiggy-430dea6c86a3 https://bytes.swiggy.com/the-swiggy-delivery-challenge-part-one-6a2abb4f82f6 https://bytes.swiggy.com/what-serviceability-means-at-swiggy-c94c1aad352a https://bytes.swiggy.com/architecture-and-design-principles-behind-the-swiggys-delivery-partner s-app-4db1d87a048a https://bytes.swiggy.com/swiggy-distance-service-9868dcf613f4 https://bytes.swiggy.com/the-tech-that-brings-you-your-food-1a7926229886 We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, disability status, or any other characteristic protected by the law. Show more Show less

Job Title : Network Security and Infrastructure Engineer Location : Remote Job Summary We are seeking a skilled and detail-oriented Network Security and Infrastructure Engineer to join our IT security team. The ideal candidate will be responsible for designing, implementing, and managing secure network infrastructure solutions. Proficiency with AlgoSec for firewall and security policy management, and experience using HP Lighthouse for infrastructure monitoring and reporting, is essential. Key Responsibilities Design, implement, and manage secure network infrastructure to support business operations. Use AlgoSec to manage firewall policies, analyze rule changes, and ensure regulatory compliance. Perform security policy audits and recommend rule optimization and risk mitigation strategies. Leverage HP Lighthouse for system and network performance monitoring, capacity planning, and incident reporting. Maintain detailed network diagrams and documentation. Lead vulnerability assessments and implement remediation strategies. Work closely with DevOps, compliance, and application teams to secure cloud and on-premise environments. Evaluate and deploy security products and technologies as needed. Provide support during security incidents, ensuring proper documentation and post-incident analysis. Required Skills & Qualifications Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). 5+ years of experience in network security, infrastructure management, or related roles. Hands-on experience with AlgoSec Security Management Suite. Experience working with or familiarity with HP Lighthouse (or similar HP tools like HP Operations Manager, HP IMC). Strong knowledge of firewalls (Cisco, Palo Alto, Fortinet), IDS/IPS, VPNs, and network segmentation. Understanding of cloud platforms (AWS, Azure, GCP) and hybrid network security. Familiarity with regulatory compliance frameworks (e.g., PCI-DSS, HIPAA, ISO 27001). Strong analytical and troubleshooting skills. Excellent communication and documentation abilities. Preferred Qualifications Certifications : CCNP Security, CISSP, CISM, or AlgoSec Certified Professional. Experience with SIEM tools (e.g., Splunk, QRadar). Scripting knowledge on Python (ref:hirist.tech) Show more Show less

ECI is the leading global provider of managed services, cybersecurity, and business transformation for mid-market financial services organizations across the globe. From its unmatched range of services, ECI provides stability, security and improved business performance, freeing clients from technology concerns and enabling them to focus on running their businesses. More than 1,000 customers worldwide with over $3 trillion of assets under management put their trust in ECI. At ECI, we believe success is driven by passion and purpose. Our passion for technology is only surpassed by our commitment to empowering our employees around the world . The Opportunity: ECI has an exciting opportunity for a SOC Engineer , who is responsible for analyzing and responding to network security events. The SOC Engineer will work collaboratively to detect and respond to information security incidents, maintain and follow procedures for security event alerting, and participate in security investigations. The SOC Engineer will perform tasks including monitoring, research, classification, and analysis of security events that occur on the network or endpoint. In this role, you will act as a shift lead and review tickets before they are being escalated to clients. You will Investigate intrusion attempts and perform an in-depth analysis of exploits. This is an Onsite role. What you will do: Acts as shift lead by managing the incident queue and assign incidents to available analysts based on priority. Make sure the incident is handled from end to end with defined SLA. Conduct expert analysis of SIEM logs to drive event and incident analysis. Provide expertise in categorizing and deep dive event logs to support timely and effective decision making in handling security breach cases. Launch and track investigations until resolution. Work with client or internal support teams to mitigate security threats and help them in improving the security posture of client environment. Perform threat hunt activities based on latest security vulnerabilities, advisories, and penetration techniques. Mitigate security threats and notify client. Contribute to the creation of SOC policies, procedures, and configuration standards. Manage and Administer security tools such as SIEM, EDR, Email gateway, etc. Advanced working skills with any one of the SIEM tools (ELK, Splunk, Qradar). Rule base Management, SOC Fine tuning. (Administer SIEM tool) Maintain 'On Call' availability for critical incident response scenarios and urgent threats. Demonstrate strong analytical, diagnostic, innovation, and collaboration skills. Exhibit enthusiasm, adaptability, and a passion for continuous learning, growth, and sharing of knowledge. Showcase exceptional presentation and communication abilities. Who you are: 3-5 years’ experience in the IT security industry, preferably working in a SOC environment. Bachelor’s in computer science/IT/Electronics Engineering, M.C.A. or equivalent University degree Certifications: CCNA, CEH, CHFI, GCIH, ITIL Experience with Security Information Event Management (SIEM) tools, creation of correlation rules and fine-tuning rules to administration of SIEM. Administration of Email security gateways, EDR, Antivirus Solutions. Should have expertise on TCP/IP network traffic and event log analysis. Configuration and Troubleshooting experience on Cisco ASA, PaloAlto firewalls would be an added advantage. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations. Shift management and scheduling. Remain vigilant while continuing to maintain and enhance the overall security of ECI and the client’s receiving our services. Maintain awareness about the potential risks based on the environment they are operating in and the clients they are working on Bonus points if you have: Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products Knowledge and hands-on experience with SIEM tools Knowledge of ITIL disciplines such as Incident, Problem and Change Management Strong verbal and written English communication. Strong interpersonal and presentation skills ECI’s culture is all about connection - connection with our clients, our technology and most importantly with each other. In addition to working with an amazing team around the world, ECI also offers a competitive compensation package and so much more! If you believe you would be a great fit and are ready for your best job ever, we would like to hear from you! Love Your Job, Share Your Technology Passion, Create Your Future Here! Show more Show less

SOC Analyst - L3 Experience Range : 8 - 15 Years Position : Permanent Location : Chennai (Taramani) Project : Banking Shift : Rotational Notice : Immediate Joiners, Serving Notice Key Responsibilities: Incident Detection & Response: Monitor security alerts and events through SIEM tools to identify potential threats. Investigate security incidents and respond in a timely and effective manner. Leverage EDR (Endpoint Detection and Response) solutions for threat detection and incident analysis. Threat Analysis & Mitigation: Conduct thorough threat and malware analysis to identify and mitigate risks. Work closely with internal teams to investigate malware, viruses, and ransomware threats. Use CrowdStrike , Defender , and other endpoint security tools to prevent attacks. Email Security Management: Monitor and manage email security systems to prevent phishing, spam, and other malicious email threats. Respond to suspicious email alerts and work with other teams to resolve them. Continuous Monitoring & Alerting: Actively monitor systems, networks, and applications for any signs of suspicious activities. Utilize Endpoint Security solutions to continuously track and protect endpoints across the network. Collaboration & Reporting: Work closely with the IT and security teams to assess, analyze, and resolve security incidents. Maintain detailed documentation of incidents, findings, and responses for future reference. Regularly report on the status of ongoing security incidents and trends to senior management. Research & Knowledge Enhancement: Stay updated with the latest security threats, vulnerabilities, and trends. Participate in security training and development to improve skills in SIEM , EDR , and other security tools. Required Skills and Qualifications: Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field, or equivalent work experience. Strong experience with SIEM (e.g., Splunk, QRadar, ArcSight). Proficient in EDR and Endpoint Security tools (e.g., CrowdStrike, Microsoft Defender). Hands-on experience in threat and malware analysis . Familiarity with email security systems (e.g., Proofpoint, Mimecast). Strong understanding of network protocols, firewalls, and intrusion detection/prevention systems. Knowledge of security frameworks and industry standards (e.g., MITRE ATT&CK, NIST). Excellent analytical and problem-solving skills. Preferred Qualifications: Security certifications like CompTIA Security+ , CISSP , CEH , or GIAC are a plus. Experience with incident response and forensic investigation. Familiarity with cloud security in AWS, Azure, or Google Cloud.

Join our high-performing Cybersecurity team as a Cybersecurity Incident Response Analyst / SOC Specialist and take on a critical role in defending our enterprise from sophisticated and evolving cyber threats. This is an exciting opportunity for experienced professionals with 5+ years of hands-on experience in Security Operations Center (SOC) environments, incident response, and threat detection to make a meaningful impact in a fast-paced and highly secure infrastructure. You will be working alongside skilled cybersecurity experts, using advanced tools and frameworks to safeguard our global operations and ensure business continuity. Key Responsibilities:- Monitor, analyze, and respond to security events using SIEM tools including Blusapphire, IBM QRadar, Securonix, and Splunk . Perform Tier 1 & Tier 2 SOC operations , including event triage, threat detection, and initial incident response. Integrate and administer SIEM platforms and develop effective use-cases, alerts, dashboards , and reports. Conduct in-depth forensic analysis and investigations using tools like EnCase, FTK, Sleuthkit, and SANS SIFT . Collaborate with global teams to ensure timely and effective incident detection, response, and resolution. Support crisis response and participate in scenario planning and deception environment development (e.g., honeypots, honeytokens). Analyze advanced attacker TTPs and contribute to the improvement of defensive controls and strategies. Maintain documentation, reporting, and communication in a clear, concise, and actionable format. Mandatory Technical Skills:- SIEM Expertise: Blusapphire, IBM QRadar, Securonix, Splunk SIEM Administration and SOC Integration SOC L1/L2 Monitoring and SOC Operations Knowledge of IDS/IPS, malware analysis, firewalls, proxies Strong grasp of network protocols (TCP, UDP, DNS, DHCP, etc.) Familiarity with Windows/Linux infrastructure , cloud platforms (AWS, Azure, GCP) Incident response and investigation tooling (e.g., Kali Linux, IDA Pro) Scripting or programming skills (Python, Bash, etc.) preferred Qualifications & Industry Experience:- 5+ years of experience in cyber incident response and/or digital forensics Experience in large enterprise or regulated sectors (e.g., finance) Industry certifications preferred: CEH, GCIH, GCIA, GCFA, GNFA, SANS, EnCE, CRISC Deep understanding of security frameworks: OWASP, ISO27001, NIST, PCI DSS, CIS Strong communication skills – able to explain complex issues clearly across technical and business audiences Self-driven, ethical, with a high sense of urgency and decision-making ability Show more Show less

Key Responsibilities 1. Demonstrated expertise in configuring, managing, and troubleshooting Fortinet Firewall systems. 2. Proficient in the operation and management of Cisco Layer 3 switches. 3. Comprehensive experience in managing core network infrastructure, including environments with multiple Internet Leased Lines (ILLs), firewalls, and Layer 3 switches operating in high availability (HA) mode, spanning multiple floors and integrating with data center connectivity. 4. Strong knowledge of Point-to-Point (P2P) and IPsec VPN tunnels, including configuration and maintenance. 5. Solid understanding of endpoint security tools such as Netskope, CrowdStrike, and CoSoSys Endpoint Protector. 6. Basic familiarity with IBM QRadar (Security Information and Event Management - SIEM tool). 7. Hands-on experience with LAN, WLAN, and WAN technologies. 8. Proven background in network security, with a focus on secure architecture and incident response. 9. Foundational understanding of Business Continuity Planning (BCP) in relation to network infrastructure. 10. Strong analytical and problem-solving abilities with a methodical approach to troubleshooting. 11. Highly self-motivated and capable of working independently while also being an effective contributor in a collaborative team setting. 12. Reliable and adaptable, with the flexibility to respond to changing requirements and priorities. Qualifications: 1. 8 to 15 years of progressive experience in the field of information technology, with a focus on network and security domains. 2. Proven track record in network and cybersecurity operations, including the design, implementation, and management of secure and scalable network infrastructures. 3. Exceptional time management and prioritization skills, with the ability to effectively manage multiple tasks and deliverables in a dynamic, high-pressure environment. Show more Show less

Position Summary We are seeking an experienced SOC Analyst to join our Security Operations team. This role demands an individual with a strong technical background in incident analysis, SIEM administration, and rule fine-tuning. The ideal candidate will have experience working with diverse environments, including Windows, Linux, and network security, and will be well-versed in ELK stack management and troubleshooting beats agents. Key Responsibilities 1. Incident Detection and Analysis: o Conduct deep-dive analysis on security incidents, assessing root causes, and recommending solutions. o Proactively monitor and respond to security alerts, managing incident escalation and resolution processes. o Prepare detailed reports and document incidents to support future analysis and security measures. 2. SIEM Administration and Rule Fine-Tuning: o Oversee SIEM configurations, including tuning rules to optimize alerting and reduce false positives. o Conduct SIEM platform upgrades, troubleshoot performance issues, and ensure platform availability. o Collaborate with IT teams to integrate new data sources into SIEM and enhance visibility. 3. System and Network Security: o Perform continuous monitoring and analysis across Windows and Linux systems and network infrastructures. o Utilize tools for traffic analysis, anomaly detection, and threat identification. o Support configurations and policies within the IT and network environment to strengthen security. 4. ELK Stack and Beats Agent Management: o Manage and troubleshoot ELK Stack components (Elasticsearch, Logstash, and Kibana) to ensure seamless data flow. o Perform regular maintenance and troubleshooting of beats agents, ensuring reliable log ingestion and parsing. 5. Security Policies and Compliance: o Contribute to policy updates, ensuring adherence to organizational and industry compliance standards. o Document and enforce security controls aligned with best practices and regulatory requirements. Skills and Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. Experience: o Minimum of 5+ years in SOC operations or a similar cybersecurity role. o Proven experience in SIEM administration, incident analysis, and configuration fine-tuning. o Proficiency in monitoring and troubleshooting Windows and Linux systems and managing network security protocols. o Hands-on experience with the ELK Stack, with expertise in troubleshooting beats agents. Technical Skills: o Familiarity with SIEM tools (e.g., Splunk, QRadar) and network protocols. o Strong command of incident response processes, security frameworks, and best practices. o Knowledge of communication protocols and system integrations for data protection. Certifications (preferred): CISSP, CompTIA Security+, CEH, or similar security certifications. Competencies Strong analytical skills with attention to detail. Excellent verbal and written communication abilities. Ability to work independently and collaboratively in a fast-paced environment. Additional Preferred Skills Knowledge of regulatory compliance standards. Experience in using EDR solutions. Ability to document processes and create incident playbooks. This role offers an opportunity to work on advanced cybersecurity initiatives within a dynamic SOC environment, contributing to enhanced organizational security. Keywords SIEM administration,incident analysis,configuration fine-tuning,Windows,Linux,network security protocols,ELK Stack,troubleshooting beats agents,Splunk,Qradar,EDR solutions,Cybersecurity* Mandatory Key Skills SIEM administration,incident analysis,configuration fine-tuning,Windows,Linux,network security protocols,ELK Stack,troubleshooting beats agents,Splunk,Qradar,EDR solutions,Cybersecurity*

SOC Analyst (Level 1) Experience - 2 to 4 years Location : Thiruvananthapuram, Kerala Employment Type : Full-Time Role Overview As a Level 1 SOC Analyst, you will serve as the first line of defense in our Security Operations Center, responsible for monitoring, detecting, and responding to security incidents in real-time. You will utilize SIEM tools to analyze security events and collaborate with cross-functional teams to mitigate risks and enhance the organization's security posture. Key Responsibilities Security Monitoring : Continuously monitor security alerts from SIEM platforms (e.g., Splunk, Sentinel, QRadar) to identify potential threats. Incident Triage : Perform initial analysis and classification of security incidents, escalating to higher tiers when necessary. Threat Analysis : Investigate and analyze security events to determine their impact and potential risks. Incident Response : Assist in the containment, eradication, and recovery processes during security incidents. Reporting : Document incidents and actions taken, providing detailed reports for further analysis and compliance purposes. Collaboration : Work closely with IT and security teams to implement security measures and mitigate risks. Continuous Learning : Stay updated with the latest cybersecurity threats, vulnerabilities, and mitigation strategies. Required Qualifications Experience : 2 to 4 years in a SOC or similar cybersecurity role. Technical Skills Proficiency in using SIEM tools (e.g., Splunk, Sentinel, QRadar). Understanding of network protocols and security technologies. Familiarity with endpoint protection and monitoring tools. Certifications : Relevant certifications such as CEH, CompTIA Security+, or CISSP are preferred. Soft Skills Strong analytical and problem-solving abilities. Excellent communication skills for reporting and collaboration. Ability to work effectively in a 24/7 environment. (ref:hirist.tech) Show more Show less

Role & responsibilities Review Level1 Analysts Work - False positive analysis and input for rule fine tuning. Should be able to remediate incidents end to end when there is a need, work closely with Respective Customer team. Prepare monthly shift roster. Provide recommendation for existing rule changes and make necessary changes. Ensure cases are handled within defined TAT and escalate as needed. Perform daily alert review. Daily Reporting and Dashboards. Use-case creation Preferred candidate profile Candidate should ready to join within 30 days Minimum 2+ years of experience working into SIEM tool - IBM Qradar Hands on experience working in use cases creation and fine tunning

Security Specialist Location: Hyderabad Position: 1 Experience: 4 to 8 years pre sales discussions and design security architecture based on customer requirement. Implement firewalls, anti-virus software, log management, authentication systems, content filtering, Professional IT certifications will be added advantage

Subject Matter Expert Location: Noida Position: 1 Experience: 2-4 years Act as a solution expert. Maintain Relationship with OEMs / distributors. Taking the valid lead from 20% to 60% (i.e., Deal Registration, Solutioning, PoC, BoM). Coordinating with the sales and technical teams to progress on opportunities created. Will carry bottom line targets. Post successful BoM finalization transfer the case to the respective sales team. Products : Veritas, Forescout, Forcepoint, Tenable, Ixia, Gemalto / Thales, etc..

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations Since 2011, our mission hasnt changed "” were here to stop breaches, and weve redefined modern security with the worlds most advanced AI-native platform Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward Were also a mission-driven company We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers Were always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other Ready to join a mission that mattersThe future of cybersecurity starts with you. About The Role As a Corporate Account Executive, you will be responsible for driving new business opportunities You must be extremely results driven, customer focused, technologically savvy, and innovative at building internal relationships and external partnerships to attack the market with passion! The right candidate will possess excellent energy and drive and a real desire to build business across a portfolio of accounts They will have the ability to build effective relationships quickly and to find valuable business within each account immediately that can then be enhanced by leveraging internal resources. This role will be based in Mumbai What You'll Do Actively engage our prospective customers to identify Small Business & Capable of Managing the Run rate Business opportunities for CrowdStrike across the assigned region Run a sophisticated Sales process from Prospecting to Closure. Collaborate with our Sales Engineers (SEs) to devise and execute account strategies and plans. Predominantly working with the Channels Team, Distribution team & Inbound sales representative. Working with the account covering small & medium range with capping of number of End points. Forecast and report updates to management team. Provide exceptional and high touch customer service, including escalation and coordination of support issues as needed for the set accounts. Become an insider within the Cyber Security Industry and become an expert at expert of CrowdStrike products. Stay well educated and informed as to the CrowdStrike competitive landscape and how to sell the value of our solutions and services when compared to the relevant competitors in the Next Generation Endpoint market space. Be a go-getter that sets his/her sights above and beyond to blow out their established targets and quotas. May require modified work hours to accommodate accounts in other time zones, and minimal, but occasional travel for accounts that require a higher touch to achieve closure. What Youll Need Min 6 years of Sales experience generating net new business within the assigned region Proven experience selling a complex multi-product architecture to organizations, selling into C-level Executives to Evaluator-level Engineers. Track record of exceeding expectations in an individually focused, quota carrying role. Cold Calling experience (not tech, SaaS, or Security specific). Technical aptitude and ability to learn new business and technical concepts quickly. Competitive nature, but also a collaborative team player. Strong presentation skills, both in person and via virtual channels. Security and/or SaaS Sales experience a plus. Persistent- Doesnt stop at "no" Believes they can overcome. Coachable Seeks help; knows how to get help, when to ask for it and what situations call for it. Motivated to learn, to succeed, to win, to grow. Aptitude Able to learn and implement new concepts quickly. Self-Disciplined Proven to be good at time management, organization, and demonstrate discipline in their process and everyday business. Self-aware- Has a solid understanding of their strengths and weaknesses and what they need to work on. Benefits Of Working At CrowdStrike Remote-friendly and flexible work culture Market leader in compensation and equity awards Comprehensive physical and mental wellness programs Competitive vacation and holidays for recharge Paid parental and adoption leaves Professional development opportunities for all employees regardless of level or role s, geographic neighbourhood groups and volunteer opportunities to build connections Vibrant office culture with world class amenities Great Place to Work Certified„¢ across the globe CrowdStrike is proud to be an equal opportunity employer We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance. Show more Show less

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE, while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia Location: Pune https://isa.ae/ Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8/1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045 Job Title: Security Engineer (Penetration Tester) Job Type: Full-time Reports To: Security Architect Job Overview: We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture. Key Responsibilities: 1. Firewall, Endpoint & WAF Security Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point). Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF). Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne . Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles . 2. Microsoft Security Layer Implementation a. Microsoft Email Security Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats. Implement Safe Links, Safe Attachments, and Anti-Phishing policies . Monitor and respond to email security alerts in Microsoft Security Portal . Conduct email security threat hunting using Defender for O365 and advanced hunting queries. b. Microsoft Endpoint Security Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices. Enforce attack surface reduction (ASR) rules for endpoint protection. Configure endpoint compliance policies using Microsoft Intune . Implement DLP (Data Loss Prevention) policies to prevent data exfiltration. c. Compliance & Risk Management Implement and monitor Microsoft Purview Compliance Manager for risk assessment. Enforce Information Protection & Encryption Policies using Microsoft Purview. Configure and manage Conditional Access Policies in Microsoft Entra ID . Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR . 3. Dark Web Monitoring & Brand Protection Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats. Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence. Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains . Collaborate with legal and compliance teams to enforce takedowns of malicious content. 4. Fraudulent Incident Investigation & Threat Hunting Investigate fraud incidents, phishing attempts, and business email compromise (BEC) . Conduct forensic analysis on compromised endpoints, servers, and email accounts. Develop and implement threat intelligence and threat hunting processes. Work closely with SOC teams for incident response and mitigation . 5. VAPT & IT Security Operations Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments. Implement and manage intrusion detection/prevention systems (IDS/IPS) . Monitor, analyze, and mitigate vulnerabilities from external and internal security scans . Work with teams to remediate vulnerabilities and harden IT assets. 6. IT Security & Compliance Management Develop and enforce security policies, standards, and procedures . Implement Zero Trust Architecture and IAM policies . Conduct security awareness training and phishing simulations. Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards . Required Qualifications & Skills: Technical Skills: ✅ Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point ✅ Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance ✅ Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne ✅ WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare ✅ VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP ✅ SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK ✅ Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center ✅ IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM ✅ Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence Soft Skills: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to work independently and in cross-functional teams. Proactive security mindset with attention to detail. Certifications (Preferred, but not mandatory): ✔️ CISSP – Certified Information Systems Security Professional ✔️ CEH – Certified Ethical Hacker ✔️ OSCP – Offensive Security Certified Professional ✔️ CISM/CISA – Certified Information Security Manager/Auditor ✔️ Microsoft Certified: Cybersecurity Architect (SC-100) ✔️ Microsoft Certified: Security Operations Analyst (SC-200) ✔️ Microsoft Certified: Information Protection Administrator (SC-400) Experience Required: 🔹 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence . 🔹 Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance . 🔹 Strong experience in fraud investigation, dark web monitoring, and brand protection . 🔹 Proven ability to secure cloud, hybrid, and on-premise environments . . Please send resumes to careers@isa.ae Show more Show less

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities Monitor and analyze attempted efforts to compromise security protocols. Identify and investigate activities and conduct and provide analyses regarding results Collaborate with other Cyber Defense teams Review SIEM alerts and logs to identify and report possible security issues Serve as an escalation resource and mentor for other SOC analysts Perform investigations and escalation for complex or high severity security threats or incidents Work across the organization to define, develop, and refine correlation rules Participate in writing security status reports to provide system status, report potential and actual security violations and provide procedural recommendations Participate in knowledge sharing with other team members and industry collaboration organizations to advance the security monitoring program Participate in developing and supporting strategic plans and projects to meet Global Security and SOC goals and objectives Maintain an in-depth knowledge of common attack vectors, common security exploits, and countermeasures. Maintain a solid working knowledge of Information Security principles and practices Research the current information security and event monitoring trends, and keep up to date with SOC issues, technology, and industry best practices Coordinate evidence/data gathering and documentation and review Security Incident reports Assist in strategic initiatives Provide recommendations for improvements to security operational monitoring and incident response procedures based on operational insights Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications BS in Computer Science, Computer Engineering, Cyber Security, Forensics and/or equivalent work experience Security certifications (e.g. Security+, Network+, Cloud+, AZ-900 (Microsoft Azure Fundamental), SC-200 (Microsoft Security Operations Analyst, etc.) Experience in incident detection and response Experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms Willing to work in a team-oriented 24/7 environment; schedule flexibility as needed to work with a global team Preferred Qualifications Experience building use cases and performing log analysis using technology like KQL, Splunk, AlienVault, Q-radar etc. SOAR or Scripting experience using Python, PowerShell etc. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. As a Senior Information Security Engineering Consultant, your responsibilities include administration, maintenance, architecture, and engineering related to on-premise and cloud security solutions. This includes, direct support, technical ownership, and leading others with regards to the platforms. Additional responsibilities as needed, but may include security posture review and analysis, security vulnerability scanning, monitoring and alerting development and tooling, and security incident response. Primary Responsibilities Work on-call and non-standard hours when necessary Support team leads and Subject Matter Expert (SME) for approaches, procedures, and implementation of Cybersecurity systems, specifically perimeter firewalls Be able to troubleshoot in highly complex, technical situations within an enterprise organization Be able to identify and mitigate risks Capable of formulating and implementing procedures and systems Be able to document and communicate on an expert level Have or be in process of obtaining advanced certifications pertinent to area of expertise Collaborate in the development of training content for issues related to IT Cybersecurity Develops and oversees the development of innovative approaches and solutions to complex problems and issues Supports the monitoring and responses to security incidents, offering expertise to ensure prompt and effective resolution Collaborates with director, managers, project managers, architects and other technical personnel to ensure mitigation of risks to the company Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Graduate degree or equivalent experience 6+ years of experience in IT Security for large enterprise environments 5+ years of experience with next gen/firewall (ex. Palo Alto) 5+ years of experience with WAN/LAN routing, switching, proxy and firewall environments Work experience as a system security engineer or information security engineer Proven solid planning and problem-solving skills Proven ability to troubleshoot in highly complex, technical situations within a matrixed organization Preferred Qualification CompTIA Security +, or related certification, PCNSE, CCNA, Network +

Equal Opportunity Employer All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets Job Description : Job Title: Analyst SOC About News Corp News Corp is a global diversified media and information services company focused on creating and distributing authoritative and engaging content to consumers and businesses throughout the world. The company comprises global businesses across a range of media, including news and information services, book publishing, digital real estate services, cable network programming in Australia, and pay-TV distribution in Australia. The Role : We are looking for SOC analysts who will be responsible for monitoring and working on active alerts on various security tools (SIEM/XSOAR). The individual in this role is expected to have meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure, and deliver on tight deadlines. This position demands someone willing to use a network of sensors, security tools, and monitoring equipment to proactively identify, evaluate, and remediate potential cybersecurity threats. Based on an understanding of “normal” network activity, SOC analysts use tools and processes to detect anomalous activity, providing 24/7/365 detection and response capabilities. The person can multitask, work independently, and work collaboratively with teams, some of which may be geographically distributed. Key Responsibilities Use SIEM technologies and other native tools to perform the monitoring of security events on a 24x5 basis. Monitor various infrastructure log sources and Escalate potential security incidents to client personnel. Notify the Client of the incident and required mitigation works. Track and update incidents and requests based on client’s updates and analysis results. Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security, etc. Must know about SIEM Solutions (Splunk (Preferred), Qradar, ArcSight) Good understanding of Phishing email analysis and its terminologies. Knowing EDR solutions (Preferred CrowdStrike). Ability to run and understand Sandbox Static Analysis. Proactively research and monitor security information to identify potential threats that may impact the organization. Provide 24x7 monitoring operations for security alerts Required Skills and Qualifications : Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree. Minimum of 2-4 years of experience in the IT security industry, preferably working in a SOC/NOC environment. Certifications CCNA, CEH, Security+, CySA+ A degree in Computer Science, IT, Systems Engineering, or a related qualification 2-4 years of experience in Information Security. Cybersecurity best practices, techniques, and tools Understanding of tools like Crowdstrike, Qualys, Service Now, Splunk, and similar to these. Ability to work under pressure in a fast-paced environment Networking concepts, including TCP/IP, routing and switching Windows, Linux, and UNIX operating systems Communication skills, both verbal and written Location: Bangalore, IN Work Arrangement: Hybrid (3 days per week in office) Equal Opportunity Employer: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets This job is posted with NTS Technology Services Pvt. Ltd. Job Category: Show more Show less

We Have opening on both L2/L3 SOC Analyst Experienced SOC L3 Analyst is needed to expand our group. You will oversee managing and resolving complicated cybersecurity events that have been escalated from L1 and L2 Analysts as an L3 Analyst. To find the underlying cause of security events and offer suggestions for correction, you will be expected to conduct extensive investigations and forensic analyses. Key Responsibilities for this job: Represent the highest level of escalation for cybersecurity issues. To identify the underlying causes of occurrences, carry out comprehensive investigations and forensic analysis. Provide remediation advice and collaborate with L1 and L2 analysts to implement it into practice. Create and maintain playbooks and incident response plans. Conduct penetration tests and vulnerability assessments. Analyze and evaluate the organization's cybersecurity threats. Take part in security audits and assessments. Create and uphold security standards, rules, and procedures. Instruct and guide young analysts in incident response best practices. Knowledge and experience required: Bachelor's degree in computer science, Cybersecurity, or a related field. 5+ years of experience in a SOC environment, with a focus on incident response and forensic analysis. Strong knowledge of cybersecurity frameworks, such as NIST and ISO. Experience working with security tools such as SIEM, IDS/IPS, endpoint detection and response, and firewalls. Excellent analytical and problem-solving skills. Strong communication and collaboration skills. Relevant certifications, such as CISSP, GCIA, GCIH, and/or CISA are highly preferred. Preferred Tool: Rapid7, LogRhythm, Sentinel, Fortinet SOAR, etc Shift flexibility, including weekends and holidays (24*7) Jumping on the call with Vendors and other teams to discuss issues with partners/ to get their requirements and deliver the same in the form of projects Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility. Providing weekly/monthly reports to the Upper Management.

Delhi , India Designation: Partner Position: SOC Instructor Mentor (Part-Time) Job Type: Consultant Benefits: Revenue distribution or a fixed hourly rate, with potential for performance-based bonuses tied to training outcomes. Reports to: Founder/CEO Job Overview The SOC Instructor Mentor will deliver advanced training and mentorship to Eduroids' students on a part-time basis, focusing on Security Operations Center (SOC) concepts, tools, and best practices. The role involves conducting engaging training sessions, developing industry-relevant course materials, and providing personalized guidance to students, equipping them with the skills required to excel in SOC roles such as security analysts and incident responders. Key Responsibilities Training Delivery: Lead interactive weekend sessions on SOC operations, incident response, threat detection, and security monitoring. Demonstrate workflows and methodologies for handling cybersecurity incidents within a SOC environment. Curriculum Development: Design and update course content, labs, and case studies aligned with SOC tools and frameworks, such as SIEM, SOAR, and endpoint detection platforms. Create comprehensive training materials covering SOC processes, including triage, analysis, containment, and remediation. Hands-On Learning: Facilitate hands-on labs using SOC tools like Splunk, IBM QRadar, ArcSight, and SentinelOne. Guide students through simulated incident response scenarios and log analysis exercises. Mentorship: Provide one-on-one guidance to students, addressing their questions and helping them understand real-world SOC workflows. Offer career advice, including certifications and skill-building strategies for aspiring SOC professionals. Industry Alignment: Ensure training materials reflect the latest cybersecurity trends, SOC methodologies, and compliance standards. Assessment and Feedback: Evaluate students through practical exercises, incident response scenarios, and periodic assessments. Provide constructive feedback to enhance participants’ skills and confidence. Knowledge Transfer: Share insights from a minimum of 15 years of professional experience in cybersecurity and SOC operations, emphasizing enterprise-grade practices. Key Measures Student Competency: High rates of student skill acquisition, demonstrated through successful completion of projects and assessments. Curriculum Relevance: Training content is continuously updated to align with current SOC tools, standards, and practices. Hands-On Proficiency: Students demonstrate practical expertise in using SOC tools and handling cybersecurity incidents. Feedback Scores: Achieve excellent ratings from students for training quality and mentorship effectiveness. Qualifications Education: Bachelor’s or Master’s degree in Cybersecurity, Information Technology, or a related field. Experience: Minimum of 15 years of professional experience in SOC operations, cybersecurity, or incident response. Hands-on experience with SOC tools, threat intelligence, and forensic analysis in enterprise environments. Real-time experience with Fortune 500 companies is highly preferred. Technical Skills: Proficiency in SOC workflows, including threat detection, incident response, and log management. Experience with SIEM solutions (Splunk, IBM QRadar, ArcSight) and SOAR platforms. Familiarity with scripting languages like Python, PowerShell, or Bash for automating SOC tasks. Strong understanding of MITRE ATT&CK framework and cybersecurity standards like NIST and ISO 27001. Soft Skills: Excellent communication and presentation abilities. Proven mentorship skills with a passion for teaching and guiding aspiring cybersecurity professionals. Strong analytical and critical thinking skills. Personal Attributes Passionate about cybersecurity and SOC operations. Resilient, adaptable, and committed to continuous learning. Collaborative team player who fosters an inclusive and engaging learning environment. Benefits Competitive compensation based on hourly or project-based engagement. Flexible remote working options. Opportunity to mentor and shape the next generation of SOC professionals. Collaborative and innovative work culture.

Delhi , India Designation: Partner Position: SIEM Instructor Mentor (Part-Time) Job Type: Consultant Benefits: Revenue distribution or a fixed hourly rate, with potential for performance-based bonuses tied to training outcomes. Reports to: Founder/CEO Job Overview The SIEM Mentor will provide expert training and mentorship to Eduroids' students on a part-time basis, focusing on equipping them with skills in Security Information and Event Management (SIEM). This role involves delivering practical training sessions, developing industry-relevant course materials, and guiding students through real-world security monitoring and incident response scenarios to prepare them for cybersecurity roles. Key Responsibilities Training Delivery: Conduct weekend training sessions focused on SIEM tools, processes, and best practices in security operations. Curriculum Development: Create and maintain up-to-date course content aligned with the latest trends in SIEM and cybersecurity. Hands-On Learning: Facilitate practical exercises, simulations, and case studies on threat detection, log analysis, and incident response using popular SIEM platforms. Mentorship: Offer personalized guidance to participants, addressing their questions and helping them grasp complex security concepts. Industry Alignment: Ensure training material reflects current cybersecurity challenges and industry standards in SIEM. Assessment and Feedback: Evaluate student progress through assessments, providing constructive feedback to foster their improvement. Knowledge Transfer: Share insights and experiences from real-world cybersecurity scenarios to bridge theory and practical application. Key Measures Student Progress: Track participant performance in mastering SIEM concepts, tools, and workflows. Industry Relevance: Maintain curriculum alignment with evolving cybersecurity threats, compliance standards, and technologies. Feedback Scores: Achieve high participant satisfaction ratings for training quality and mentorship. Project Completion: Ensure students complete SIEM-related projects, including log analysis, threat hunting, and creating custom alerts. Qualifications Education: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field. Experience: Minimum of 10 years of professional experience in cybersecurity, with a focus on SIEM tools and security operations. Experience working with Fortune 500 companies or high-security environments preferred. Demonstrated expertise in implementing and managing SIEM platforms in enterprise environments. Technical Skills: Proficiency with SIEM platforms such as Splunk , IBM QRadar , ArcSight , or LogRhythm . Knowledge of threat intelligence, log management, and compliance requirements like GDPR, PCI DSS, and HIPAA. Familiarity with scripting languages like Python or PowerShell for automation in SIEM tools. Strong understanding of cybersecurity frameworks like MITRE ATT&CK , NIST , or CIS Controls . Soft Skills: Excellent communication and presentation abilities. Ability to translate complex cybersecurity concepts into actionable knowledge for learners. Passion for teaching and mentoring aspiring cybersecurity professionals. Personal Attributes Dedicated to fostering the next generation of cybersecurity experts. Resilient and adaptable, with a focus on continuous improvement. Collaborative mentor who creates an engaging and supportive learning environment. Benefits Competitive compensation based on hourly or project-based engagement. Flexible remote working options. Opportunity to shape the future of cybersecurity professionals and contribute to their career success. Engaging and forward-thinking work culture.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMSTDR Senior (TechOps) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc. Perform remote and on-site gap assessment of the SIEM solution. Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Conduct interview with stakeholders, review documents (SOPs, Architecture diagrams etc.) Evaluate SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Understand customer requirements and recommend best practices for SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operations Design and document a SIEM solution to meet the customer needs Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEM Experience in handling big data integration via Splunk Expertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc.) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Experience in installation, configuration and usage of premium Splunk Apps and Add-ons such as ES App, UEBA, ITSI etc Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Work with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification and prioritization recommendations Experience in creating custom commands, custom alert action, adaptive response actions etc. Qualification & experience: Minimum of 3 to 10 years’ experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Must have knowledge of Vulnerability Management, Windows and Linux basics including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting. Good to have below mentioned experience with designing and implementation of Splunk with a focus on IT Operations, Application Analytics, User Experience, Application Performance and Security Management Multiple cluster deployments & management experience as per Vendor guidelines and industry best practices Troubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issues Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMSTDR Senior (TechOps) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc. Perform remote and on-site gap assessment of the SIEM solution. Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Conduct interview with stakeholders, review documents (SOPs, Architecture diagrams etc.) Evaluate SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Understand customer requirements and recommend best practices for SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operations Design and document a SIEM solution to meet the customer needs Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEM Experience in handling big data integration via Splunk Expertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc.) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Experience in installation, configuration and usage of premium Splunk Apps and Add-ons such as ES App, UEBA, ITSI etc Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Work with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification and prioritization recommendations Experience in creating custom commands, custom alert action, adaptive response actions etc. Qualification & experience: Minimum of 3 to 10 years’ experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Must have knowledge of Vulnerability Management, Windows and Linux basics including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting. Good to have below mentioned experience with designing and implementation of Splunk with a focus on IT Operations, Application Analytics, User Experience, Application Performance and Security Management Multiple cluster deployments & management experience as per Vendor guidelines and industry best practices Troubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issues Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. CMSTDR Senior (TechOps) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc. Perform remote and on-site gap assessment of the SIEM solution. Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Conduct interview with stakeholders, review documents (SOPs, Architecture diagrams etc.) Evaluate SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Understand customer requirements and recommend best practices for SIEM solutions. Offer consultative advice in security principles and best practices related to SIEM operations Design and document a SIEM solution to meet the customer needs Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEM Experience in handling big data integration via Splunk Expertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc.) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Experience in installation, configuration and usage of premium Splunk Apps and Add-ons such as ES App, UEBA, ITSI etc Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Work with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification and prioritization recommendations Experience in creating custom commands, custom alert action, adaptive response actions etc. Qualification & experience: Minimum of 3 to 10 years’ experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting. Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary. Must have knowledge of Vulnerability Management, Windows and Linux basics including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting. Good to have below mentioned experience with designing and implementation of Splunk with a focus on IT Operations, Application Analytics, User Experience, Application Performance and Security Management Multiple cluster deployments & management experience as per Vendor guidelines and industry best practices Troubleshoot Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issues Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less