10 years
0 Lacs
Posted:2 days ago|
Platform:
Remote
Full Time
We deliver large-scale SIEM, SOAR, UEBA, and Security Analytics programmes for telecom, BFSI, government, transport, healthcare, and enterprise clients.
• Configure playbooks, automations, workflows, and integrations for SOAR.
• Develop security use cases based on customer environment, threat landscape, and compliance needs.
• Perform triage automation, incident enrichment, and response orchestration using Splunk SOAR.
• Improve detection rules, mapping to frameworks such as MITRE, NIST, CIS, and Zero Trust.
• Strong understanding of attack chains, adversary emulation, exploitation techniques, and lateral movement.
• Assist in threat hunting, purple team exercises, and post-incident investigations.
• Work with red teams to create detections for new TTPs across the kill chain.
• Provide end-to-end security advisory across SIEM/SOAR/UEBA, identity, vulnerability, cloud security, and network security.
• Conduct data onboarding, CIM alignment, data model acceleration, and log source hygiene reviews.
• Build content for vulnerability prioritisation, exploit insights, and exposure management.
• Integrate threat intel feeds, STIX/TAXII, and other sources for detection enrichment.
• Develop identity-based detections using Okta/Azure AD/IDP logs and behaviour patterns.
• Lead workshops, assessments, and roadmap sessions with CXO/security leadership.
• Provide training, knowledge transfer, and capability uplift to customers and internal teams.
• Strong in SPL, correlation searches, data models, risk rules, and notable tuning
• Blue Teaming (Detection Engineering, IR workflows, alert triage, threat hunting)
• Red Teaming (attack simulation, APT TTPs, exploit knowledge, lateral movement)
• MITRE ATT&CK, cyber kill chain, Zero Trust, NIST CSF
Experience with at least 5 of the following preferred:
• Endpoint: CrowdStrike, Carbon Black, Defender
• Firewalls: Palo Alto, Cisco, Fortinet
• Cloud Security: AWS/Azure/GCP logging & analytics
• Threat Intel Platforms: MISP, Anomali
• Identity: Okta, Azure AD, Ping
• Vulnerability: Qualys, Tenable, Rapid7
• Other SIEM/SOAR platforms (QRadar, Sentinel, Arcsight, Exabeam)
• Excellent communication and consulting skills
• Ability to run customer workshops independently
• Strong problem-solving and analytical thinking
• Ability to handle pressure and lead critical incident response
• Experience working in high-stakes enterprise environments
• Splunk Enterprise Security Admin
• Splunk SOAR Administrator / Consultant
• Splunk Core + Power User
• Splunk ITSI (good to have)
• CEH, OSCP, GCIA, GCIH, GCFA, Security+, CISSP (bonus)
• Work with a global team of high-performing Splunk consultants
Prudent Technologies and Consulting, Inc.
Upload Resume
Drag or click to upload
Your data is secure with us, protected by advanced encryption.
Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.
We have sent an OTP to your contact. Please enter it below to verify.
Instantly access job listings, apply easily, and track applications.
Practice Python coding challenges to boost your skills
Start Practicing Python Now
hyderabad, telangana, india
Salary: Not disclosed
gurugram, haryana, india
Experience: Not specified
Salary: Not disclosed
kochi, kerala, india
Experience: Not specified
Salary: Not disclosed
trivandrum, kerala, india
Experience: Not specified
Salary: Not disclosed
navi mumbai, maharashtra, india
Salary: Not disclosed
navi mumbai, maharashtra, india
Salary: Not disclosed
pune, bengaluru
12.0 - 22.0 Lacs P.A.
pune, maharashtra, india
Salary: Not disclosed
pune, maharashtra
Salary: Not disclosed
35.0 - 60.0 Lacs P.A.
