891 Qradar Jobs - Page 36

Job Description: Senior Security Solutioning Architect Responsible for Security solution development, competitive costing, commercial proposition integration and business case alignment of Enterprise Security Services solutions supporting client business, applications and/or information technology environments. Have experience to influence client evaluation criteria and decision making. Solution scope includes ongoing delivery of services, Security and compliance requirements, services startup and transition, initial people, technology and process transformation as well as ongoing refresh, meeting client's specifications, strategic direction, technology context, and business needs. Confidently articulates all aspects of solution and convincingly communicates value to the stakeholders & client. Works individually, in teams or as leader, to determine customer requirements in complex and often ambiguous outsourced environments. Interacts effectively with team, pursuit leaders, internal governance and business leadership to advance sales efforts. Responsibilities: Opportunity Analysis: Understands which security offerings best address customer needs and business requirements Ongoing qualification of solution merits. Solution Design and Development: Provides security solutions to meet client requirements and is able to adapt to new requirements. Address Security and Compliance requirement. Identifies and evaluates value- add alternatives, solutions to those alternatives. Optimizes security solutions plus broader customer IT strategy. Takes end to end view of solution, ensuring elements within their responsibility deliver against the defined business outcomes, using standard components. Works with financial analysts to validate results versus applicable criteria. Captures and highlights Risks and any associated costs. Models multiple offerings/components of security domains. Understands interaction of deal variables (compliance, volumes, services, service level agreements, locations, and more) between tower components. Delivers and owns, accurate financial models that are logically structured and reflect the technical solution. Solution Leadership: Experience in Directing solution activities, decisions. Ability to lead service element integration within tower, tower sub-component volume tradeoffs. Provides security solutions to meet client needs inclusive of Regulatory and Compliance requirement and is able to adapt to new requirements. Solution-Pursuit Integration Anticipates, communicates and solutions to optimize inter-tower dependencies, overlaps, staff sharing, and more. Effectively integrates client tools, process adoption and delivery startup/transition need. Clearly defines all risks through governance process and works to mitigate. Client/Customer/Account Relationship Understands and addresses CISO / CxO issues. Applies consultative selling techniques to advance opportunities. Participates in/supports negotiation of technical contract elements. Provides solution advice, drives proposals, presentations, and other customer communications during pursuit. Input to security offering teams to bring in changes to offerings as per latest security trends and compliance needs. Education and Experience Required: Total experience of 12+ years in IT Security, mainly on security pre-sales, solution selling Technical university or Bachelor preferred Good exposure to Pre-Sales role involved in Cyber Security Solutioning and understands the Security Market Involvement in architecting and proposing the cyber security solutions to customer, experience in Managed Security Services market Knowledge and Skills: Demonstrates a broad knowledge of outsourcing services and solutions, with expertise in area of specialization. Preferably having any one of Security certifications like – CISSP, CCSP, CISA AND Security Product certifications. ITIL and PMP certifications are good to have. List of security domains on which solutioning exposure is required. Should be master in few (atleast in one) of the security domains backed up hand-on experience in both delivery and pre-sales. SIEM - MS Sentinel / SUMO / Splunk / QRadar IDM – Sailpoint / Forgerock / CyberArk / Microsoft / Broadcom / Okta APT Solution – Micorsoft / FireEye / PaloAlto / Checkpoint MDR / EDR Solution - Crowdstrike / Carbon black / Microsoft Endpoint Security - Symantec / McAfee / Trend Micro / Microsoft Network Security – PaloAlto / Checkpoint / Fortinet / Cisco GRC tools Cloud Security Good understanding of Security Risk & Compliance domain, Regulatory and Compliance requirements Awareness of Security Alliance partner offerings and directions, current industry news. Demonstrates thought leadership in Security domain. Demonstrates ability to work as the lead for components of large complex projects. Has in-depth understanding of the product and services portfolio roadmaps of multiple business units. Experience to handle POCs Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here .

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role We are seeking a highly skilled Security Analyst (Level 2) to join our MSSP SOC team. The ideal candidate will have expertise in SIEM (Splunk, QRadar), XDR/EDR solutions, and security analysis with hands-on experience in investigating and responding to security alerts. This role requires proficiency in reviewing and analyzing Level 1 alerts, providing detailed recommendations, and engaging with customers for incident handling. The candidate should also have basic SIEM administration knowledge and Python scripting skills for troubleshooting and playbook development. Key Responsibilities Threat Detection & Response: Analyze and investigate security alerts, events, and incidents generated by SIEM, XDR, and EDR solutions.Incident Investigation & Handling: Conduct in-depth security incident investigations, assess impact, and take appropriate actions. Incident Escalation & Communication: Escalate critical incidents to Level 3 analysts or senior security teams while maintaining detailed documentation.Content Management: Develop and fine-tune correlation rules, use cases, and alerts in SIEM/XDR platforms to improve detection accuracy.Malware Analysis: Perform basic malware analysis and forensic investigation to assess threats.Customer Request Handling: Collaborate with customers to address security concerns, provide recommendations, and respond to inquiries.SIEM Administration: Assist in the administration and maintenance of SIEM tools like Splunk or QRadar, ensuring smooth operations.Automation & Playbooks: Utilize Python scripting for automation, troubleshooting, and playbook development to enhance SOC efficiency.Reporting & Documentation: Prepare detailed reports on security incidents, trends, and mitigation strategies. Basic Qualifications B.E/B. Tech degree in computer science, Information Technology, Masters in Cybersecurity3+ years of experience in a SOC or cybersecurity operations role.Strong knowledge of SIEM tools (Splunk, QRadar) and XDR/EDR solutions.Hands-on experience in threat detection, security monitoring, and incident response.Knowledge of network security, intrusion detection, malware analysis, and forensics.Basic experience in SIEM administration (log ingestion, rule creation, dashboard management).Proficiency in Python scripting for automation and playbook development.Good understanding of MITRE ATT&CK framework, security frameworks (NIST, ISO 27001), and threat intelligence.Strong analytical, problem-solving, and communication skills.Ability to work in a 24x7 SOC environment (if applicable) Preferred Qualifications Certified SOC Analyst (CSA)Certified Incident Handler (GCIH, ECIH)Splunk Certified Admin / QRadar Certified AnalystCompTIA Security+ / CEH / CISSP (preferred but not mandatory Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.

Security Operations Centre (SOC) - Lead Location: Pune(Aundh/Baner),India (On-site, In-House SOC)Department: Security Operations CenterExperience: 4–6 YearsWork Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview:We are looking for an experienced and technically strong SOC Lead / Senior Engineer who will own and manage the core administration, tuning, detection engineering, and incident response infrastructure within the Security Operations Center. This is a hands-on technical role for someone who thrives in a high-paced, cloud-first environment and has expertise in SIEM (QRadar), XDR (CrowdStrike), DLP (Netskope), Deception (Canary), TIP/SOAR, and AWS Security. Key Responsibilities:Monitor, investigate, and close security incidents using QRadar SIEM, with deep expertise in offense triage and management.Administer and fine-tune configurations across multiple security platforms including QRadar, CrowdStrike XDR, Netskope DLP, Canary, Sysdig/Falco, and G-Suite Security to ensure optimal performance.Architect and deploy new SIEM content such as correlation rules, filters, dashboards, active lists, reports, and trends based on threat intelligence and business needs.Lead use case design and development for new detections based on the evolving threat landscape and attack techniques (MITRE ATT&CK alignment).Own the log onboarding lifecycle, including parsing, normalization, and enrichment for diverse AWS services and third-party SaaS platforms.Manage SLAs for incident detection, escalation, and resolution; ensure robust reporting and analytics for SOC operations.Conduct advanced threat hunting, packet-level analysis, and proactive detection activities using telemetry and behavioral analytics.Integrate and manage SOAR and TIP tools to drive automation and enrichment in incident response workflows.Lead vulnerability assessments and penetration testing activities in collaboration with infrastructure and DevSecOps teams.Develop and test incident response plans (IRPs) and playbooks for high-impact scenarios like ransomware, insider threats, and data exfiltration.Stay abreast of the latest threats, vulnerabilities, and exploits; conduct periodic threat briefings and internal knowledge transfers.Maintain detailed documentation of configurations, security procedures, SOPs, incident reports, and audit logs.Mentor junior SOC analysts and provide technical guidance during critical incidents and escalations.Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management.Experience in Designing and deploying use cases for SIEM and other security devices.Continuously monitor security alerts and events to identify potential security incidents or threats. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary.Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.).Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation.Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats.Ensure all actions are compliant with internal policies, security standards, and regulatory requirements.Required Skills & Experience:Minimum 4 years of experience in SOC operations, including administrative expertise in SIEM platforms (preferably QRadar).Strong hands-on knowledge of SIEM tuning, content development, threat detection, and incident handling.Expertise in 3 or more of the following: SIEM (QRadar), XDR (CrowdStrike), SOAR/TIP Platforms, DLP (Netskope), Cloud Security (AWS), Deception Technology (Canary)Experience with network traffic analysis, packet capture tools, and deep dive investigations.Strong analytical, problem-solving, and decision-making skills.Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS Controls.Preferred Qualifications:Professional certifications such as GCIA, GCED, GCIH, CEH, CCSP, AWS Security Specialty, or QRadar Certified Specialist.Prior experience in managing an in-house 24x7 SOC or leading shift teams.What We Offer:Work on a modern cloud-native security stack in a dynamic FinTech environment.Opportunity to lead security engineering and detection strategy for critical financial platforms.Be part of a tight-knit, expert-level team with a strong learning and innovation culture.Competitive salary, performance-based incentives, and growth opportunities.

Job Title: SOC Manager Location: Mumbai Experience: 5+ for L2 role, 8+ SOC Manager role Industry: Cybersecurity / Managed Security Service Provider (MSSP) Job Summary We are seeking a highly skilled and experienced SOC Manager to lead our Security Operations Center. The ideal candidate must have hands-on experience working in or managing operations for a Managed Security Services Provider (MSSP). You will be responsible for overseeing day-to-day SOC operations, leading a team of analysts, and ensuring proactive monitoring, detection, and response to security threats across client environments. Key Responsibilities Lead and manage 24x7 SOC operations, including Tier 1, Tier 2, and Tier 3 analysts. Develop and implement SOC processes, playbooks, and incident response procedures. Oversee threat intelligence, detection engineering, and use case development. Ensure SLAs and KPIs are met across all MSSP service deliveries. Collaborate with client stakeholders to communicate threat landscape, incidents, and security posture. Act as an escalation point during critical incidents and ensure proper incident lifecycle management. Evaluate and optimize SIEM, SOAR, and threat detection platforms. Conduct regular risk assessments, gap analysis, and SOC maturity evaluations. Mentor and upskill SOC team members to maintain high performance. Required Skills & Qualifications Bachelor’s degree in Computer Science, Information Security, or related field. Mandatory experience in an MSSP environment handling multiple client environments. Strong understanding of security operations, SIEM, SOAR, IDS/IPS, endpoint protection, firewalls, and threat intel platforms. Proficient in incident detection, analysis, containment, eradication, and recovery. Hands-on experience with tools like Splunk, QRadar, ArcSight, IBM Resilient, CrowdStrike, etc. In-depth knowledge of MITRE ATT&CK, NIST, ISO 27001, and other security frameworks. Excellent leadership, communication, and stakeholder management skills. Relevant certifications preferred: CISSP, CISM, CEH, GCIA, GCIH, or SOC-related certifications. Nice to Have Experience in managing global SOCs or distributed teams. Exposure to compliance requirements such as GDPR, PCI-DSS, HIPAA, etc. Knowledge of scripting (Python, Bash) or automation tools to improve SOC efficiency. Skills: firewalls,stakeholder management,mssp operations,endpoint protection,threat intelligence,soc leadership,soc,platforms,communication,management,soar,ids/ips,splunk,cybersecurity,leadership,iso 27001,ibm resilient,mitre att&ck,operations,nist,bash,crowdstrike,python,incident detection,security,skills,arcsight,security operations,qradar,siem

About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience Role & responsibilities: The candidate should be hands-on in managing Security Operations, SOC, Identify access management, Risk Management Should have worked on Blueprinting and Designing of SOC frameworks and implementation of SOC/SIEM solution and Enterprise Architecture Should be hands-on on security processes with good client and Market facing experience in India geography Should have worked on Designing, solutioning and Implementation of Cyber Security Frameworks - Security Operations Strategy, Vulnerability Management - Application & Infrastructure and Threat Intelligence and Analytics Preferred candidate profile : Should have worked on the below - M&A experience - Actively monitoring, analyzing & escalating SIEM alerts based on correlation rules, Active threat hunting on network flow, user behavior and threat intelligence Candidate should have expert level domain knowledge (Cyber Security), Threat Hunting, SIEM - Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm/Qradar ), Ability to Comprehend Logs (HTTP, SMTP, Network), Operating systems and servers, Organizes Technical Sessions / Talks. Candidate should able to familiar with python Scripting & Windows Active Directory (Optional). Vulnerability Management Services - External & internal Vulnerability scanning, VMS tool Qualys & Kenna Administration, Application server & Vulnerability scanning Candidate should have expert level domain knowledge (Cyber Security), Vulnerability scans and recognizing vulnerabilities in security systems, Network analysis tools to identify vulnerabilities, Develop insights about the context of an organizations threat environment, Risk management processes, Network attack and a network attacks relationship to both threats and vulnerabilities. Candidate should have advance level understanding of Impact/risk assessments. Security Operations and Management experience - SOC Experience in Identity access, privilege access, vulnerability management Client facing - front end with the client- focused on engagements + Sales, BD + Capability Development Qualification: B.Tech / M.Tech/ MCA professional with 9-12 years of experience in the relevant role Should have strong hands on MS Power Point and MS Project Hands on experience and certification in any one SIEM (IBM QRadar, ArcSight, Azure Sentinel, Splunk) Security Certifications like CISSP, CISM, GIAC, Security+ etc Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

Cybersecurity Specialist Summary Apply Now vijayawada Full-Time 5+ Years Industry IT/Security Responsibilities Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. About The Role Develop and manage security measures for networks, systems, and applications. The role includes conducting regular security audits and responding to security incidents. Qualifications Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. Skills Expertise in network security, firewalls, and intrusion detection systems. Proficiency in SIEM tools like Splunk or QRadar. Strong knowledge of compliance standards (ISO, NIST). Experience with vulnerability assessment and penetration testing.

DevOps Engineer Summary Apply Now Full-Time 4-6 years Responsibilities Automate and streamline deployment processes using CI/CD tools. Manage and monitor cloud infrastructure and services. Implement security measures and compliance in DevOps processes. Collaborate with development and operations teams to improve system performance. Troubleshoot and resolve infrastructure and deployment issues. Qualifications Automate and streamline deployment processes using CI/CD tools. Manage and monitor cloud infrastructure and services. Implement security measures and compliance in DevOps processes. Collaborate with development and operations teams to improve system performance. Troubleshoot and resolve infrastructure and deployment issues. Skills Strong knowledge of firewalls, VPNs, IDS/IPS, and security protocols. Experience with SIEM tools (Splunk, QRadar). Proficiency in risk assessment and management. Understanding of compliance standards (ISO, NIST, GDPR). Excellent analytical and problem-solving abilities.

About The Role : Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience Requirements 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How we'll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Req ID: 313359 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a AD - Systems Engineering Specialist to join our team in Noida, Uttar Pradesh (IN-UP), India (IN). Role Responsibilities Incidents response of Active Directory, Azure AD, and OS/server tickets Group policy administration and implementation Reporting and review of all connectivity, synchronization, replication within Active Directory DNS health and performance Sites and services - Missing or incorrectly assigned subnets NTP Reporting, configuration and accuracy Monitoring/reporting/reviewing all metrics and changes around netlogon, NTDS Database partitions, DNS settings, SRV records, Trust relationships Review of domain controllers, application, and security events to find any issues or trends Work with security teams to respond to emergency or critical vulnerabilities, patching or changes as required Response to NON-AD or believed to be AD related issues such as 3rd party application authentication issues, windows/RDP login issues, LDAP query issues, Kerberos errors, NTP errors. Windows Server OS maintenance, Patching, Upgrades, Hardware tickets, troubleshooting On-call rotation Required to have flexibility in schedules - First, Second, Third shifts available Required Qualifications 5+ years of relevant experience Strong knowledge of Active Directory, Window Server OS, Network, Firewall Basic understanding of Azure AD, Azure SSO, Azure MFA Strong knowledge of Group Policy VMware Basic understanding Strong troubleshooting skills Basic PowerShell Commands/scripting Preferences Ideally certifications from one of the followingSecurity+, Microsoft, AWS Strong Azure AD, Azure SSO, Azure MFA skills Advanced PowerShell scripting Undergraduate degree Strong understanding of networking technologies Advanced knowledge of network security that pertains to communications, computer system environments and related infrastructures About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies.Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us atus.nttdata.com NTT DATA endeavors to make https://us.nttdata.comaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here. Job Segment System Administrator, Consulting, Database, Technology

Tech Lead (Python) Experience: 7 - 10 Years Exp Salary : INR 20-22 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Onsite (Bengaluru) Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : Python, flask Good to have skills : Cloud Computing, Django, QRadar, SIEM tools, Splunk, Linux, GIT, FastAPI, RestAPI Sacumen (One of Uplers' Clients) is Looking for: Tech Lead (Python) who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description We are looking for a Tech lead to join our cutting-edge development team as it grows. We want someone who is comfortable asking why? The ideal candidate is a divergent thinker who understands industry best practices and has experience with multiple coding languages. They are a team player possessing good analytical as well as technical skills. They are able to communicate and understand the logic behind technical decisions to non-tech stakeholders. They must be comfortable working in an agile environment and have the ability to take the wheel when necessary. Responsibilities Gather and analyze user requirements. Create clear technical specifications for reference and reporting. Analyze the third-party applications and identify the components to be integrated. Create innovative, scalable, fault-tolerant software solutions for our customers. Validate and ensure defined unit tests code coverage is achieved. Do code quality checks and code reviews regularly to ensure safe and efficient code. Ensure the setup of the deployment infrastructure and test environments. Work closely with project managers, teams, systems architects, and sales and marketing professionals to deliver project objectives. Continuously look to improve the organization's standards. Expand existing software to meet the changing needs of our key demographics. Requirements A Bachelors / Masters Degree in Engineering or Information Technology. 7-10 years of software development experience with 4+ years of experience with the Python programming language. A thorough understanding of computer architecture, operating systems, and data structures. An in-depth understanding of the Internet, Cloud Computing & Services, and REST APIs. Must have experience with any one of the python frameworks like Flask / FastAPI / Django REST. Must know GIT and Python virtual environment. Must have experience with python requests module. Should have experience with creating and using python third-party libraries. Familiarity with SIEM tools like the Qradar app / Splunk app and Splunk add-on will be an advantage. Experience working with Linux/Unix and shell scripts. A meticulous and organized approach to work. A logical, analytical, and creative approach to problem-solving. A thorough, detail-oriented work style. Interview Process - Technical Round 1 (Tech Discussion / Problem Solving) Technical Round 2 (Techno Managerial Round) CEO Round HR Round How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: The Company is a wholly-owned subsidiary of USA, (www.opus.global) is in the process of setting up a software development team in India. The team collectively should have the following skill set. The company has become the leader in providing professionally managed solutions for centralized and decentralized I/M programs by applying leading-edge technology to data management, safety and emissions testing and diagnostic equipment, on-road Remote Sensing, and wireless Remote OBD monitoring. Opus has operations on four continents. We are among the top companies in Vehicle Inspection and a leader in Intelligent Vehicle Support. About Uplers: Our goal is to make hiring and getting hired reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant product and engineering job opportunities and progress in their career. (Note: There are many more opportunities apart from this on the portal.) So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!

Security Operations Centre (SOC) - Lead Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 4-6 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: We are looking for an experienced and technically strong SOC Lead / Senior Engineer who will own and manage the core administration, tuning, detection engineering, and incident response infrastructure within the Security Operations Center. This is a hands-on technical role for someone who thrives in a high-paced, cloud-first environment and has expertise in SIEM (QRadar), XDR (CrowdStrike), DLP (Netskope), Deception (Canary), TIP/SOAR, and AWS Security. Key Responsibilities: Monitor, investigate, and close security incidents using QRadar SIEM , with deep expertise in offense triage and management. Administer and fine-tune configurations across multiple security platforms including QRadar, CrowdStrike XDR, Netskope DLP, Canary, Sysdig/Falco, and G-Suite Security to ensure optimal performance. Architect and deploy new SIEM content such as correlation rules, filters, dashboards, active lists, reports, and trends based on threat intelligence and business needs. Lead use case design and development for new detections based on the evolving threat landscape and attack techniques (MITRE ATT&CK alignment). Own the log onboarding lifecycle, including parsing, normalization, and enrichment for diverse AWS services and third-party SaaS platforms. Manage SLAs for incident detection, escalation, and resolution; ensure robust reporting and analytics for SOC operations. Conduct advanced threat hunting, packet-level analysis, and proactive detection activities using telemetry and behavioral analytics. Integrate and manage SOAR and TIP tools to drive automation and enrichment in incident response workflows. Lead vulnerability assessments and penetration testing activities in collaboration with infrastructure and DevSecOps teams. Develop and test incident response plans (IRPs) and playbooks for high-impact scenarios like ransomware, insider threats, and data exfiltration. Stay abreast of the latest threats, vulnerabilities, and exploits; conduct periodic threat briefings and internal knowledge transfers. Maintain detailed documentation of configurations, security procedures, SOPs, incident reports, and audit logs. Mentor junior SOC analysts and provide technical guidance during critical incidents and escalations. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Experience in Designing and deploying use cases for SIEM and other security devices. Continuously monitor security alerts and events to identify potential security incidents or threats. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience: Minimum 4 years of experience in SOC operations, including administrative expertise in SIEM platforms (preferably QRadar). Strong hands-on knowledge of SIEM tuning, content development, threat detection, and incident handling. Expertise in 3 or more of the following: SIEM (QRadar), XDR (CrowdStrike), SOAR/TIP Platforms, DLP (Netskope), Cloud Security (AWS), Deception Technology (Canary) Experience with network traffic analysis, packet capture tools, and deep dive investigations. Strong analytical, problem-solving, and decision-making skills. Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS Controls. Preferred Qualifications: Professional certifications such as GCIA, GCED, GCIH, CEH, CCSP, AWS Security Specialty, or QRadar Certified Specialist. Prior experience in managing an in-house 24x7 SOC or leading shift teams. What We Offer: Work on a modern cloud-native security stack in a dynamic FinTech environment. Opportunity to lead security engineering and detection strategy for critical financial platforms. Be part of a tight-knit, expert-level team with a strong learning and innovation culture. Competitive salary, performance-based incentives, and growth opportunities.

Cyber and 3rd party risk manager About Amgen Amgen harnesses the best of biology and technology to fight the world’s toughest diseases, and make people’s lives easier, fuller and longer. We discover, develop, manufacture and deliver innovative medicines to help millions of patients. Amgen helped establish the biotechnology industry more than 40 years ago and remains on the cutting-edge of innovation, using technology and human genetic data to push beyond what’s known today. What you will do Role Description This is a lead role to support the risk management product team in identifying, analyzing, and mitigating IT-related risks to the organization. This role will involve working closely with various departments to ensure that risk controls are in place, policies are adhered to, and security standards are met. The IT Risk Analyst will assist in developing and maintaining risk management frameworks, performing assessments, and supporting regulatory compliance efforts. Roles & Responsibilities Risk Management Leadership Support the global risk management and third-party organization in leading a team of risk analysts performing tasks related to the global risk assessment processes. Risk Identification and Assessment: Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies. Assist in the identification and evaluation of risks associated with third-party vendors and partners. Maintain the IT risk register, documenting risks, issues, and remediation actions. Risk Mitigation and Monitoring: Recommend risk mitigation strategies and implement risk management controls across IT infrastructure. Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks and vulnerabilities. Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST). Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices. Support the development and implementation of IT governance, risk, and compliance frameworks. Vendor Risk Management: Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications and Experience Education: Bachelor’s degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable. Experience 4-6 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools and frameworks (e.g., ISO 27001, NIST, COBIT). Skills and Competencies: Strong understanding of IT infrastructure, systems, and security best practices. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex risk concepts to non-technical stakeholders. Ability to assess and interpret security-related clauses in third-party contracts, such as Security Requirements Schedules (SRS) Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). Technical Knowledge: Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills Collaboration with global teams What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

SOC Analyst Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 1-3 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: As a SOC Analyst, you will be part of our in-house 24x7 Security Operations Centre based in Pune. You will be responsible for monitoring, analyzing, and responding to security incidents and alerts using cutting-edge security technologies and platforms. This role is a great opportunity to grow in a fast-paced FinTech environment leveraging tools like QRadar SIEM, CrowdStrike XDR, Netskope DLP, AWS Cloud Security, Sysdig, Falco, Canary Tokens, and G-Suite Security and other security solutions. Key Responsibilities: Continuously monitor security alerts and events using QRadar SIEM , CrowdStrike , Falco , and other integrated tools. Perform initial triage and analysis to assess the nature and severity of potential security incidents. Escalate incidents in line with established procedures and severity levels. Create, update, and manage incident tickets throughout their lifecycle using ticketing systems. Analyze logs and security data from various sources, including AWS Cloud , G-Suite , and endpoint solutions. Assist in proactive threat hunting and detection of malicious activity across systems and applications. Technical experience working in a SOC and cybersecurity incident response. Generate daily, weekly, and ad-hoc reports detailing SOC operations and incident statistics. Support 24x7 operations by participating in rotational shifts, including nights and weekends. Understanding of AWS Services for security detection and mitigation. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience : 1-3 years of hands-on experience in SOC operations or cyber security monitoring. Exposure to SIEM tools, preferably IBM QRadar . Experience with Endpoint Detection & Response (EDR) solutions such as CrowdStrike . Familiarity with DLP (preferably Netskope) and cloud-native security tools. Working knowledge of Linux/Unix command line and scripting basics. Understanding of AWS Cloud Security concepts . Knowledge of TCP/IP, DNS, HTTP, and other networking protocols. Familiarity with common attack vectors and threat landscape (MITRE ATT&CK framework is a plus). Good to Have: Experience with Falco , Sysdig , or other container security tools. Exposure to Canary tokens or deception technologies. Basic certifications such as CompTIA Security+, CEH, AWS Security Specialty, or CrowdStrike CCFA . What We Offer: Opportunity to work with modern cloud-native security stack. Learn and grow in an innovative FinTech environment. Mentorship and training on advanced threat detection and response practices. Strong team culture focused on collaboration and technical excellence. Competitive salary and shift allowances.

Job description Ensure the development of policies, procedures & documentations. Establish, document, and manage the scope, schedule and resource allocation for projects and sustaining activities to ensure successful project execution. Implement and maintain integrated work schedules and plans which ensure that the necessary deliverables are ready & available. Oversee the daily operations of 24X7X365 Security Operations Center, Develop & maintain SOC documentations, produce relevant cyber security metrics that allow the SOC to provide Executive Leadership with metrics. Support Security Analysts monitoring the network and answering phone calls and emails, about cyber operations to respond to, analyse, and manage the response to cyber incidents affecting the client information and information systems in accordance with the client Incident Response Plan (IRP). Ensure the service quality as per SLA. SOC manager should have a good command over information security solutions and SIEM architecture so that he/she will be able to effectively guide the onsite team on the operations and provide the Bank necessary insights and advice in order to improve the information security posture of the Bank. SOC manager is responsible for overall management of SOC and its operations. Following are the key responsibilities of this role: 1. Continuous review of the operations carried out by the SOC team. 2. Ensure that SOC team is fully compliant to the process defined. 3. Efficiently manage the escalation procedures followed by the SOC team. 4. Regularly monitor and review the incident and cases records. 5. Regularly track the Timeline compliance of the SOC activities. 6. Take measures to carry out SOC activities in an effective and efficient manner. 7. Regularly review the processes and procedures followed by the SOC team and propose changes if there is a scope for improvement. 8. Develop and evaluate metrics to measure the performance of the SOC team. 9. Present the security reports periodically to the IT security team and management. 10.Provide suggestions to add/remove log sources under monitoring scope. 12. Ensure the development of policies, procedures & documentations. 13. Establish, document, and manage the scope, schedule, and resource allocation for projects and sustaining activities to ensure successful project execution. 14. Implement and maintain integrated work schedules and plans which ensure that the necessary deliverers are ready & available, Oversee the daily operations of the 24x7x365 Security Operations Center. 15.Guide L2 Team to Develop and configure use cases on SOC monitoring tools concerning a specific log source upon integration. 16.Guide L2 Team Configure additional modules/packages on Qradar if there are any. 17.Guide L2 Team Develop Log Baseline for the log sources identified to be integrated with Qradar. 18.Guide L2 Team Set up a baseline security level for critical assets by means of Qradar vulnerability scans per quarter.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Senior (Endpoint Detection and Response) KEY Capabilities: Excellent teamwork skills, passion and drive to succeed and combat Cyber threats Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs.Expertise in design, implementation and operation of EDR solution such as Carbon Black, Tanium, Crowdstrike , Cortes XDR , Microsoft Defender ATP , MacAfee, Symantec and similar technologies,(including migration)Provide consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment.Perform remote and on-site gap assessment, customization, installation, and integration of the EDR solution.Knowledge of cyber threat intelligenceExperience in several of the following areas cybersecurity operations, network security monitoring, host security monitoring, malware analysis, adversary hunting, modern adversary methodologies, all source intelligence analysis, analytical methodologies, confidence-based assessments, and writing analytical reports.Working knowledge of Cuckoo, CAPE, or any other sandbox platformsExperience with security orchestration automation and response tools (Phantom, Resilient, XSOAR) and incident response platforms/DFIR toolsetsExperience with threat hunting using cyber threat intelligence by analyzing large and unstructured data sets to identify trends and anomalies indicative of malicious cyber activities.Expertise in EDR use case development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systemsWilling to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers.Experience in responding to the RFPs and preparation of Project Plan Expertise in integrating EDR devices including unsupported (in-house built) by creating custom parsersGood knowledge in threat modelling. Experience in creating use cases under Cyber kill chain and MITRE attack frameworkKnowledge in Network monitoring technology platforms such as Fidelis XPS or others.Ability to lead a team / project on various phases.Deep understanding on Market trends and ability to adapt based on that.Below mentioned experiences/expertise will be added advantageDeep understanding in various SIEM solutions like Splunk, Qradar, LogRhythm, Securonix, Elastic.Knowledge in scripting using PythonExperiencing advising on Cloud Security capabilities across various platform mainly AzureConfigure data digestion types and connectorsAnalytic design and configuration of the events and logs being digestedDevelop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events Qualification & experience: Minimum of 6 to 12 years’ experience with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated security intelligence solution into global enterprise environments. Strong oral, written and listening skills are an essential component to effective consulting.Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary.Must have knowledge of Vulnerability Management, basic Windows setup, Windows Domains, trusts, GPOs, server roles, Windows security policies, basic Linux setup, user administration, Linux security and troubleshooting.Good to have experience in handling big data integration via Splunk or other SIEMDeep understanding in Malware Analysis and Incident ResponseGood knowledge in programming or Scripting languages such as Python, JavaScript, Bash, PowerShell, Bash, Ruby, Perl, etcMust have honours degree in a technical field such as computer science, mathematics, engineering or similar fieldMinimum 4 years of working in a security operations center Certification in any one of the EDR or SIEM Solution is a must Certifications in a core security related discipline will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job requisition ID :: 77258 Date: May 5, 2025 Location: Delhi Designation: Assistant Manager Entity: Job Summary: The SIEM QRadar Engineer is responsible for deploying, configuring, and managing IBM QRadar SIEM solutions to monitor, analyze, and respond to security events and incidents across the enterprise. This role requires a strong understanding of cybersecurity principles, event management, and log analysis to provide real-time monitoring, threat detection, and incident investigation. Key Responsibilities: 1. QRadar Platform Configuration & Administration: Implement and configure IBM QRadar SIEM, including the integration of log sources (firewalls, servers, IDS/IPS, etc.). Administer and maintain QRadar appliances, including updating, patching, and tuning for performance. Ensure the proper setup of security event collection, parsing, normalization, and storage. 2. Security Monitoring & Incident Response: Monitor QRadar dashboards and alerts for security incidents and potential threats. Investigate and triage security incidents, escalating as necessary, and providing detailed reports for remediation. Create and fine-tune custom rules, offenses, and alerts to improve threat detection accuracy. 3. Log Source Management: Configure and manage log source integrations, including forwarders, collectors, and data processing. Work with teams across the organization to identify and collect relevant logs for security monitoring. 4. Correlation Rules and Customization: Develop, maintain, and optimize correlation rules to detect suspicious activities. Work with security analysts to develop custom use cases and refine QRadar correlation capabilities. 5. Threat Intelligence and Data Integration: Integrate threat intelligence feeds into QRadar for enhanced detection of external threats. Leverage external data sources and QRadar’s built-in capabilities to identify emerging threat patterns. 6. Reporting and Documentation: Generate reports for management, compliance audits, and regulatory requirements. Document configurations, rules, processes, and troubleshooting steps for knowledge sharing and incident response procedures. 7. Collaboration & Support: Work closely with IT and cybersecurity teams to integrate new systems and optimize SIEM operations. Assist in the development of incident response playbooks and provide expertise during security incidents. Required Skills & Qualifications: Experience: Minimum of 3-5 years of experience in SIEM engineering security (preferably IBM QRadar). Experience in incident response, threat hunting, and using security monitoring tools. Technical Skills: Strong understanding of SIEM concepts and security event management. In-depth knowledge of the QRadar platform (administration, configuration, and optimization). Familiarity with network security protocols, firewalls, IDS/IPS systems, and security appliances. Experience with Linux/Unix operating systems and basic scripting (Python, Bash, etc.) for automation or customization. Certifications : IBM QRadar certification.