12371 Siem Jobs - Page 20

Administer and maintain the IBM QRadar environment including console, event collectors, and flow processors.Onboard and normalize new log sourcesCreate and tune custom correlation rules, AQL queries, and dashboards based on the MITRE ATT&CK framework

Role-Sr Cloud Security Engineer Type: Permanent Location-Bang/Pune/Hyd Expr-5+ yrs JD- Expr in AWS cloud native security services-AWS Security Hub, GuardDuty, Config, CloudTrail, IAM, Macie, WAF, Shield, Detective SIEM platforms-Exabeam MITRE ATT&CK

Experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, DLP, Proxy, , Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence.

Must have hands-on experience with Microsoft Sentinel, Google SecOps, and Microsoft Defender. Investigations within Security Operations Center (SOC) done by L1/L2.

• 3+ years working in a SOC and/or strong security technology operations experience. • Experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall

• 5+ years of experience in cybersecurity operations, with at least 1–2 years in a lead or senior analyst role. • Certifications such as CEH, GCIA, GCIH, or Security+ are preferred with Splunk and/or Qradar.

Required Skills 6+ years of experience in deploying and integrating (SIEM) to enterprise to large enterprise-level Deep expertise with load, transformation and correlation of sources such as Cloud, Endpoint, Firewall Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using (SIEM) platforms Architect-level individual with experience in SIEM (Splunk, Netwitness, QRadar, Arcsight etc.). Candidates with QRadar experience will be preferred. Ability to perform Threat Hunting exercises from telemetry. Extensive experience in creating and developing correlation and detection rules, within a SIEM to support alertin...

Resource should have minimum 2 to 5 of experience Proactively use security engineering tools to identify and mitigate network & security risks. Develop and implement security measures using specialised tools based on Cyber security best practices.

Resource should have minimum 2 to 5 of experience Proactively use security engineering tools to identify and mitigate network & security risks. Develop and implement security measures using specialised tools based on Cyber security best practices.

Plan, execute and lead security audits across theorganization Inspect and evaluate Client environment, internal information systems, management procedures and security controls Evaluate the efficiency, effectiveness, and compliance of IT operation processes with corporate security policies, client requirements and related regulatory regulations Assess the exposures resulting from ineffective or missing control practices Accurately interpret audit results against defined audit criteria Weigh the relevancy, accuracy and perspective of conclusions against audit evidence Provide a written and verbal report of audit findings Develop rigorous best practice recommendations to improve security on al...

Monitor security events, logs, and alerts in real-time. • Perform initial investigation, triage, and assessment of alerts to detect suspicious activities by accessing security solutions consoles. • Log and track cybersecurity incidents

Monitoring Splunk dashboard . Setup new Alerts and modify the existing alerts based on requirement Analyze the alerts for trends and impacts and work with the respective team for application improvement. Coordinate with Tech-ops team. Follow the application team to implement preventive measures . skills Monitoring dashboard Splunk

REQUIRED QUALIFICATIONS: Bachelors degree in computer science, engineering, business, or comparable studies 2-4 years of experience in Requirement Analyses. Analytical mind and problem-solving aptitude Good to have ServiceNow Admin Cert, CIS VR, CIS SIR as this will help me primary understanding of the platform. Responsibilities Experienced in Story writing in ServiceNow JIRA, SDLC Agile module, Visio and expected outcomes based on customer communication. Excellent documentation and communication skills and strong attention to detail required. Must have Knowledge of Modules - Vulnerability Response, Security Incident response & Threat intelligence Good to have knowledge GRC & Security Operat...

What Will You Be Doing? The Lead Analyst, Cybersecurity Operations will be part of the Cybersecurity team that analyzes, implements, monitors, troubleshoots, and audits the cybersecurity of the Frontier network infrastructure. The analyst provides timely and comprehensive intelligence on internal/external threats for detection, monitoring, threat hunting, and incident response. The scope of environment includes system-monitoring platforms, anti-virus, DLP, URL filtering, and PCI environments. The analyst will be responsible for performing alert analysis, incident response, digital forensics, and supporting penetration remediation on applications/systems. Essential Functions: • Monitor, inves...

We await your innovation at TCS: Hiring | Security Operations Center Analyst | Greetings from TCS!! Required Total Experience: 5+ years Work location: Hyderabad, Bangalore. Required Technical Skill Set: 5–8 years of SOC or relevant cybersecurity experience, preferably with time in a L2 SOC role Required Skills Proficiency with SIEM tools (Splunk, QRadar , or equivalent) Experience with IDS/IPS, firewall management, endpoint security, and log analysis. Strong understanding of network security protocols, threat intelligence, and vulnerability management. Expertise in incident detection, forensic investigation, root cause analysis, and malware analysis. Good to have skills: Scripting skills ( P...

Role Overview: We are seeking an experienced senior security researcher to help grow our team focusing on generating network content and developing new technologies to identify and block network threats. About the role: Develop network signatures that protect our customers against network-based threats and vulnerabilities Collaborate with the engineering and PM teams to develop new detection enhancements Build and improve tools to automate analysis tasks, simulation software and administer the lab environment to replicate attacks. Analyze network protocols to develop and/or update parsers when needed Publish technical blogs to spread awareness and help defenders with the necessary resources ...

POSITION SUMMARY: The SOC Analyst (Level 1) will use a variety of tools to investigate incidents and take immediate action or recommend a course of action to safeguard Incedos Managed Services Clients. The SOC Analyst (Level 1) is responsible for monitoring and responding to security related alerts triggered in the SIEM tool within Incedos Technology Partners Managed Service Clients. Primary responsibilities include incident triage, correlation of data from firewall, endpoint security, SASE and IPS logs; determining if a critical system or data set has been impacted; provides recommendations on remediation; and provides support for new analytic methods for detecting threats. Role and respons...

Job title : Cyber Security - Tool Administration Roles and Responsibilities - Threat Intelligence and Research: 1. Stay informed about the latest cyber threats, attack techniques, and security technologies. 2. Analyze threat intelligence feeds to identify potential risks to the organization. 3. Proactively recommend security enhancements and adjustments based on threat intelligence. Security Monitoring and Incident Response: 4. Monitor security alerts and events in real-time to identify potential threats or vulnerabilities. 5. Investigate and analyze security incidents and breaches to determine the extent and impact. 6. Develop and execute incident response plans to mitigate threats and mini...

Role Description Role Proficiency: Effectively lead a medium size unit / shift / sub-team / customer engagement within a larger Shared Services team; delivering cyber security monitoring and triage activities for our global customers. Assist SOC Manager (B3/C1) in larger responsibilities. This role is in the management stream and envisages growth in management rather than the technology space. Outcomes Effectively Lead a medium size SOC team (unit / shift / sub-team / medium size customer engagement) Responsible for delivery of SOC services by the team as per SLA. Responsible for performance of activities by the team defined by the manager from a contractual and regulatory perspective. Respo...

The Key Job Responsibilities Include The Following Security monitoring Sentinel One Incidence response Security analytics Proactive threat hunting Threat Intelligence platform - consisting of Indicators of Compromise (IOC) and other threat intel (vulnerabilities strategic tactical etc.) User & entity behavioral Anomaly detection Vulnerability scanning and threat detection. Monitoring contemporary threats and plans to respond to those. Assessment for the Application security /Monitoring and post assessment if feasible Service provider to perform application security monitoring. Preferable (Nice to have) skill Relevant professional certifications, such as CISSP, CISM, CEH, or other security ce...

This role of Security Analyst - Incident Response will perform the computer incident response function of the Security team at Skillsoft. This analyst will work closely with the other teams across Skillsoft and help mature a constantly evolving computer network defense program. This analyst provides procedural expertise on a day-to-day basis and is responsible being responsive and timely in analyzing & responding to critical events. OPPORTUNITY HIGHLIGHTS Respond to threats within our corporate, production environments. Build, execute and refine on incident response plans, identify root cause and drive mitigations to prevent future occurrences. Gather, mentor and provide insights to team mem...

All roles at JumpCloud are Remote unless otherwise specified in the Job Description. About JumpCloud JumpCloud® delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. With JumpCloud, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform. JumpCloud is IT Simplified. JumpCloud is looking for a Security Engineer on the DevSecOps team focusing on building and maintaining infrastructure, software, and automation to monitor and mitigate attacks and vulnerabilities across JumpCloud products and services. You will become a memb...

Required Skills 6+ years of experience in deploying and integrating (SIEM) to enterprise to large enterprise-levelDeep expertise with load, transformation and correlation of sources such as Cloud, Endpoint, FirewallCoordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using (SIEM) platformsArchitect-level individual with experience in SIEM (Splunk, Netwitness, QRadar, Arcsight etc) Candidates with QRadar experience will be preferred Ability to perform Threat Hunting exercises from telemetry Extensive experience in creating and developing correlation and detection rules, within a SIEM to support alerting capab...

So, what’s the role all about? We’re looking for a highly skilled and proactive Specialist – Cloud Security Operations Engineer to join our team and help safeguard NiCE Actimize’s cloud infrastructure and applications. This role is pivotal in ensuring the confidentiality, integrity, and availability of cloud-based assets. You’ll work across teams to monitor security systems, respond to incidents, and implement best practices that strengthen our cloud security posture. How will you make an impact? You’ll be responsible for: Monitoring cloud security alerts and responding to incidents in real-time. Deploying and managing security tools including SIEM, IDS/IPS, and vulnerability scanners. Devel...

Experience: 8+ years Job Location: Chandigarh, Jaipur, Pune, Delhi Qualifications Minimum B.Tech. (or equivalent degree) Minimum CISA Certified (mandatory) Job Summary We are seeking a Tier 3 SOC Engineer with deep cybersecurity expertise to serve as the final escalation point for complex incidents and advanced threat scenarios. You will oversee SOC processes , mentor Tier 1/Tier 2 staff, optimize SIEM and PAM solutions, and deliver in-depth reporting and ROI insights to stakeholders. Key Responsibilities Advanced Incident Management & Analysis Lead high-severity incident investigations, perform root-cause analysis, and compile in-depth incident reports for internal and external stakeholders...