Job Title- Sr.Splunk Architect Exp-7+ Years Location- Gurgaon (Hybrid) Notice Period- Immediate Joiner /Serving Responsibilities As Lead Splunk, your role and responsibilities would include: Hands on experience in the SIEM domain o Expert knowledge on splunk> Backend operations (UF, HF, SH and Indexer Cluster) and architecture o Expert knowledge of Log Management and Splunk SIEM. Understanding of log collection, parsing, normalization, and retention practices. o Expert in Logs/License optimization techniques and strategy. o Good Understanding of Designing, Deployment & Implementation of a scalable SIEM Architecture. o Understanding of data parsimony as a concept, especially in terms of German data security standards. o Working knowledge of integration of Splunk logging infrastructure with 3rd party Observability Tools (e.g. ELK, DataDog etc.) o Experience in identifying the security and non-security logs and apply adequate filters/re- route the logs accordingly. o Expert in understanding the Network Architecture and identifying the components of impact. o Expert in Linux Administration. o Proficient in working with Syslog. o Proficiency in scripting languages like Python, PowerShell, or Bash to automate tasks Expertise with OEM SIEM tools preferably Splunk Experience with open source SIEM/Log storage solutions like ELK OR Datadog etc.. o Very good with documentation of HLD, LLD, Implementation guide and Operation Manuals Show more Show less

Title of Position : Mainframe or z/OS Storage Admin Summary Of Key Responsibilities Manage BAU (Business As Usual) Service Delivery for Mainframe OS/Storage in a Technical Capacity This is for a pure Technical Hands-On role and not for a Team Lead Position Work on Daily Basis with Client/Customer Mainframe OS-Storage SMEs/Peers Work on MI (Major Incidents) / P1 (Priority-1) and lesser Tickets as a part of BAU Support Work on Problem/RCA and Change/CMR Tickets during the weekends. Provide Business hours support and then On-Call support as is the norm in BAU Service Delivery Role. Support Mainframe Projects (HW Upgrade, OS Upgrade, ISV Products upgrade etc…) as per needs. Ensure Mainframe System Availability @ 99.99% and work towards meeting agreed SLAs Primary Requirements Experience to monitor, support and maintain mainframe DASD tools Monitor and manage storage performance Assign and initialize direct access storage volumes. Determine data set and volume placement Set and maintain direct access storage resource efficiency Maintain established direct access storage standards Suggest Best Practice standards Maintain space requirements according to Client’s forecasts Design, implement, and maintain all DASD pooling structures Perform catalog management Perform data migration management Provide support for all DASD related problems Perform regular direct-access storage backups Plan Hardware EOL Life Cycle management and Upgrades Technical Requirements Hands-on experience with z14/z15/z16 Mainframe HW and Sysplex Setup z/OS v2.x, JES2, DFSMS, VTAM, RACF/ACF2, TCP/IP, OMVS, RMF/SMF SMP/E, various ISV products, UserMods and Exits. IPL/POR procedures, various Mainframe Consoles Mainframe Tools – OMEGAMON, TEPS, Netview, SIEM Assembler, REXX, JCL and CA-OPS/MVS Automation, IODF/IOCDS, HCD/HCM, Mainframe Capacity Planning and Performance Tuning PARMLIB and PROCLIB concatenation, Memory Regions customization and maintenance Experience in Disaster Recovery setup and conducting DR drills. Experience in Mainframe MIPS Optimization, Software rationalization Hands-on experience with Hitachi VSP 5500, IBM DS8000, IBM TS7000, EMC-VMAX/PowerMax & DLm HW IBM-Metro/Global Mirror, Copy Services, EMC-SRDF, EMC-GDDR DFSMS suite, CA-1, IBM CSM Flash Copy, BCV-SnapVX, zDP, Safe Guarded Copy (SGC) Setup and Manager Mainframe DC Storage Replication Perform all BAU and Project related Mainframe OS/Storage related activities. Virtual Tape Library Management Storage replication setup across sites, i.e. between Data Centers Show more Show less

Job Description Job Summary We are seeking for SOC Lead to support threat monitoring, detection, event analysis, incident response/reporting, brand monitoring, forensics and threat hunting activities for its SOC, which is a 24/7 environment. The individual must be able to rapidly respond to security incidents and should have at least 7 years of relevant experience in Cyber security incident response. Should have deeper understanding with some hands-on experience on enterprise IT infra components such as advanced firewalls, IPS/IDS/WIPS/HIPS, routers/switches, TACACS, VPN, proxy, AV/EDR, DNS, DHCP, multi factor authentication, virtualization, Email systems/security, Web Proxy, DLP etc. along with cloud environments like AWS (Must), Azure etc. Job Responsibilities Will be discussed by customer Essential Skills Should be able to manage a SOC L1/L2 team Providing incident response/investigation and remediation support for escalated security alerts/incidents Work with various stakeholders for communicating and remediating the cyber incidents Use emerging threat intelligence IOCs, IOAs, etc.to identify affected systems and the scope of the attack and perform threat hunting, end user’s systems and AWS infrastructure Provides support for complex computer/network exploitation and defense techniques to include deterring, identifying and investigating computer, applications and network intrusions Provides technical support for forensics services to include evidence capture, computer forensic analysis and data recovery, in support of computer crime investigation. Should be able to safeguard and custody of audit trails in case of any security incident Researches and maintains proficiency in open and closed source computer exploitation tools, attack techniques, procedures and trends. Performs research into emerging threat sources and develops threat profiles. Keep updated on latest cyber security threats. Demonstrates strong evidence of analytical ability and attention to detail. Has a broad understanding of all stages of incident response. Performing comprehensive computer monitoring, identifying vulnerabilities, Target mapping and profiling. Has a sound understanding of SIEM (Splunk, Datadog, Arcsight etc), PIM/PAM, EDR, O365 security suite and other threat detection platforms and Incident Response tools. Should have knowledge of integrating security solutions to SIEM tool and crate the use cases as per the best practices and customized requirements Has knowledge on working on ITSM tools such as JIRA, Service NOW etc Has a logical, disciplined and analytical approach to problem solving Has knowledge of current threat landscape such as APTs Has basic knowledge of Data Loss Prevention monitoring Has basic knowledge of audit requirements (SOC2, HIPPA, ISO27001, etc.) Should be flexible to work in 24*7 environment Nice to Haves Background Check Required No criminal record Others Bachelor of Engineering - Bachelor of Technology (B.E./B.Tech.) There are 2-3 rounds in the interview process. This is 5 days work from office role (No Hybrid/ Remote options available) Final round will be F2F (Mandatory) Office location-Sector-125, Noida Requirements SOC Lead Team Lead Threat monitoring Cyber Security Forensics Services Audit Trails SIEM ITSM Tools Show more Show less

Job Description An experienced consulting professional who has a broad understanding of solutions, industry best practices, multiple business processes or technology designs within a product/technology family. Operates independently to provide quality work products to an engagement. Performs varied and complex duties and tasks that need independent judgment, in order to implement Oracle products and technology to meet customer needs. Applies Oracle methodology, company procedures, and leading practices. Position Overview: We are seeking an experienced Senior Principal Consultant – OCI Architect with a strong background in networking, cloud security , and multi-cloud architecture . This role involves designing and implementing advanced OCI (Oracle Cloud Infrastructure) solutions while ensuring best practices in infrastructure security , compliance , and automation . The candidate will play a critical role in delivering solutions for large-scale customer engagements across industries. Key Responsibilities: Cloud Architecture & Implementation Architect and Implement OCI Solutions: Design and deploy scalable, secure, and efficient OCI architectures to meet diverse business requirements. Lead Cloud Migrations: Oversee the transition of workloads from on-premises and other cloud platforms (AWS, Azure, GCP) to OCI, ensuring minimal disruption and optimal performance. Optimize OCI Performance: Design and manage OCI resources including compute, storage, and networking to maximize efficiency and cost optimization. Multi-Cloud Networking & Integration Design and implement multi-cloud network architectures integrating OCI with AWS, Azure, and GCP, ensuring secure, high-performance cross-cloud connectivity. Manage and optimize advanced OCI network components including: Virtual Cloud Networks (VCN) FastConnect, IPSec VPN, Dynamic Routing Gateway (DRG) Load Balancers (Public & Private) DNS management and private endpoints for secure communication Hybrid Cloud Connectivity and Disaster Recovery Security & Compliance Implement and enforce OCI security best practices across multiple layers: Infrastructure Security: Secure OCI resources with Identity and Access Management (IAM), encryption, network segmentation (Security Lists, NSGs), and firewall management. OCI Cloud Security Posture Management: Ensure adherence to CIS OCI Benchmark and automate compliance audits. Security Operations: Manage security monitoring, alerting, and incident response using Cloud Guard and integrated SIEM solutions. Application Security: Ensure secure software deployment practices including vulnerability scanning and automated security testing. Data & Database Security: Design and enforce OCI data protection strategies including encryption (at rest and in transit), Oracle Database security, and data masking. Automation & DevOps Automate cloud provisioning and configuration using Terraform, Ansible, Python, and Shell Scripting. Implement CI/CD pipelines to streamline infrastructure deployment and management. Optimize operational processes by automating security checks and monitoring. Governance & Stakeholder Collaboration Collaborate with cross-functional stakeholders to align OCI solutions with business objectives. Design and implement cloud governance frameworks, ensuring effective monitoring, logging, and policy enforcement. Provide mentorship to technical teams on OCI best practices, ensuring knowledge transfer and technical upskilling. Required Skills & Qualifications: Experience: 14+ years in Cloud Security & Architecture, including at least 3+ years in OCI. Extensive experience with multi-cloud networking—integrating OCI with AWS, Azure, and GCP. Cloud Certifications: OCI Certified Architect Professional or OCI Security Professional (preferred). Technical Expertise: Security: IAM, Policies, Encryption, Security Lists, NSGs, WAF, Cloud Guard, Data & Database Security. Networking: VCN, FastConnect, IPSec VPN, Load Balancers, DNS, DRG, Private Endpoints. Automation & DevOps: Terraform, Ansible, Python, Shell Scripting. Compliance & Governance: CIS OCI Benchmark, Security Posture Management, Audit Logging, Cloud Security Policy enforcement. Multi-Cloud: Strong knowledge of hybrid and multi-cloud networking, including secure connectivity across OCI, AWS, Azure, and GCP. Soft Skills: Strong communication, stakeholder management, and the ability to present complex technical concepts to non-technical audiences. Career Level - IC3 Responsibilities Operates independently to provide quality work products to an engagement. Performs varied and complex duties and tasks that need independent judgment, in order to implement Oracle products and technology to meet customer needs. Applies Oracle methodology, company procedures, and leading practices. Demonstrates expertise to deliver functional and technical solutions on moderately complex customer engagements. May lead the solution design and implementation aspects of engagement(s) ensuring high quality, integrated software solutions within constraints of time and budget. May act as the team lead on projects, providing coaching, guidance and feedback to develop skills of team members. Effectively consults with management of customer organizations. Participates in business development activities. Develops and leads detailed solutions for moderately complex projects. Qualifications Career Level - IC3 About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

Job Description An experienced consulting professional who has a broad understanding of solutions, industry best practices, multiple business processes or technology designs within a product/technology family. Operates independently to provide quality work products to an engagement. Performs varied and complex duties and tasks that need independent judgment, in order to implement Oracle products and technology to meet customer needs. Applies Oracle methodology, company procedures, and leading practices. Position Overview: We are seeking an experienced Senior Principal Consultant – OCI Architect with a strong background in networking, cloud security , and multi-cloud architecture . This role involves designing and implementing advanced OCI (Oracle Cloud Infrastructure) solutions while ensuring best practices in infrastructure security , compliance , and automation . The candidate will play a critical role in delivering solutions for large-scale customer engagements across industries. Key Responsibilities: Cloud Architecture & Implementation Architect and Implement OCI Solutions: Design and deploy scalable, secure, and efficient OCI architectures to meet diverse business requirements. Lead Cloud Migrations: Oversee the transition of workloads from on-premises and other cloud platforms (AWS, Azure, GCP) to OCI, ensuring minimal disruption and optimal performance. Optimize OCI Performance: Design and manage OCI resources including compute, storage, and networking to maximize efficiency and cost optimization. Multi-Cloud Networking & Integration Design and implement multi-cloud network architectures integrating OCI with AWS, Azure, and GCP, ensuring secure, high-performance cross-cloud connectivity. Manage and optimize advanced OCI network components including: Virtual Cloud Networks (VCN) FastConnect, IPSec VPN, Dynamic Routing Gateway (DRG) Load Balancers (Public & Private) DNS management and private endpoints for secure communication Hybrid Cloud Connectivity and Disaster Recovery Security & Compliance Implement and enforce OCI security best practices across multiple layers: Infrastructure Security: Secure OCI resources with Identity and Access Management (IAM), encryption, network segmentation (Security Lists, NSGs), and firewall management. OCI Cloud Security Posture Management: Ensure adherence to CIS OCI Benchmark and automate compliance audits. Security Operations: Manage security monitoring, alerting, and incident response using Cloud Guard and integrated SIEM solutions. Application Security: Ensure secure software deployment practices including vulnerability scanning and automated security testing. Data & Database Security: Design and enforce OCI data protection strategies including encryption (at rest and in transit), Oracle Database security, and data masking. Automation & DevOps Automate cloud provisioning and configuration using Terraform, Ansible, Python, and Shell Scripting. Implement CI/CD pipelines to streamline infrastructure deployment and management. Optimize operational processes by automating security checks and monitoring. Governance & Stakeholder Collaboration Collaborate with cross-functional stakeholders to align OCI solutions with business objectives. Design and implement cloud governance frameworks, ensuring effective monitoring, logging, and policy enforcement. Provide mentorship to technical teams on OCI best practices, ensuring knowledge transfer and technical upskilling. Required Skills & Qualifications: Experience: 14+ years in Cloud Security & Architecture, including at least 3+ years in OCI. Extensive experience with multi-cloud networking—integrating OCI with AWS, Azure, and GCP. Cloud Certifications: OCI Certified Architect Professional or OCI Security Professional (preferred). Technical Expertise: Security: IAM, Policies, Encryption, Security Lists, NSGs, WAF, Cloud Guard, Data & Database Security. Networking: VCN, FastConnect, IPSec VPN, Load Balancers, DNS, DRG, Private Endpoints. Automation & DevOps: Terraform, Ansible, Python, Shell Scripting. Compliance & Governance: CIS OCI Benchmark, Security Posture Management, Audit Logging, Cloud Security Policy enforcement. Multi-Cloud: Strong knowledge of hybrid and multi-cloud networking, including secure connectivity across OCI, AWS, Azure, and GCP. Soft Skills: Strong communication, stakeholder management, and the ability to present complex technical concepts to non-technical audiences. Career Level - IC3 Responsibilities Operates independently to provide quality work products to an engagement. Performs varied and complex duties and tasks that need independent judgment, in order to implement Oracle products and technology to meet customer needs. Applies Oracle methodology, company procedures, and leading practices. Demonstrates expertise to deliver functional and technical solutions on moderately complex customer engagements. May lead the solution design and implementation aspects of engagement(s) ensuring high quality, integrated software solutions within constraints of time and budget. May act as the team lead on projects, providing coaching, guidance and feedback to develop skills of team members. Effectively consults with management of customer organizations. Participates in business development activities. Develops and leads detailed solutions for moderately complex projects. Qualifications Career Level - IC3 About Us As a world leader in cloud solutions, Oracle uses tomorrow’s technology to tackle today’s challenges. We’ve partnered with industry-leaders in almost every sector—and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That’s why we’re committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We’re committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_mb@oracle.com or by calling +1 888 404 2494 in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law. Show more Show less

Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! Customer Success brings the transcendent customer experience to life by empowering customers to achieve the value and impact of their BMC investments. Customer Success accelerates core business outcomes, mitigates risk, cultivates relationships, removes friction, and improves customer experience. No better team to join when customer centricity is at the heart of BMC's strategy! BMC is looking for a Customer Success Specialist - (Mainframes) is responsible for ensuring the success of BMC Mainframe customers. The CSS will bring BMC best ideas, innovations, and capabilities to our portfolio of customers and match these to the customers’ business goals, driving greater business value and executive alignment between BMC and the Customer. As a CSS, you will be responsible for driving customer adoption and success by providing governance advice, usage/adoption recommendations, risk identification and mitigation. The end result is increased customer satisfaction, retention and expansion of the BMC footprint. In addition to the business process and change management skills needed for the role, the CSS should possess mainframe functional or IT expertise in combination with exceptional customer management experience at the C-level. Working closely with the entire account team to drive the customer relationship and alignment at all levels in order to execute the overall account strategy is key to your success. You will also serve as an escalation point for issues that impact the customer’s success and drive risk mitigation. CSSs are required to maintain strong working relationships with other BMC customer facing personnel in the Sales, Services, Engineering, Marketing and Product Management eco systems with the goal of owning the post-sale strategy. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: As the Customer Success Specialist, you ensure that customers derive maximum value from their investment, utilize all their licenses, identify new opportunities, and collaborate with sales teams to ensure growth attainment and increased footprint. Mentor and foster a working collaboration between customers, other BMC functions and partners. Ensure customer renewal and drive the growth of customer advocates. Partner with Sales to manage assigned accounts to ensure customer success with BMC. Partner with the customer to establish a transformational Business Roadmap/Blueprint to ensure achievement of business goals. Develop a comprehensive understanding of the customer’s industry business challenges and objectives to appropriately map Helix ITSM features and associated business benefits to address their needs. Play a fundamental part in helping your customers establish and manage their Change Management/Governance/Centre of Excellence programs. Identify risks to the customer achieving their stated business goals and developing a risk mitigation plan. Serve as a customer advocate in driving industry best practices and the evolution of BMC product and platform functionality, courses and administrative services integral to the customer's success. Develop and maintain long-term relationships with stakeholders in your account portfolio by networking between customers, partners and BMC. Contribute thought leadership and best practice, both internally and externally, around business transformation. Work with the other areas within Customer Success and BMC to develop and deliver repeatable processes and solution outcomes that improve the overall customer experience. Deliver successful customers to the contract renewal cycle and, where necessary, support the renewals process to minimize customer attrition. To ensure you’re set up for success, you will bring the following skillset & experience: Strong communication (verbal & written) and customer handling skills. Proven problem-solving, analytical, and organizational/time management abilities. Ability to multitask and manage complex, senior-level IT/business accounts. Experience leading executive meetings/workshops and handling diverse portfolio engagements (1 week–several months). Quick learner with expertise in customer support tools/resources. BS in Computer Systems or related field OR equivalent programming experience. 5+ years in z/OS systems or major subsystems (STORAGE, IMS, CICS, DB2). Experience with AMI Monitor for CICS, AMI Auto Operator, or Mainview products. Proficiency in IBM utilities, RACF commands, REXX coding. 5+ years in Windows/Unix/Linux OS management, networking, security, and SIEM tools. Strong understanding of networking and security concepts. Excellent diagnostics, debugging, and troubleshooting skills. Whilst these are nice to have, our team can help you develop in the following skills: Experience with Splunk Enterprise, batch files, and programming (C, C++, C#, Python, JavaScript preferred). Ability to understand and write Assembler helpful, but not essential Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. < Back to search results BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 4,166,900 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Show more Show less

Bhubaneswar, India Job Category : Security Research Posting Date : 01 January 2024 Job Type : Engineering Years of Experience : 5-10 Does this position require a security clearance? No Applicants are required to read,write and speak the following languages Hindi/English Additional Info : Job Description As an esteemed Security Research Engineer with expertise in offensive methodologies and substantiating exploitation, your indispensable role within our security team cannot be understated. Your principal task entails spearheading team exercises to evaluate and enhance our organizational defenses. Moreover, you will partake in team exercises, working alongside the team to strengthen detection prowess and simulate intricate attack scenarios. As part of your role, you will have the responsibility of overseeing and implementing an efficient security strategy, along with security programs and services that are both effective and reliable. Responsibilities Ensure that you remain ahead in the industry by consistently enhancing your understanding of emerging threats, up-to-date attack techniques, and well-documented vulnerabilities. Conduct diverse exercises, including internal and external penetration tests and lateral movement assessments. Evaluate and circumvent security systems to uncover vulnerabilities and propose enhancements. Improve tools for managing configuration or attack paths. Simulate advanced methods and detect different approaches to Tactics, Techniques, and Procedures (TTPs) that could remain unnoticed. Create comprehensive reports that thoroughly document the discoveries, approaches, and applicable suggestions derived from Team engagements. Construct concise and persuasive reports that proficiently convey identified weaknesses, potential attack paths, and potential consequences to relevant parties. Guarantee that reports offer pragmatic advice for rectifying vulnerabilities and improving overall security. Qualifications Bachelor's degree in Computer Science or certifications in Offensive Security such as OSCP, OSCE, or similar qualifications. Minimum of 4 years of experience in a similar role, showcasing a strong background in offensive security and penetration testing. Required Skills Proficient in writing IPS/SIEM detection logic using tools like Splunk or Anvilogic. Hands-on experience in blue team activities with SPL, KQL, YARA-L, and SIGMA. Skilled in crafting detection logic for SIEM or Data Lakes, including Splunk, Anvilogic, etc. Excellent English communication skills, both written and verbal, to effectively communicate complex technical concepts to technical and non-technical stakeholders. Capable of sharing knowledge effectively to educate others. Strong problem-solving abilities and a creative mindset for identifying attack vectors and developing innovative strategies. Disclaimer Hiring Range: from 1000000 to 2250000 per annum. May be eligible for bonus and equity. We maintain broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Nirmalya’s differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. About Us Nirmalya's career has the potential to encompass various industries, roles, countries, and cultures, allowing for growth in novel positions and driving innovation, while effectively balancing work and personal life. Nirmalya has achieved success over the years by embracing change, fostering innovation, and consistently upholding ethical principles, thereby delivering exceptional results for leading companies across multiple industries.To foster and support the talents responsible for such accomplishments, our dedication lies in cultivating an inclusive culture that appreciates and embraces diverse insights and perspectives. We strive to create a workforce that inspires thought leadership and sparks innovation, ensuring a thriving environment for all. Nirmalya Employee Benefits are meticulously designed to prioritize equality, reliability, and affordability. Our comprehensive package encompasses essential features such as Medical and Life Insurance, while also granting access to Retirement Planning and more. Additionally, we actively encourage our employees to actively contribute to the well-being of the communities where we operate. We firmly believe that fostering diversity and inclusion lays the foundation for innovation. To shape a brighter tomorrow, we seek talent from diverse backgrounds, embracing a range of perspectives and abilities. We are committed to providing reasonable accommodations to individuals with disabilities throughout the job application, interview, and prospective role stages, thereby enabling them to effectively perform crucial job functions. Our dedication lies in fostering an inclusive workforce that enables every individual to thrive. We believe in the power of diverse perspectives and value every voice, as it is this harmony that propels us to surpass previous achievements. As an Equal Employment Opportunity Employer, Nirmalya ensures that all applicants are treated fairly and without discrimination. We promote equality regardless of race, color, religion, national origin, gender identity, disability, protected veterans’ status, or any other characteristic protected by law. Additionally, Oracle complies with applicable legislation by considering qualified applicants with arrest and conviction records for employment opportunities. Join our team where diversity is celebrated, and everyone's unique contribution is respected. Together, we embrace innovation and strive towards excellence – a testament to our commitment to fostering an inclusive and thriving workplace.

Who You’ll Work With This role is part of the EADP and work with Identity and Access Management Team, EADP aggressively innovates solutions to drive growth while creating and implementing tools that help make everything else in the company possible. The candidate needs to have a strong understanding of technical concepts, excellent attention to detail, data accuracy, and data analysis, strong verbal and written communication skills, and be self-motivated and operates with a high sense of urgency and a high level of integrity. Who We Are Looking For S/MS in CS, a related field or equivalent experience Hands-on multi-year (7+) experience with information technologies like operating systems, Java/C#/Python/Golang, Locust/Apach, Jmeter/Postman, Selenium, and advanced information security Experience testing Serverless/ APIs/Cloud enabled (AWS/AZURE etc.), Cloud agnostic ,Enterprise web Application, SAAS, Geographically distributed and highly available applications, Managed platform services/ MDM services Capability to develop rest based/UI based Quality Assurance framework Code Coverage tools and Dev Code Debugging skills experience is must, Security centric approach and secure by design champion Experience in implementing complex functional tests that require an understanding of the application logic Experience developing automation scripts in Selenium/ Java/ TestNG Has the ability to work with limited guidance and debug and resolve automation scripts issues independently Practice of creating manual test cases, creating test data and reporting the defects in test management tool Familiar with ant test/ defect management tools such as Jira, GIT etc. Good to have experience in Sailpoint IIQ (Any IDM tool), Okta (Any SAAS Authentication), Cyberark, Active Directory, Radius and AAA account management, MFA and vaults Professional education and certification (like CompTIA Security+, SSCP, CISSP, CISA, or CISM) are preferred What You’ll Work On We are building and supporting petabyte-class solutions that consume fast moving streams from eCommerce, retail and partner channels to power the critical decisions that drive our business. You will be a key part of Nike’s Digital Transformation initiative to help deliver efficient data access, reliable data warehousing platforms, enhanced compliance and reduced risk. We’re hiring a Senior Engineer with talent and persistence who can leverage their existing skills and learn new ones. You should have extensive experience in many of the specific technical skills we’re looking for and be expert enough to help ramp up others quickly. Communicate effectively with engineers, Operations, Counter parts in various geographical locations and other stakeholders in the organization Ability to support, develop and enhance platforms Exposure to Information security and experience into IAM technologies like PKI, Authentication, Authorizations, ACME, SCIM, SIEM, OAuth, SAML etc. Capability to drive operation as IC and lead yourself Leading yourself, Setting example, through projects and troubleshoot/resolve security control configuration issues Demonstrated ability to coach others to quickly learn new IT and security concepts and technologies Demonstrated ability to model and design methodical procedures to define routine work; demonstrated ability to be innovative in procedure design Demonstrated ability to perform quality work during stressful and high pressure projects or initiatives Demonstrated ability to model independent sound decision making and coach others to grow their ability in decision making skills Experience leading other technical security staff; mentoring junior engineers Show more Show less

Role Description Key Responsibilities: Solution Architecture & Design Architect and design scalable, resilient, and secure solutions aligned with business and technical requirements. Lead end-to-end solutioning using architectural patterns such as Microservices, Event-Driven Architecture, and SOA. Define and enforce architecture best practices, coding standards, and design principles. Cloud & Technology Strategy Provide technical leadership in AWS/Azure cloud adoption, SaaS/PaaS architectures, and DevOps integration. Optimize infrastructure for cost, performance, and security, leveraging Cloud Governance and FinOps best practices. Drive cloud-native application development, containerization (Docker, Kubernetes), and serverless computing strategies. Security, Compliance & Observability Define and enforce security best practices, API security standards, and compliance with frameworks such as SOC 2, HIPAA, and GDPR. Ensure integration of SIEM, SOAR, WAF, and enhanced access controls for improved security posture. Lead initiatives to enhance observability, performance monitoring, and system reliability. Technical Governance & Best Practices Establish and enforce architecture governance, technical standards, and compliance frameworks. Conduct technical reviews, architecture assessments, and design validation for enterprise applications. Define reference architectures, reusable components, and automation strategies to drive efficiency. Cross-Functional Collaboration & Leadership Work closely with engineering, infrastructure, security, and product teams to provide architectural guidance. Mentor development teams, ensuring alignment with best practices. Lead discussions on emerging technologies, R&D initiatives, and proof-of-concept (PoC) evaluations. Mentorship & Knowledge Sharing Mentor and guide technical leads, developers, and junior architects. Conduct technical knowledge-sharing sessions, internal workshops, and architecture reviews. Promote a culture of continuous learning and innovation. Must-Have Skills Required Skills & Qualifications Experience: 12 to 16 years of hands-on experience in software development, solution design, and technical leadership. Technical Expertise: Strong proficiency in Java and/or Node.js, with deep expertise in Microservices, API design, and event-driven architectures. Cloud & DevOps: Extensive experience with AWS and/or Azure, including SaaS, PaaS, Kubernetes, CI/CD pipelines, and Infrastructure as Code (Terraform, CloudFormation). Enterprise Architecture & Governance: Proven experience in establishing architecture standards, governance frameworks, and technical reviews. Security & Compliance: Strong understanding of cloud security, API security, authentication mechanisms (OAuth, JWT), and compliance frameworks. Database & Performance Optimization: Expertise in SQL & NoSQL databases, caching strategies, and high-performance system design. Problem-Solving & Leadership: Ability to troubleshoot complex technical challenges and guide teams in implementing optimal solutions. Industry Experience: Prior experience in the Healthcare industry (preferred but not mandatory). Good-to-Have Skills AI & Machine Learning – Experience leveraging AI/ML for predictive analytics, anomaly detection, and intelligent automation. FinOps & Cost Optimization – Understanding of cloud cost management and optimization strategies. Site Reliability Engineering (SRE) – Knowledge of error budgets, automated incident management, and performance monitoring. Multi-Cloud & Hybrid Cloud Strategies – Experience designing multi-cloud architectures across AWS, Azure, and private cloud. Low-Code/No-Code Platforms – Familiarity with low-code/no-code development tools to accelerate solution delivery Skills Solution Architecture,cloud technologies,Devops,Security Show more Show less

Role Description SOC Analyst L2 is an operational role, focusing on ticket quality and security incident deeper investigation and will be responsible to handle the escalated incidents from Level 1 team within SLA. Responsibilities SOC Analyst L2 would work closely with SOC L1 team, L3 team & customer and responsible for performing deeper analysis and need to interact with client in daily calls and need to take the responsibility of handling the True Positive incidents on time. When L1 escalates an incident to L2, need to conduct more analysis and, if needed, escalate to the customer/L3 team, or L2 analyst must advise L1 team members until the incident is resolved. Perform deep analysis to security incidents to identify the full kill chain Perform remediation steps according to the findings or initiate steps for remediation Prepare RCA for major incidents Handle L2 and above level technical escalations from L1 Operations team and resolve within SLA. Identify the security gaps and need to recommend new rules/solution to L3/Customer Need to suggest finetuning for existing rules based on the high count/wherever required Create and manage the Incident handling playbook, process runbooks and ad-hoc documents whenever needed Recommend finetuning for s with logic and threshold, and possibly the query as well for the SIEM Recommend new usecases with logic and threshold, and possibly the query as well for the SIEM Respond to clients’ requests, concerns, and suggestions Proactively support L1 team during an incident. Performs and reviews tasks as identified in a daily task list. Ready to work in 24x7 rotational shift model including night shift Incident detection, triage, analysis and response. Coordinating with customers for their security related problems and providing solutions. Share knowledge to other analysts in their role and responsibilities Provide knowledge transfer to L1 such as advance hunting techniques, guides, cheat sheets etc Provide oncall support on rotational basis for off hours Knowledge Experience Minimum of 3 years of experience in Cyber security, SOC At least 2 years of working in the SOC Previous experience in Splunk, EDR Solutions such as Sentinel One, Microsoft Security products, Experience in Linux Proficient in Incident Management and Response In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc. Up to date in cyber security s and incidents; intermediate understanding of enterprise IT Infrastructure including Networks Firewalls OS Databases Web Applications etc. Understanding of ISMS principles and guidelines; relevant frameworks (e.g. ISO27001) Desirable – Training / Certification in Ethical Hacking/SIEM Tool etc. Experience in handling Linux servers, familiar with Linux OS and commands Additional Desired Skills Strong verbal and written English communication Any cloud solution knowledge Strong interpersonal and presentation skills Ability to work with minimal levels of supervision Responsible for working in a 24x7 Security Operation centre (SOC) environment. Essential Skills Knowledge and hands-on experience with Splunk, SentinelOne or any other EDR solution, Linux. Continuous Learning innovation and optimization Ensure completion of learning programs as suggested by Managers Suggest ideas that will help innovation and optimization of processes. Help develop the ideas into proposals. Provide suggestions to reduce the manual work Teamwork Assist L1 team members where possible Skills Linux,Splunk,Sentinel One,Cloud Solutions Show more Show less

Who We Are Samsara (NYSE: IOT) is the pioneer of the Connected Operations™ Cloud, which is a platform that enables organizations that depend on physical operations to harness Internet of Things (IoT) data to develop actionable insights and improve their operations. At Samsara, we are helping improve the safety, efficiency and sustainability of the physical operations that power our global economy. Representing more than 40% of global GDP, these industries are the infrastructure of our planet, including agriculture, construction, field services, transportation, and manufacturing — and we are excited to help digitally transform their operations at scale. Working at Samsara means you’ll help define the future of physical operations and be on a team that’s shaping an exciting array of product solutions, including Video-Based Safety, Vehicle Telematics, Apps and Driver Workflows, Equipment Monitoring, and Site Visibility. As part of a recently public company, you’ll have the autonomy and support to make an impact as we build for the long term. About the role: Samsara Technologies India Private Limited is looking for you to join our Security Operations Team were you will collaborate with a global team of engineers to proactively identify and mitigate risks, monitor and respond to security events, respond to and assist in security incidents as a security incident responder, and protect Samsara Technologies India Private Limited’s corporate infrastructure and operations. You will also be responsible for creating and maintaining runbooks, assisting in creating automated workflows, and assisting in process refinement and implementation. You will collaborate with a diverse team of analysts, engineers and key stakeholders on security initiatives across the company. Above all, your focus is bringing Security expertise to the table in a collaborative, humble, and practical manner. This would be a remote job - Bangalore based. This role requires working 2 PM – 11 PM IST. Relocation assistance will not be provided. You should apply if: You want to impact the industries that run our world: Your efforts will result in real-world impact—helping to keep the lights on, get food into grocery stores, reduce emissions, and most importantly, ensure workers return home safely. You are the architect of your own career: If you put in the work, this role won’t be your last at Samsara. We set up our employees for success and have built a culture that encourages rapid career development, countless opportunities to experiment and master your craft in a hyper growth environment. You’re energized by our opportunity: The vision we have to digitize large sectors of the global economy requires your full focus and best efforts to bring forth creative, ambitious ideas for our customers. You want to be with the best: At Samsara, we win together, celebrate together and support each other. You will be surrounded by a high-caliber team that will encourage you to do your best. In this role, you will: Monitor security events and provide technical analysis on alerts Respond to cyber security incidents by executing the incident response strategy through incident closure, while providing incident updates to the incident commander throughout the incident Protect Samsara while partnering across the organization to drive remediation and ensure Samsara infrastructure is sufficiently protected Manage post-incident activity such as POMO and Corrective Action assignments Manage security event analysis Assist with developing and maintaining security policies, processes and incident response procedures Deliver security guidance clearly and concisely for cloud and enterprise infrastructure initiatives Coordinate the building of services, capabilities, integrations, and implementations of technologies to support security operations and incident response Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) as we scale globally and across new offices Minimum requirements for the role: 3+ years of relevant experience in security incident response Programming experience in Python Strong reasoning skills and the ability to accurately document procedures and findings during analysis Practical experience assisting in security incident response, including triage, and coordinating across teams to drive incidents to closure Concise verbal and written communication skills in english Strong problem-solving skills, adaptable, proactive, and willing to take ownership Understanding of analysis and forensics techniques on macOS, Windows, and Linux Ability to work flexible hours and be on call for potential security incidents Experience utilizing SIEM tools to perform log reviews An ideal candidate also has: Bachelor’s degree in Information Technology, Risk Management or a related field Familiarity with common security frameworks and standards, including NIST Cybersecurity Framework, ISO 27001, FedRAMP Experience in cloud architecture and security (AWS, GCP) and cloud-based services Experience conducting security investigations across clouds, user endpoints, and servers Familiarity with data privacy regulations and compliance Technical knowledge of network fundamentals and common Internet protocols Relevant information security certifications At Samsara, we welcome everyone regardless of their background. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, gender, gender identity, sexual orientation, protected veteran status, disability, age, and other characteristics protected by law. We depend on the unique approaches of our team members to help us solve complex problems and want to ensure that Samsara is a place where people from all backgrounds can make an impact. Benefits Full time employees receive a competitive total compensation package along with employee-led remote and flexible working, health benefits, Samsara for Good charity fund, and much, much more. Take a look at our Benefits site to learn more. Accommodations Samsara is an inclusive work environment, and we are committed to ensuring equal opportunity in employment for qualified persons with disabilities. Please email accessibleinterviewing@samsara.com or click here if you require any reasonable accommodations throughout the recruiting process. Flexible Working At Samsara, we embrace a flexible working model that caters to the diverse needs of our teams. Our offices are open for those who prefer to work in-person and we also support remote work where it aligns with our operational requirements. For certain positions, being close to one of our offices or within a specific geographic area is important to facilitate collaboration, access to resources, or alignment with our service regions. In these cases, the job description will clearly indicate any working location requirements. Our goal is to ensure that all members of our team can contribute effectively, whether they are working on-site, in a hybrid model, or fully remotely. All offers of employment are contingent upon an individual’s ability to secure and maintain the legal right to work at the company and in the specified work location, if applicable. Fraudulent Employment Offers Samsara is aware of scams involving fake job interviews and offers. Please know we do not charge fees to applicants at any stage of the hiring process. Official communication about your application will only come from emails ending in ‘@samsara.com’ or ‘@us-greenhouse-mail.io’. For more information regarding fraudulent employment offers, please visit our blog post here. Show more Show less

Why join us? Our purpose is to design for the good of humankind. It’s the ideal we strive toward each day in everything we do. Being a part of MillerKnoll means being a part of something larger than your work team, or even your brand. We are redefining modern for the 21st century. And our success allows MillerKnoll to support causes that align with our values, so we can build a more sustainable, equitable, and beautiful future for everyone. Role: Security Analyst Location: Bangalore Purpose / Profile As a Security Analyst at Miller Knoll, you will help reduce enterprise risk by safeguarding the organization’s digital assets from cyber threats. You will work closely with the Security Operations Center to continuously monitor, analyze, and respond to security alerts and events. You will collaborate directly with the greater Information Security team to ensure compliance with industry regulations, standards, and best practices, as well as educate employees on proper cyber hygiene. You will help guarantee the confidentiality, integrity, and availability of the organization’s network and compute resources and aid in shaping strategies to reduce cyber risk. Essential Functions Provide timely detection and identification of possible attacks/intrusions and distinguish findings from benign activities. Correlate incident data to identify specific vulnerabilities and make recommendations that enable prompt containment and remediation. Coordinate with the greater organization to resolve cyber incidents. Provide technical summaries of findings in accordance with established reporting procedures. Escalate and triage incidents that may cause an immediate impact to the organization. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats. Perform event correlation to gain situational awareness and to determine the effectiveness of an observed attack. Assist in the development and implementation of security policies and procedures. Track and document cyber incidents from initial detection through final resolution. Assist in reducing risk by actively identify areas of non-compliance and making recommendations for improvement. This role will work either in the UK shift (12 noon to – 9 pm) and/or US shift (5:30PM to 2:30 AM). Additional Functions Stay current with cybersecurity news and trends relevant to the business and industry. Participate in the information security on-call rotation, providing emergency support for security-related incidents. Provide input into the development of security policies and procedures. Interface with other business units such as Governance, Risk, and Compliance to communicate program status and overall security posture. Promote a positive security culture through knowledge sharing, influences, and conduct. Create and maintain role-specific documentation. Participate in the Change Advisory Board (CAB). Knowledge, Skills, And Abilities Knowledge of system administration concepts for operating systems such as Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of cloud service models and cloud security best practices. Knowledge of procedures used for documenting and querying reported incidents, problems, and events. Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. Knowledge of auditing and logging procedures (including server-based logging). Knowledge of common software applications and their associated vulnerabilities. Knowledge of host-based security products and how they reduce exploitation. Knowledge of approach, strategy, and structure of exploitation tools (e.g., sniffers, keyloggers) and techniques (e.g., gaining backdoor access, collecting/exfiltrating data, conducting vulnerability analysis). Knowledge of MITRE ATT&CK and similar cybersecurity frameworks. Knowledge of what constitutes a “threat” to a network. Skill of identifying, capturing, containing, and reporting malware. Skill in using incident handling methodologies. Skill in using security event correlation tools. Skill in developing analytic approaches to problems and situations for which information is incomplete or where no precedent exists. Ability to identify unusual activity amongst a defined baseline. Qualifications Education/Experience Bachelor’s in computer science, Information Systems, Cybersecurity, or Software Engineering. 6-8 years of relevant experience in cybersecurity or information technology. 3+ years of hands-on experience with an EDR/XDR solution, SEG, and SIEM. Experienced in a scripting language such as Python, PowerShell, or VBA. Licenses and Certifications One or more technical or cybersecurity certification preferred (e.g., CISA, CCSP, CRISC, CEH, Security+, GSEC, SSCP) Who We Hire? Simply put, we hire everyone. MillerKnoll is comprised of people of all abilities, gender identities and expressions, ages, ethnicities, sexual orientations, veterans from every branch of military service, and more. Here, you can bring your whole self to work. We’re committed to equal opportunity employment, including veterans and people with disabilities. MillerKnoll complies with applicable disability laws and makes reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact MillerKnoll Talent Acquisition at careers_help@millerknoll.com. Show more Show less

Role: Sentinel Engineer Exp: 5-15 years Drive date: 07-June (Saturday) Drive Locations: Hyderabad - TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Bangalore - TCS L-Center, Vydehi RC-1 Block, EPIP Industrial Area, 82, 6th Rd, KIADB Export Promotion Industrial Area, Whitefield, Bengaluru, Karnataka 560066 Chennai - TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Mumbai - TCS OLYMPUS, Hiranandani Estate, Thane West, Thane, Maharashtra 400615 Noida - TCS Yamuna, First floor, Assotech Business Cressterra, VI Plot 22, Sector 135, Noida, Uttar pradesh- 201301 Kolkata - Tata Consultancy Services Limited | IT/ITES SEZ, Plot-IIF / 3 Action Area-II, New Town, Rajarhat, Kolkata-700156, West Bengal, India Role: Strong understanding of Sentinel Security Operations and Incident Response Experience of installation, configuration, administration and maintenance of SIEM Platform (Sentinel) Integration of data sources/log sources in Sentinel Good knowledge in Threat hunting Strong understanding of Use cases and fine tuning of use cases based on demand Knowledge on Security incident handling and analysis Implementation of enhancements and fine tuning based on the inputs Design and optimize SIEM platform architecture for large-scale and distributed deployments Good knowledge in Customer parser/apps creation for SIEM platform Liaison with Cyber Security Leadership Experience in conducting trend analysis Experience analyzing malware and reverse engineering Skill in performing packet-level analysis. Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning) Work with stakeholders to resolve computer security incidents and vulnerability compliance Show more Show less

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Kyndryl’s Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested; we're committed. We're not just protecting data; we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills. When you walk through our doors, you're not only joining a team but you're also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn't just a job – it’s a passion; a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. Join us as a Cybersecurity Infrastructure Professional, where you'll be entrusted with the crucial task of maintaining and enhancing the infrastructure that is the backbone of our cybersecurity operations for our Fortune 500 clients. You'll be responsible for the orchestration of infrastructure, keeping our systems protected from the relentless advances of physical and cyber adversaries. Your vigilance and technical expertise will be the shield that safeguards our computer systems, networks, and invaluable data from the threat of unauthorized access, theft, damage, and other malicious activities. Your domain will revolve around preserving the integrity of an IT infrastructure, the security of networks, and the sanctity of data. If you have a passion for cybersecurity and are looking for a role that combines cutting-edge technology with the thrill of safeguarding critical assets, then this role is your gateway to the world of cybersecurity heroism. Join us at Kyndryl, and let's build the future of digital security together. Your Future at Kyndryl When you join Kyndryl, you're not just joining a company – you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles – we’re invested in your journey. . Manage Information Security technologies that fall under the team’s responsibilities, confirming they are operating within agreed service levels and at peak possible performance Coordinate planned maintenance activities with relevant stakeholders Manage incident response efforts Provide 24/7 network support for troubleshooting, diagnosing, and resolving network security-related issues. Ensure compliance with required security regulations such as ISO 27001, PCI-DSS and others applicable policies and frameworks. Incident Handling: Respond to escalated incidents from L1, performing deeper investigation and analysis. Enhancements: Propose improvements in security monitoring, detection, and response protocols. Risk Management: Assist in identifying security risks, supporting vulnerability remediation efforts for the above security technologies Reporting: Document incidents, update knowledge bases, and report complex issues to the L3 team. Analysis: Perform initial assessment and triage of security events; escalate incidents as per the defined protocols. Response: Conduct basic troubleshooting for Firewall - Fortinet Firewall, Forti analyzer, Palo Alto Firewall and other security technologies Documentation: Maintain accurate logs and documentation, updating incident reports and tickets. Who You Are Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills And Experience Mastery of security tools and technologies, such as firewalls, intrusion detection/prevention systems, endpoint security, , and SIEM solutions Deep understanding of operating systems (e.g., Windows, Linux) and their security mechanisms Knowledge of security standards and compliance requirements (e.g., ISO 27001, NIST, GDPR) Experience with key market leading technologies in the relevant area Ability to assess and follow best practices in technology deployment and configuration Experience with the design and implementation of security architectures, segmentation and zero trust frameworks Preferred Skills And Experience Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or other related fields Experience with workload, server, network architectures and associated security controls 5+ years of experience in managing security technologies such as Firewalls, VPN, NAC & Secure DNS Proficient in OSI model and TCP/IP Protocols Handson experience in firewalls such as Palo Alto, FortiGate, SonicWall or Citrix NetScaler or NAC or secure DNS solutions Basic skills in network, compute, cloud computing Understanding and daily use of Microsoft Office 365 Suite and other productivity tools Certifications: Security: Product related certifications from OEMs such as Palo Alto and FortiGate CompTIA Security+ or Certified Ethical Hacker (CEH) Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address. Show more Show less

Introduction IBM is a global technology and innovation company. It is the largest technology and consulting employer in the world, with presence in 170 countries. The diversity and breadth of the entire IBM portfolio of research, consulting, solutions, services, systems and software, uniquely distinguishes IBM from other companies in the industry. Over the past 100 years, a lot has changed at IBM, in this new era of Cognitive Business, IBM is helping to reshape industries as diverse as healthcare, retail, banking, travel, manufacturing, and many more, by bringing together our expertise in Cloud, Analytics, Security, Mobile, and the Internet of Things. We like to say, "be essential." We are changing how we create. How we collaborate. How we analyze. How we engage. IBM is a leader in this global transformation. Join the next generation of innovators, inventors and entrepreneurs who are changing the very way the world works. We want the brightest minds doing work that inspires, in an environment where growth is encouraged. IBMers get to discover their potential, so they’re inspired to create breakthroughs that help our clients succeed. We’re building diverse teams with people who want their ideas to matter. Join us — you’ll be proud to call yourself an IBMer. Your Role And Responsibilities Work with cross functional, multidisciplinary team of stakeholders to support strategy definition and direction for Security Offerings on IBM Power Be an integral part of the Product Management process, including but not limited to: market and competitive analysis, customer and business partner engagement, understand innovative differentiators, assist with business outcomes, customer and partner success, support product and go-to-market readinessHiring manager and Recruiter should collaborate to create the relevant verbiage. Required Technical And Professional Expertise 5+ years of experience working on security offerings (EDR/XDR, SOAR, SIEM, Cyber Security, data encryption, compliance) 3+ years of experience in product management 3+ years of experience working with clients and understanding theirs needs, use cases, ability to converse with security SMEs, analyze and understand customer application landscape. Knowledge of complex security issues and challenges, growing regulatory compliance requirements, and underlying technologies & solutions to remediate risks Preferred Professional And Technical Expertise 2-3 years of experience working with end to end security stack (from hardware to application layer) Strong communication skills Growth minded, resourceful and a team-player Go-to-market experience a plus Show more Show less

Principal Software Engineer Hyderabad, Telangana, India No longer accepting applications Job number 1745369 Work site Up to 50% work from home Travel None Role type Individual Contributor Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Looking to growth hack your career? Looking to be part of the transformational Microsoft Azure cloud journey as part of the C+AI team? Passionate to leverage latest technologies to enable the next big opportunity in the Commercial Cloud business of Microsoft? Passionate about designing and building highly secure services and infrastructure, hand-on understanding of cybersecurity and cyberthreats? Passionate to engineer high scale end to end capabilities on Azure which powers $120B+ of revenue? Obsessed about customers and partner experiences? The Azure Commerce + Ecosystems (C+E) team enables one of Microsoft’s most business-critical needs, building the services and tools to enable commerce across Microsoft. Given Microsoft's global presence in over 240 markets, close to 150 million transactions a day, and billions of dollars in revenue, commerce services need to be true internet scale and have state of the art availability, reliability, security and responsiveness. Join the Azure Commerce + Ecosystems (C+E) team – Commerce Financial Services (CFS) Team that is responsible for running Microsoft Commercial Commerce engine, licensing and fulfilments for millions of customers, through millions of transactions per day and processing of $120B+ of Microsoft revenue running completely on Azure platform leveraging multitude of Azure offerings across PaaS, IaaS and serverless. As we embark on our next rung of growth, we have bold goals to build a modern commerce platform for Microsoft which focus on simplification of licensing, faster go-to market, improve experience of partners and customers in both commercial and consumer space. Security is the most critical priority for all the current services that we have and also the modern services that we are building. Every day we are investing and maturing our security posture, and we aspire to have a world class “commerce and finance grade” secure services and related operations. Our Team Culture: Work environment where exploration, experimentation and innovation are encouraged Modern customer experiences by latest technologies and matured engineering processes Empowered individuals and teams to realize their full potential Data and insights driven roadmap of products and decision making Focus on outcome, customer pain points and high quality of delivery Qualifications Excellent technical understanding and hands-on experience on designing, delivering and operating services with deep focus on multiple aspects of cybersecurity, threat intelligence, risk mitigation and overall protection covering service, data and compliance. Excellent understanding of industry leading cybersecurity standards, practices and products. In-depth technical understanding of Security and Data Security Architectures, Identity Management and Lifecyle, Azure/Cloud Defender Products, Microsoft Information Protection Standards, Data Classification and Protection, DDOS Protection Techniques, SIEM, CASB, WAF, Secure Gateways, PKI, Threat Detection Techniques, Architecture concepts like Zero Trust, Security Posture Analysis and Maturity of different Azure/Cloud Resources, Code/Infrastructure/Network Level Security. Prior experience in modernizing security architecture and posture of services and products. High standards for security domain knowledge along with a track record for writing quality code on popular platforms and languages. Good understanding of AI Security and overall Responsible AI practices. Excellent communication skills and great ability to drive security modernization conversation with global security experts within organization. Responsibilities We are looking for a Principal Software Engineer with primary expertise on security. The ideal candidate should have a blend of technical skills in building and managing secure services, excellent understanding, experience and passion on cybersecurity. Someone who can define and drive security posture of commerce services and bring industry standards to every architecture, design and infrastructure that we build. Below are some of the high-level responsibilities that you will be taking care - Accountable to develop and execute security strategies, a primary point of contact for security posture modernization for all the services. You will ensure consistent adoption of security practices across services. Review the design of services from a security and threat perspective to identify vulnerabilities and weaknesses in the architecture, make appropriate recommendations and guide teams to implement those recommendations. Remediate blockers for the team in their design or execution. Drive security testing and periodic drills, examine the testing results in detail, look for vulnerabilities and weaknesses, drive repair items and solutions to address identified gaps. Deliver security strategy and related technical presentations to leadership, influence for right investment and prioritization security modernization execution, provide status of security modernization, drive security architecture design sessions and contribute towards overall awareness and maturity of people’s understanding on security. Responsible for engaging and collaborating with members from product research, design and PM disciplines as well to make sure that security is considered in comprehensive manner in all stages of development. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations. No longer accepting applications

Role - Security Expert Skill - Should have knowledge of network security , Cert-IN guidelines, Information & Application security OWASP Top 10 principles, Endpoint security, including EDR and UEM, Programming Scripting Skills Log Analysis – including SIEM solutions, Familiarity with information security frameworks such as ISO27001 VAPT of applications Education - B.E. / B. Tech / M. Tech / MSc / MCA Experience - 4-6 Years Location - Delhi JD: Monitoring and deploying of scripts in Endpoint security Tools such as EDR and UEM Log Analysis of all logs including server, SQL, Object storage logs etc. and good understanding of SIEM and SOAR solutions Threat Analysis, Gathering and analyzing threat intelligence Incidence Response, forensic investigation techniques of security incidences Knowledge of Security protocols (e.g. SSL/TLS, IPSec, etc) Understanding and knowledge of network infrastructure and related security Show more Show less

Location: Mumbai Experience: 5 years Employment Type: Full-Time Job Summary We are looking for a highly skilled IT Network & Operations Manager with a strong background in network infrastructure, IT operations, and project management. The ideal candidate will be responsible for ensuring the smooth functioning of IT services, managing network infrastructure, leading IT projects, and driving operational efficiency. Key Responsibilities IT Operations & Service Management Network Infrastructure Management IT Project Management Security & Compliance Team Leadership & Vendor Management Develop IT performance metrics and reporting dashboards. Key Skills & Qualifications: Education: Bachelor's/Masters in IT, Computer Science, or related field. Certifications: CCNA, CCNP, ITIL, PMP, (Any) Technical Skills Networking: Cisco, Fortinet, Palo Alto, Meraki, SD-WAN, MPLS, VPN, BGP, OSPF. IT Operations: Windows/Linux servers, Active Directory, Virtualization, Cloud (AWS, Azure, GCP). Security: Firewall management, SOC, SIEM, DLP, IAM solutions. Project Management: Agile, Waterfall, ITSM tools (ServiceNow, Jira). Soft Skills Strong problem-solving and analytical skills. Leadership and team management abilities. Excellent communication and stakeholder management. Ability to work under pressure and meet deadlines. Show more Show less

Minimum Qualifications 6+ years of experience in security engineering, detection engineering, or cloud security. Strong expertise in application security, API security, and SaaS-specific threat detection. Experience with SIEM, SOAR, and detection-as-code tools (e.g., Splunk, OpenSearch, KQL, Sigma). Proficiency in log analysis, security telemetry engineering, and anomaly detection in cloud applications. Experience integrating security controls into SaaS applications and microservices. Good programming and automation skills. Preferred Qualifications Experience with automated threat simulations, MITRE ATTCK mappings, and adversary emulation. Knowledge of risk quantification methods and security metrics for executive reporting. Familiarity with cloud-native security tools. Hands-on experience in threat intelligence-driven detection engineering. Security certifications (e.g., GIAC GCDA/GCFA, AWS Security Specialty, GCP Security Engineer, OSCP). 1. SaaS-Application Centric Detection Research Engineering Develop and refine application-layer security detections for FAaaS, Spectra, and other critical LoBs, focusing on business logic abuse, API security threats, and identity-based attacks. Research and engineer detections for SaaS-specific attack vectors. Leverage detection-as-code frameworks (e.g., Sigma, OpenSearch, KQL) to automate the development and tuning of detection rules. Work closely with application security teams to enhance telemetry and ensure that security observability is embedded in SaaS products. 2. Proactive Security Controls Mitigative Capabilities Move beyond traditional monitoring by implementing proactive security controls to mitigate threats before exploitation. Collaborate with development teams to integrate security controls into SaaS applications for real-time anomaly detection and automated response. Drive continuous security validation efforts through automated adversary simulation and detection effectiveness testing. 3. Cross-Team Integration Real-Time Threat Intelligence Sharing Drive collaboration between Detection Engineering, Incident Response, and Red Teams by aligning detection research with real-world attack simulations and post-incident learnings. Develop automated feedback loops to reduce false positives, false negatives, and coverage gaps. Work with Incident Response to develop automated triage and enrichment mechanisms for SaaS security incidents. 4. Risk-Based Detection Engineering Security Metrics Shift towards a risk-based detection approach, ensuring that high-impact threats are prioritized based on their potential financial and reputational consequences. Provide executive-level visibility into detection efficacy by quantifying the impact of mitigated threats and aligning detection efforts with business risk. Develop security dashboards and reporting to communicate detection outcomes, including risk coverage, adversary trends, and operational efficiency. 5. Proactive Threat Hunting Data Anomaly Analysis Expand threat hunting and anomaly detection capabilities to identify previously unknown threats affecting SaaS customers and cloud applications. Utilize advanced data analytics and behavioral anomaly detection to identify stealthy attacks that evade traditional detection methods. Reduce reliance on SOC-driven escalations by proactively analyzing security telemetry for signs of compromise. Work closely with data scientists to enhance the use of ML/AI-driven security analytics for predictive threat detection. #LI-DNI

cum Position Title: Incident Compliance Analyst (Deputy Manager/Assistant Manager) About the Role We are seeking a proactive, detail-oriented, and versatile professional to join our Information Security team as an Incident Compliance Analyst . This role combines the responsibilities of managing information security incidents and ensuring compliance with cybersecurity frameworks and regulatory requirements. The selected candidate will act as a liaison with government agencies, handle information security incidents, strengthen the organization s cyber posture, and ensure timely communication of updates and learnings. Key Responsibilities Incident Management and Analysis: Investigate reported information security incidents to determine their scope, impact, and root cause. Identify responsible individuals or processes contributing to incidents and suggest corrective actions. Document findings, create detailed incident reports, and communicate learnings to stakeholders. Compliance Coordination and Stakeholder Management: Act as a liaison with government agencies (e.g., NCSCC, NCIIPC, CERT-IN, NTRO/DOT) to share and receive critical information related to cyber and information security incidents. Maintain a repository of communications, advisories, and updates from regulatory bodies for the organization. Ensure timely and accurate reporting of incidents to relevant stakeholders and authorities. Cybersecurity Posture Strengthening: Identify key areas for improvement in the organization s cyber and information security posture. Collaborate with internal teams to implement measures that address identified gaps and enhance security. Monitor and evaluate the effectiveness of implemented measures and recommend further improvements. Routine Information Security Management: Manage exceptional usage requests, ensuring compliance with organizational policies. Oversee information asset gate entry and access management to ensure secure handling of assets. Maintain records of access and usage approvals, ensuring proper documentation and traceability. Strategic Communication and Reporting: Prepare detailed management summaries of incidents for strategic communication and decision-making. Support preparations for Management Incident Summary Forum (MISF) meetings. Present periodic reports on incident statistics, root causes, preventive actions, and compliance updates. Provide training and guidance to employees on incident prevention, compliance, and security best practices. Qualifications and Skills Education: Bachelor s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Work Experience: 3-5 years of total experience, with at least 2 years in information security incident handling, compliance coordination, IT operations, or a related field. Experience in liaising with government agencies or regulatory bodies is a strong advantage. Certifications (Preferred): ISO 27001 Lead Auditor/Implementer CISSP (Certified Information Systems Security Professional) / CISA (Certified Information Systems Auditor) / CRISC (Certified in Risk and Information Systems Control) or similar Technical Skills: Strong knowledge of cyber security frameworks, standards, and regulatory requirements. Familiarity with incident response frameworks, methodologies, and tools (e.g., SIEM, IDS/IPS etc.). Understanding of IT infrastructure, security controls proficiency in root cause analysis problem-solving. Soft Skills: Excellent communication and interpersonal skills for effective coordination with stakeholders. Strong analytical critical thinking abilities for attention to detail ability to prepare concise accurate reports. Proactive approach to identifying and addressing compliance and security issues.

Total experience 3 years as Cyber Security Analyst. Knowledge on LogRhythm SIEM tool. Incident handling Total experience 3 years as Cyber Security Analyst. Knowledge on LogRhythm SIEM tool. Incident handling Job description 2-3 years of Experience in SIEM analyst and incident handling. B.E/B.Tech Roles and Responsibilities: 3+ years experience as a SOC analyst and any SIEM tool. Min 2+ years experience on LogRhythm SIEM. Responsible for alerts monitoring and incident handling. Perform the initial analysis and identify if any potential threat. Analyse security alerts and determine their validity and potential impact on the organization. Review and analyse security logs from various sources (e.g., firewalls, intrusion detection/prevention systems, and endpoint protection) Correlating logs from various security controls to gather more insight of the suspected event. Regularly preparing log monitoring reports and daily security report and proactively work on it. Document security incidents, including the steps taken to resolve them and any lessons learned. Ensure compliance with security policies, procedures, and regulatory requirement Work closely with other IT and security team members to enhance overall security posture. Coordinate with the L2 and L3 for any escalations. Knowledge on cyber kill chain and MITRE Attack frameworks and mythologies. Knowdledge on various cyber attacks in Cyber security world. Certifications: LogRhythm Security Analyst (LRSA) from LogRhythm University CEH

Rockwell Automation is a global technology leader focused on helping the world s manufacturers be more productive, sustainable, and agile. . Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that s you we would love to have you join us! Job Description Job Summary: As an OT Cybersecurity Detection Engineer, you will be responsible for designing, implementing, and managing detection strategies and tools to respond to cyber threats targeting critical OT/ICS environments. You will work with both internal and external cyber security teams to ensure the security and resilience of our industrial infrastructure. We are looking for an understanding of OT protocols, industrial control systems, OT threat intelligence and cybersecurity best practices, coupled with. You will report to the Cyber Team Leader and have a hybrid schedule working in Hinjewadi-Pune. Your Responsibilities: Develop detection rules, correlation searches, and alerting mechanisms within our Security Information and Event Management (SIEM) and other security monitoring tools specifically tailored for OT environments. Analyze OT network traffic, system logs, and security events to identify suspicious activity, anomalies, and potential security incidents. Develop of OT protocols (e.g., Modbus, DNP3, IEC 61850), industrial control systems (e.g., PLC, SCADA, DCS), and their security possible effects. Collaborate with OT operations and engineering teams to understand their processes, and potential vulnerabilities. Tune and optimize detection rules to minimise false positives and ensure high-fidelity alerts. Maintain documentation for detection strategies, rules, and incident response procedures specific to OT. Participate in incident response activities related to OT cybersecurity incidents, providing technical expertise in detection and analysis. Contribute to the development of OT security policies, standards, and procedures. Stay up-to-date on the latest OT cybersecurity threats, vulnerabilities, and mitigation techniques. Recommend new security tools relevant to OT detection capabilities. Collaborate with IT security teams to ensure a cohesive and integrated security posture across both IT and OT environments. Develop and deliver training or awareness sessions on OT-specific detection techniques for relevant teams. The Essentials - You Will Have: Have 2-3years strong understanding of OT protocols, architectures, and common industrial control systems Experience with SIEM\SOAR platforms and developing custom correlation rules and alerts. Experience analyzing network traffic using tools like Wireshark and understanding OT-specific network protocols. Knowledge of common cybersecurity frameworks and standards relevant to OT (e.g., NIST SP 800-82, IEC 62443) Familiarity with threat intelligence sources and their application to OT environments. Technical information to both technical and non-technical audiences. Understand internal or external customer needs. The Preferred - You Might Also Have: You will have to understand relevant evolving technology, understand complex technology dependency and working across a range of service offerings that may use a wide array of technologies and partners. Across multiple departments with different goals. Develop important product and service launches. Collaborative culture across the automation engineering team while meeting CI goals Adopt technology best practices around technology vendor evaluation and managing maintenance of technology platforms. What We Offer: Our benefits package includes Comprehensive mindfulness programmes with a premium membership to Calm Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme - Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program Personalised wellbeing programmes through our OnTrack programme On-demand digital course library for professional development ... and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if youre excited about this role but your experience doesnt align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. #LI-Hybrid #LI-SM1

Primary/ Mandatory skills : Extensive experience in “Chef IT Automation” Secondary skills : Good knowledge and experience in DevOps Level: SA RR : Maintain a consistent terraform script when compared to existing cloud resources Chef version update: version 14 to version 18 Crowdstrike, Qualys and Splunk integration for Ecommerce workloads Packer AMI creation for Windows Core and CentOS Stream 9 Terraform version update Collaborate with DB team for “CentOS version + DB version” update project Test every change made. Work with DevOps, SRE and development teams for testing. Document and publish the changes, and projects undertaken. Client Round (Yes/ No): Yes Location Constraint if any : No Constraints Shift timing: IST 1330Hrs – 2330Hrs

Number of Openings 2 ECMS ID in sourcing stage TBD Assignment Duration 6 12 months Total Yrs. of Experience 8 + Years Relevant Yrs. of experience 5 + Years( L3) Detailed JD (Roles and Responsibilities) Specific Solution Management SIEM management Log source integration (ingestion parser selection) Custom DSM / parser development maintenance Rule development XSIAM / XDR global Knowledge Manage and address log source loss issues CSIRT Infrastructure Management Manage AWS environments Manage GCP environments Manage Windows systems Manage Linux systems Develop and maintain scripts primarily in Python, with some bash/Powershell scripting ITSM process usage Automation Develop playbooks in XSIAM Develop playbooks in XSOAR Reporting Management (nice to have) Utilize PowerBI for reporting Mandatory skills SIEM , Qradar, XSIAM / XDR global Knowledge, Develop playbooks in XSIAM and XSOAR with 5 yrs exp (L3) Desired/ Secondary skills Domain Solution Expert - CSIRT _SOC Max Vendor Rate in Per Day (Currency in relevance to work location)

Job Summary As an OT Cybersecurity Data Engineer, you will manage the design, implementation, and testing of our Security Information and Event Management (SIEM) system with a specific focus on integrating and analyzing data from critical OT/ICS environments. You will work with cybersecurity teams to ensure the monitoring, detection, and reporting of security threats within industrial infrastructure. We are looking for a understanding of SIEM and SOAR technologies, OT protocols, and cybersecurity best practices. You will report to the Cyber Team Leader and have a hybrid schedule working in Hinjewadi-Pune. Your Responsibilities: Develop SIEM and SOAR solutions tailored for OT environments, considering the unique challenges and protocols involved. Integrate multiple OT data sources (e.g., IDS, EDR, control system logs, network traffic from industrial protocols) into the SIEM platform. Maintain custom parsers, normalizers, and correlation rules to analyze OT-specific logs and events within the SIEM. Collaborate with OT operations and engineering teams to understand their systems, data sources, and security monitoring requirements. Configure and improve the SIEM platform for performance, scalability, and stability in an OT context. Maintain OT-focused dashboards and reports within the SIEM to provide actionable insights into security posture and potential threats. Tune and optimize SIEM rules and alerts to minimize false positives and ensure high-fidelity detection of OT security incidents. Maintain documentation for the OT SIEM architecture, data sources, rules, and operational procedures. Recommend new SIEM features, integrations, and related security technologies for enhancing OT security monitoring. The Essentials - You Will Have: Have 4-5years of demonstrated experience working with SIEM platforms (e.g., Sumo Logic, Palo Alto Cortex XSOAR) and a understanding of their architecture, configuration, and rule development. Understanding of OT protocols (e.g., Modbus, DNP3, IEC 61850), industrial control systems (e.g., PLC, SCADA, DCS), and their logging mechanisms. Experience parsing and normalising complex log formats, including those specific to OT devices and applications and, in the context of security event analysis, technical information to both technical and non-technical audiences and as part of a team in a environment. Specific experience integrating OT data sources with enterprise SIEM platforms. Knowledge of security frameworks and standards relevant to OT (e.g., NIST SP 800- 82, IEC 62443). Experience with scripting languages (e.g., Python, PowerShell) for SIEM automation and data manipulation. Relevant certifications such as GICSP, GRID, CISSP, or SIEM-specific certifications. Familiarity with threat intelligence platforms and their integration with SIEM for OT threat detection. The Preferred - You Might Also Have: You will have to understand relevant evolving technology, understand complex technology dependency and working across a range of service offerings that may leverage a wide array of technologies and partners. Develop key product service launches Collaborative culture across the automation engineering team while meeting CI objectives Adopt technology best practices around technology vendor evaluation and managing maintenance of technology platforms. What We Offer: Our benefits package includes Comprehensive mindfulness programmes with a premium membership to Calm Volunteer Paid Time off available after 6 months of employment for eligible employees Company volunteer and donation matching program - Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program Personalized wellbeing programmes through our OnTrack program On-demand digital course library for professional development ... and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if youre excited about this role but your experience doesnt align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. #LI-Hybrid #LI-SM1 Rockwell Automation s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.