1852 Qradar Jobs - Page 5

Job Description Second line of defense, responsible for deeper investigation, incident response, and proactive security improvement in OT environments. Responsibilities Perform in-depth analysis of escalated security incidents and anomalies. Provide specific recommendations for these incidents. Lead containment, eradication, and recovery actions in OT incidents. Develop and fine-tune detection rules, correlation logic, and playbooks. Conduct threat hunting across OT networks and systems. Work with engineering teams to implement secure configurations and network segmentation. Perform vulnerability assessments and risk analysis of OT assets. Provide mentorship and guidance to L1 analysts. Assi...

Cigna Medical Group is looking for Cyber Security Lead Analyst to join our dynamic team and embark on a rewarding career journey Threat Detection and Analysis: Monitor network traffic, system logs, and security alerts to detect and analyze potential security threats, such as malware, intrusions, and unauthorized access Incident Response: Develop and execute incident response plans to address and mitigate security incidents and breaches Vulnerability Assessment: Identify vulnerabilities in software, hardware, and network configurations, and recommend patches and security updates Security Monitoring: Continuously monitor and analyze security events, assess system vulnerabilities, and recommend...

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

Job Overview : ISSQUARED Inc is looking for a Senior Information Security Operations Analyst to be the lead role in maintaining and enhancing the Cybersecurity posture for clients and the company. The ideal candidate maintains a hands-on approach to major facets of Information Security: incident Response, Vulnerability Management, End Point Detection and Response, Logging and Monitoring and exhibits an ability to work collaboratively with various stakeholders to ensure success with all InfoSec related programs. This will encompass a wide variety of systems (Windows and Linux), networks and telecommunication infrastructure components to meet business security needs. This position will need to...

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

Level - L4 Reports to: SOC Head Position Summary: The SOC Lead will lead the operations of the Security Operations Centre (SOC). The candidate should have deep expertise in security monitoring, incident response, threat intelligence and security technologies. This role is critical in safeguarding digital assets and ensuring rapid detection, response and mitigation of security incidents. Key Responsibilities: Lead and manage the day-to-day operations of the Security Operations Centre (SOC) team. Oversee monitoring, detection, analysis, and response to security incidents using SIEM tools and other security technologies. Oversee tuning and optimization of SIEM platforms (e.g. Azure sentinel, Lo...

Responsibilities: 1) Monitoring Security Alerts: Continuous monitoring using SIEM tools to identify alerts and anomalies 2) Incident Response: 3) Threat Analysis: 4) Log Analysis: 5) Vulnerability Management: 6) Reporting: Health insurance

7 - 9 Years 1 Opening Thrissur Role description Experience with SIEM vendors such as QRadar, Sentinel, Splunk Incident response and threat hunting expertise Strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) Experience in writing procedures, runbooks, and playbooks Strong analytical and problem-solving skills Hands-on experience with system logs, network traffic analysis, and security tools Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) Good-to-Have Skills: Experience setting up SIEM solutions and troubleshooting connectivity issues Familiarity with security frameworks and best practices Ability to collaborate with...

12 - 15 Years 1 Opening Kochi, Thrissur Role description Manage day-to-day operations of the Security Operations Center. Lead a team of SOC analysts (L1, L2, L3) and ensure 24x7 monitoring and incident response. Develop and maintain SOC policies, processes, playbooks, and escalation procedures. Oversee threat detection, analysis, containment, and mitigation of security incidents. Ensure timely investigation and resolution of incidents and proper documentation. Interface with IT, application teams, and management during incidents. Maintain and enhance the capabilities of security tools (SIEM, SOAR, EDR, IDS/IPS, etc.). Track key performance indicators (KPIs) and generate regular reports on SO...

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you a tech-savvy problem-solver with a passion for ensuring optimal network performance? If so, look no further – Kyndryl is seeking a Network Support Specialist who will be the go-to expert for installing, maintaining, and troubleshooting computer networks Key Responsibilities Monitor and analyze network traffic using NDR tools (e.g., Vect...

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you a tech-savvy problem-solver with a passion for ensuring optimal network performance? If so, look no further – Kyndryl is seeking a Network Support Specialist who will be the go-to expert for installing, maintaining, and troubleshooting computer networks Key Responsibilities: Monitor and analyze network traffic using NDR tools (e.g., Vec...

We are a cybersecurity driven organization dedicated to protecting businesses from digital threats. To strengthen our defense capabilities, we are looking for a SOC Analyst who can monitor, detect and respond to security incidents in real time. Key Responsibilities Monitor security alerts and logs from SIEM tools (e.g., Splunk, QRadar, ELK, Azure Sentinel). Analyze and investigate potential security incidents, malware activity, phishing attacks and intrusions . Perform initial triage, escalation and incident response . Work with threat intelligence sources to identify emerging risks. Document and report security incidents with findings and recommendations. Collaborate with IT/security teams ...

Position : Security Automation Engineer Experience: 8 - 10 Years Location: #Remote Mode: #Contractual Notice Period: #Immediate Shift: Afternoon 2pm to 12am IST We are seeking a highly skilled # Security Automation Engineer with expertise in #SOAR platforms ( #XSIAM, #QRadar, and others) , strong scripting capabilities, and hands-on experience in building security automation workflows. The ideal candidate will be responsible for designing, developing, and maintaining automation playbooks to streamline security operations, reduce manual workloads, and enhance incident response efficiency. Key Responsibilities: Design, develop, and maintain automation playbooks within #SOAR platforms (Palo Alt...

Role Description Manage day-to-day operations of the Security Operations Center. Lead a team of SOC analysts (L1, L2, L3) and ensure 24x7 monitoring and incident response. Develop and maintain SOC policies, processes, playbooks, and escalation procedures. Oversee threat detection, analysis, containment, and mitigation of security incidents. Ensure timely investigation and resolution of incidents and proper documentation. Interface with IT, application teams, and management during incidents. Maintain and enhance the capabilities of security tools (SIEM, SOAR, EDR, IDS/IPS, etc.). Track key performance indicators (KPIs) and generate regular reports on SOC activities. Continuously assess and im...

Role Description Experience with SIEM vendors such as QRadar, Sentinel, Splunk Incident response and threat hunting expertise Strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) Experience in writing procedures, runbooks, and playbooks Strong analytical and problem-solving skills Hands-on experience with system logs, network traffic analysis, and security tools Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) Good-to-Have Skills Experience setting up SIEM solutions and troubleshooting connectivity issues Familiarity with security frameworks and best practices Ability to collaborate with IT and security teams effective...

In this role at Tradeweb Markets, you will be part of Tradeweb's Security Operations team, contributing to the protection of clients and employees from evolving threats. Your responsibilities will include overseeing a team of SOC engineers, enhancing existing security operations processes, and collaborating with various cybersecurity experts and business teams. As a key member of the technical incident response team, you will focus on forensics, log analysis, and threat intelligence to ensure a secure environment. **Key Responsibilities:** - Oversee a team of SOC engineers to provide 24x7x365 detection and response capabilities - Enhance existing processes to deliver measurable results acros...

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you a tech-savvy problem-solver with a passion for ensuring optimal network performance? If so, look no further – Kyndryl is seeking a Network Support Specialist who will be the go-to expert for installing, maintaining, and troubleshooting computer networks Key Responsibilities: Monitor and analyze network traffic using NDR tools (e.g., Vec...

Company Description We are a reputable software company specializing in the healthcare industry. Since 1988 we have been servicing the healthcare industry by providing various products to laboratories, hospitals and doctors. As a member of our organization you will be joining a smart and driven team that shares your passion for exploration and discovery in the Healthcare Software vertical. Our significant investment in people, processes, and technology equips our employees with the resources and opportunities to drive substantial value for all our client partners. Job Description About the Role We are seeking a SecOps Specialist to strengthen MEDFAR’s global security posture. In this role, y...

Job Summary Assist in implementing, maintaining and testing SOX controls supporting the Application Managers for custom applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Pre-Implementation Quality Check: Conduct a thorough review of controls design and implementation before product/functional go-live, based on evidence submitted by engineering and application management teams. SOX ITGC and Automated Controls Evaluation: Test and evaluate the effectiveness of SOX IT General Controls (ITGC) and automated controls using audit checklists prepared by the Controls team to: Maintain SOX controls for inte...

We are seeking a seasoned Cybersecurity Architect with 12–16 years of experience to design, implement, and operate a Global Security Operations Center (SOC) . This strategic leadership role will play a key part in strengthening our global cybersecurity posture and engaging directly with Japanese clients and stakeholders. Languages Required:- Bilingual (Japanese & English) Key Responsibilities:- Design and establish a scalable, resilient Global SOC framework Lead architecture, vendor selection, and integration of SIEM, SOAR, Threat Intelligence, and EDR tools Manage 24/7 SOC operations including incident detection, response & recovery Conduct threat hunting, vulnerability assessments, and for...

Your Role We are seeking a highly skilled and experienced SOC Lead / L3 Analyst with deep expertise in SIEM platform engineering , log integration , security incident management , and advanced threat detection with 8+ years of experience for Bangalore location . The ideal candidate will lead critical security incidents, guide junior analysts, and contribute to the strategic evolution of security operations through technology evaluations and process enhancements. Design, implement, and manage SIEM platforms including log ingestion, parsing, normalization, and correlation. Develop and maintain SIEM dashboards, alerts, and reports to support threat detection and compliance. Oversee production m...

Overall exp can be 10+ years. 3-8 yrs relevant experience in Microsoft Sentinel & SOAR ? Experience in the following tools : Microsoft Sentinel, Azure Security Center, Microsoft Log Analytics, ? Experience in writing queries for cyber-attack detection in Kusto Query Language (KQL) in Azure. ? Experience in supporting security infrastructure such as MS Sentinel Security Information and Event Management (SIEM) , SOAR ? Experience in automation using Playbooks like Logic Apps in Sentinel. ? Experience in Monitoring, investigating and remediating Security Alerts in Sentinel and Log analytics

We are a cybersecurity driven organization dedicated to protecting businesses from digital threats. To strengthen our defense capabilities, we are looking for a SOC Analyst who can monitor, detect and respond to security incidents in real time. Key Responsibilities Monitor security alerts and logs from SIEM tools (e.g., Splunk, QRadar, ELK, Azure Sentinel). Analyze and investigate potential security incidents, malware activity, phishing attacks and intrusions . Perform initial triage, escalation and incident response . Work with threat intelligence sources to identify emerging risks. Document and report security incidents with findings and recommendations. Collaborate with IT/security teams ...

Position Summary We are seeking an experienced SOC Analyst to join our Security Operations team. This role demands an individual with a strong technical background in incident analysis, SIEM administration, and rule fine-tuning. The ideal candidate will have experience working with diverse environments, including Windows, Linux, and network security, and will be well-versed in ELK stack management and troubleshooting beats agents. Key Responsibilities 1. Incident Detection and Analysis: o Conduct deep-dive analysis on security incidents, assessing root causes, and recommending solutions. o Proactively monitor and respond to security alerts, managing incident escalation and resolution process...

Role Summary: As an L2 OT SOC Analyst, you will be responsible for advanced threat detection, incident response, and forensic analysis within Operational Technology (OT) environments using Claroty XDOME. You will handle escalated alerts from L1 analysts, perform deep-dive investigations, and contribute to the continuous improvement of OT cybersecurity operations. Key Responsibilities: Monitor and analyze security alerts from Claroty XDOME and other integrated SIEM/EDR platforms. Conduct in-depth investigations of suspicious activities and OT-specific incidents. Perform threat hunting and exposure management across OT assets. Lead incident response efforts including containment, eradication, ...