2862 Qradar Jobs - Page 43

Job Purpose: The L1 SOC Analyst provides the first line of defense by monitoring alerts, performing initial triage (systematic evaluation, prioritization, and response to security alerts.) and escalating incidents as per SOPs and SLAs. Key Responsibilities: • Monitor SIEM, SOAR, EDR, and security dashboards 24x7. • Validate and triage security alerts. • Escalate potential incidents to L2 with proper documentation. • Track incident tickets and ensure SLA compliance. • Maintain situational awareness by tracking known threats. • Perform log analysis and simple threat correlation. Skills & Competencies: • Knowledge of networking basics (TCP/IP, DNS, HTTP, VPN). • Understanding of common threats ...

Job Overview: The Assistant Manager Academic Operations will be responsible for end-to-end delivery of a course/program. Starting with research, anticipation and evaluation of market needs this role would be responsible for working with stakeholders of a program delivery, including the faculty, mentors, sales & marketing and content preparation teams. The role also requires one to evaluate the current offerings and implement strategies for improving the product. Responsibilities and Duties: Academic Operations: Researching about the requisite coursework to be delivered by the program and supporting the faculty with content creation. Onboarding mentors to deliver the course. Looking after sup...

Level - L4 Reports to: SOC Head Position Summary: The SOC Lead will lead the operations of the Security Operations Centre (SOC). The candidate should have deep expertise in security monitoring, incident response, threat intelligence and security technologies. This role is critical in safeguarding digital assets and ensuring rapid detection, response and mitigation of security incidents. Key Responsibilities: Lead and manage the day-to-day operations of the Security Operations Centre (SOC) team. Oversee monitoring, detection, analysis, and response to security incidents using SIEM tools and other security technologies. Oversee tuning and optimization of SIEM platforms (e.g. Azure sentinel, Lo...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level: L1+L2 A level one (L1) Security Operation Center (SOC) analyst performs several activities in addition to the monitoring activity: Monitor security alerts Participate in use case and rule workshops Participate in rule tuning sessions Participate in response procedure workshops Participate in lessons learned workshops Participate in education sessions as needed Shift meetings (typically start and end of shift) Record key metrics (auto or manual) to document: Response time - Handle time - Cycle time - Quality - Error rates - Feedback Review threat intelligence briefs Maintain and manage skills development plans Shift turnover / handover during SI A level two (L2) Security Operation Cent...

Level - L3 The SOC Manager is the operational and strategic leader of the Security Operations Center. This role is responsible for managing people, processes, and technologies to ensure the SOC delivers effective threat detection, incident response, and continuous improvement. The SOC Manager reports to Head of CDC and acts as the bridge between technical teams and business stakeholders Lead and mentor SOC staff across L1, L2, and L3 tiers Oversee hiring, onboarding, training, certification and performance evaluations Coordinate 24x7 shift coverage and ensure readiness for high-severity incidents Manage day-to-day SOC operations, including alert triage, incident escalation, and response coor...

Level - L3 The SOC Manager is the operational and strategic leader of the Security Operations Center. This role is responsible for managing people, processes, and technologies to ensure the SOC delivers effective threat detection, incident response, and continuous improvement. The SOC Manager reports to Head of CDC and acts as the bridge between technical teams and business stakeholders Lead and mentor SOC staff across L1, L2, and L3 tiers Oversee hiring, onboarding, training, certification and performance evaluations Coordinate 24x7 shift coverage and ensure readiness for high-severity incidents Manage day-to-day SOC operations, including alert triage, incident escalation, and response coor...

Level - L3 The SOC Manager is the operational and strategic leader of the Security Operations Center. This role is responsible for managing people, processes, and technologies to ensure the SOC delivers effective threat detection, incident response, and continuous improvement. The SOC Manager reports to Head of CDC and acts as the bridge between technical teams and business stakeholders Lead and mentor SOC staff across L1, L2, and L3 tiers Oversee hiring, onboarding, training, certification and performance evaluations Coordinate 24x7 shift coverage and ensure readiness for high-severity incidents Manage day-to-day SOC operations, including alert triage, incident escalation, and response coor...

Level - L3 The SOC Manager is the operational and strategic leader of the Security Operations Center. This role is responsible for managing people, processes, and technologies to ensure the SOC delivers effective threat detection, incident response, and continuous improvement. The SOC Manager reports to Head of CDC and acts as the bridge between technical teams and business stakeholders Lead and mentor SOC staff across L1, L2, and L3 tiers Oversee hiring, onboarding, training, certification and performance evaluations Coordinate 24x7 shift coverage and ensure readiness for high-severity incidents Manage day-to-day SOC operations, including alert triage, incident escalation, and response coor...

Level - L3 The SOC Manager is the operational and strategic leader of the Security Operations Center. This role is responsible for managing people, processes, and technologies to ensure the SOC delivers effective threat detection, incident response, and continuous improvement. The SOC Manager reports to Head of CDC and acts as the bridge between technical teams and business stakeholders Lead and mentor SOC staff across L1, L2, and L3 tiers Oversee hiring, onboarding, training, certification and performance evaluations Coordinate 24x7 shift coverage and ensure readiness for high-severity incidents Manage day-to-day SOC operations, including alert triage, incident escalation, and response coor...

Level : L3 The AI and Automation Lead is responsible for embedding intelligence, efficiency, and scalability into Security Operations Centers (SOCs) by leveraging AI, GenAI, and automation platforms like Microsoft Sentinel, Azure Logic Apps, and Kyndryl Bridge. This role is pivotal in driving transformation, SLA adherence, and operational excellence across global security operations 1. Design and implement AI models for threat detection, behavioural analytics, and anomaly detection using Microsoft Native Tools and Kyndryl Bridge. 2. Integrate GenAI into SOC workflows for predictive threat modelling, incident summarization, and automated RCA generation 3. Lead the development of agentic AI sy...

Level : L3 The AI and Automation Lead is responsible for embedding intelligence, efficiency, and scalability into Security Operations Centers (SOCs) by leveraging AI, GenAI, and automation platforms like Microsoft Sentinel, Azure Logic Apps, and Kyndryl Bridge. This role is pivotal in driving transformation, SLA adherence, and operational excellence across global security operations 1. Design and implement AI models for threat detection, behavioural analytics, and anomaly detection using Microsoft Native Tools and Kyndryl Bridge. 2. Integrate GenAI into SOC workflows for predictive threat modelling, incident summarization, and automated RCA generation 3. Lead the development of agentic AI sy...

Level : L3 The AI and Automation Lead is responsible for embedding intelligence, efficiency, and scalability into Security Operations Centers (SOCs) by leveraging AI, GenAI, and automation platforms like Microsoft Sentinel, Azure Logic Apps, and Kyndryl Bridge. This role is pivotal in driving transformation, SLA adherence, and operational excellence across global security operations 1. Design and implement AI models for threat detection, behavioural analytics, and anomaly detection using Microsoft Native Tools and Kyndryl Bridge. 2. Integrate GenAI into SOC workflows for predictive threat modelling, incident summarization, and automated RCA generation 3. Lead the development of agentic AI sy...

Level : L3 The AI and Automation Lead is responsible for embedding intelligence, efficiency, and scalability into Security Operations Centers (SOCs) by leveraging AI, GenAI, and automation platforms like Microsoft Sentinel, Azure Logic Apps, and Kyndryl Bridge. This role is pivotal in driving transformation, SLA adherence, and operational excellence across global security operations 1. Design and implement AI models for threat detection, behavioural analytics, and anomaly detection using Microsoft Native Tools and Kyndryl Bridge. 2. Integrate GenAI into SOC workflows for predictive threat modelling, incident summarization, and automated RCA generation 3. Lead the development of agentic AI sy...

Level : L3 The AI and Automation Lead is responsible for embedding intelligence, efficiency, and scalability into Security Operations Centers (SOCs) by leveraging AI, GenAI, and automation platforms like Microsoft Sentinel, Azure Logic Apps, and Kyndryl Bridge. This role is pivotal in driving transformation, SLA adherence, and operational excellence across global security operations 1. Design and implement AI models for threat detection, behavioural analytics, and anomaly detection using Microsoft Native Tools and Kyndryl Bridge. 2. Integrate GenAI into SOC workflows for predictive threat modelling, incident summarization, and automated RCA generation 3. Lead the development of agentic AI sy...

Level : L3 Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs). Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations Assist in troubleshooting sensor-related issues, including log collection and root cause analysis Raise and manage support cases with CrowdStrike for unresolved technical problems Maintain documentation of known issues, fixes, and deployment best practices. Conduct proactive threat hunting using Falcons historical and real-time data. Leverage CrowdStrike...

Level : L3 Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs). Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations Assist in troubleshooting sensor-related issues, including log collection and root cause analysis Raise and manage support cases with CrowdStrike for unresolved technical problems Maintain documentation of known issues, fixes, and deployment best practices. Conduct proactive threat hunting using Falcons historical and real-time data. Leverage CrowdStrike...

Level : L3 Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs). Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations Assist in troubleshooting sensor-related issues, including log collection and root cause analysis Raise and manage support cases with CrowdStrike for unresolved technical problems Maintain documentation of known issues, fixes, and deployment best practices. Conduct proactive threat hunting using Falcons historical and real-time data. Leverage CrowdStrike...

Level : L3 Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs). Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations Assist in troubleshooting sensor-related issues, including log collection and root cause analysis Raise and manage support cases with CrowdStrike for unresolved technical problems Maintain documentation of known issues, fixes, and deployment best practices. Conduct proactive threat hunting using Falcons historical and real-time data. Leverage CrowdStrike...

Level : L3 Continuously monitor endpoint telemetry for Indicators of Attack (IOAs) and Indicators of Compromise (IOCs). Validate and triage alerts generated by Falcon Insight, and escalate confirmed threats to L2/L3 SOC teams Use Real Time Response (RTR) to investigate and remediate threats directly on endpoints without disrupting operations Assist in troubleshooting sensor-related issues, including log collection and root cause analysis Raise and manage support cases with CrowdStrike for unresolved technical problems Maintain documentation of known issues, fixes, and deployment best practices. Conduct proactive threat hunting using Falcons historical and real-time data. Leverage CrowdStrike...

Role Overview: We are seeking an enthusiastic Security Researcher to join our growing organization. Our global organization works in the areas of malware research, customer escalation response and system Engineering and development. You will be expected to learn the ins-and-outs of our daily malware escalation responses, routines and procedures. Additionally, you will help build automations, and author detection content which will help fight the bad guys. About the role: You must have awareness of threats around the globe, regional threats and top adversaries / criminal groups focusing on malware including affiliate networks pertaining to Windows OSes. You will process incoming requests from...

SOC Analyst – L1 (Monitoring & Triage) Job Purpose: The L1 SOC Analyst provides the first line of defense by monitoring alerts, performing initial triage (systematic evaluation, prioritization, and response to security alerts.) and escalating incidents as per SOPs and SLAs. Key Responsibilities: • Monitor SIEM, SOAR, EDR, and security dashboards 24x7. • Validate and triage security alerts. • Escalate potential incidents to L2 with proper documentation. • Track incident tickets and ensure SLA compliance. • Maintain situational awareness by tracking known threats. • Perform log analysis and simple threat correlation. Skills & Competencies: • Knowledge of networking basics (TCP/IP, DNS, HTTP, V...