10 Siem Solutions Jobs

Creation of supporting SOPs in line with policy requirements. Integration of all new devices (on-premise and AWS cloud) with SIEM. Experience in threat hunting, red teaming, and cyber drills. Monitoring the status of device integration and supporting teams to ensure smooth operation in case of any breakage. Support teams for defining SOPs and performing triage. Ensuring the functioning of the SIEM tool and related processes as per the mentioned requirements. Reporting computer security events in accordance with established processes and procedures. Coordinate with system owners and other departments (IDC/NOC/TOPS/Enterprise IT) as needed to analyze events and drive necessary requirements for closure. Support ongoing analysis and response of computer security incidents by SOC (Monitoring) Team. Creation of new use cases/reports as per business requirements. Creation of new use-cases specific to the banking environment. Creation of new dashboards in the SIEM console as per requirements. SIEM tickets closure. Drive key security operations responsibilities (e.g., secure code review, configuration review). Experience / Job Competencies / Success Factors: 10+ years of technical experience working in a SOC or incident response, preferably with BFSI sector experience, especially in banking. Experience with one or more Security Information and Event Management (SIEM) solutions, especially with Dnif. In-depth understanding of security threats, threat attack methods, and the current threat environment. Experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Excellent troubleshooting and analytical skills with the ability to articulate and propose security solutions in business terms. Ability to multitask in a fast-paced environment. Provide support for audit and compliance requirements within defined timelines. Must be comfortable working in a fast-paced environment with tight deadlines and changing priorities. Understanding of network protocols, network capture/analysis tools such as Wireshark. Understanding of Linux and Windows operating systems and OS event logging. Experience working with AWS environments. Comfortable working with different security solutions in a diverse IT infrastructure environment, including: FireEye network APT, Palo Alto Firewalls, WAF - F5, HIPS - TrendMicro, PIM - CyberArk, Qualys Vulnerability Scanner, TrendMicro Endpoint security suite and APT, Honey Pot-Smokescreen. Experience in developing production SIEM use cases. Ability to work non-core hours (swing or night shift) if necessary. Certifications: Security+, CEH, CISSP, SANS Course of Incident Response, Digital Forensics.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion it's a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L3) is a seasoned engineering role, responsible for providing a service to clients by proactively identifying and resolving technical incidents and problems. Through pre-emptive service incident and resolution activities, as well as product reviews, operational improvements, operational practices, and quality assurance this role will maintain a high level of service to clients. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and is responsible for managing tickets of high complexity, conducts advanced and complicated tasks, aware of client's high level and low-level security architecture and provides resolution to a diverse range of complex problems. This position uses considerable judgment and independent analysis within defined policies and practices and applies analytical thinking and deep technical expertise in achieving client outcomes, while coaching and mentoring junior team members across functions. The Security Managed Services Engineer (L3) may also contribute to / support on project work as and when required. What you'll be doing Key Responsibilities: Ensures that assigned infrastructure at the client site is configured, installed, tested, and operational Performs necessary checks, apply monitoring tools and respond to alerts. Identifies problems and errors prior to or when it occurs and logs all such incidents in a timely manner with the required level of detail. Assists in analyzing, assigning, and escalating support calls. Investigates third line support calls assigned and identify the root cause of incidents and problems Reports and escalates issues to 3rd party vendors if necessary. Provides continuous feedback to clients and affected parties and update all systems and/or portals as prescribed by the company. Proactively identifies opportunities for work optimization including opportunities for automation of work. Coaches L2 teams for advance technical troubleshooting and behavioral skills. May manage and implement projects within technology domain, delivering effectively and promptly per client agreed upon requirements and timelines. May work on implementing and delivering Disaster Recovery functions and tests. Performs any other related task as required. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups Ability to plan activities and projects well in advance and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience) Relevant certifications depending on technology domain expertise such as (but not limited to) - CCNP in Security or PCNSE certification or Firewall Vendor related certification is good to have along with advance technical certification like CCIE, CISSP. Required Experience: Seasoned Managed Services experience handling complex Security Infrastructure. Seasoned experience required in Engineering function within a medium to large ICT organization. Seasoned working knowledge of ITIL processes. Seasoned experience working with vendors and/or 3rd parties. Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

You are a Cybersecurity Implementation Engineer with at least 2 years of relevant experience, specializing in customer parser development, Yara rules creation, playbook implementation, and data ingestion techniques. In this role, you will be involved in designing and implementing cutting-edge cybersecurity solutions while collaborating with a team of skilled professionals. Your responsibilities will include developing custom parsers to extract and normalize data from various sources, designing and maintaining Yara rules for threat detection, creating playbook automation for incident response, and implementing data ingestion pipelines for analyzing security data. You will work closely with cross-functional teams to understand customer requirements, identify emerging threats, and provide technical support during security incident response activities. To qualify for this position, you should hold a Bachelor's degree in Computer Science, Information Security, or a related field. You must have hands-on experience in cybersecurity, data analysis, detection engineering, and implementing custom parsers for log and data normalization. Proficiency in creating and managing Yara rules, designing playbook automation, and utilizing tools like Demisto and Phantom is essential. Additionally, you should be familiar with data ingestion technologies, SIEM solutions such as Splunk and ELK, and possess excellent analytical, troubleshooting, and communication skills. If you are a dedicated cybersecurity professional with expertise in customer parser development, Yara rules creation, playbook implementation, and data ingestion techniques, we invite you to join our team. Help us in our mission to safeguard our organization and customers from cyber threats by sharing your updated profile at naveen.vemula@netenrich.com.,

As an experienced Cloud Monitoring & SOC Specialist, you will be leading the optimization and integration of the monitoring ecosystem. Your passion for transforming data into actionable insights and reducing alert fatigue will be instrumental in this role. Your responsibilities will include consolidating and integrating various tools such as SolarWinds, Instana, Google Cloud Operations, VMware Log Insight, and Rapid7 into a unified monitoring ecosystem. You will architect clear and efficient monitoring and incident-response workflows, implementing centralized AI-driven alerting to minimize noise and accelerate detection. In addition, you will be responsible for developing methods for proactive monitoring and continuous improvement by learning from incidents and iterating on processes. Configuring and maintaining essential NOC/SOC dashboards and monthly capacity reports for leadership visibility will also be part of your role. To qualify for this position, you should have deep technical expertise with 8-10 years of experience in monitoring architecture, tool integration, and SOC operations. Hands-on experience with infrastructure monitoring, APM, cloud (GCP), centralized logging, and SIEM solutions is required. Familiarity with tools such as SolarWinds, Instana, Google Cloud Operations, VMware Log Insight, and Rapid7 is considered a strong advantage. A proven track record of designing effective alert rules, incident-response playbooks, and automated workflows is essential. Experience in writing and refining monitoring procedures, SLAs, runbooks, and regular capacity/performance reports is also required. Strong communication skills and the ability to collaborate with DevOps, SecOps, and IT teams to drive continuous improvement are key attributes for success in this role.,

At EY, you have the opportunity to shape a career tailored to your unique abilities, supported by a global network, inclusive environment, and cutting-edge technology to empower your growth. Your individuality and insights will contribute to EY's continuous improvement. Embrace this chance to craft an exceptional journey for yourself while contributing to a more productive working world for all. As a Senior in Cyber Managed Service - Threat Detection & Response focusing on Security Orchestration, Automation and Response (Splunk SOAR), your key capabilities include exceptional teamwork, a drive to combat cyber threats, and collaborating with customers to devise security automation strategies. You will work with the team to deliver innovative integrations and playbooks, ensuring practical solutions to customer challenges. Your responsibilities encompass the execution and upkeep of Splunk SOAR analytical processes, platform management, development of custom scripts and playbooks for task automation, and leveraging Python, REST API, JSON, and basic SQL. Your role involves utilizing Incident Response and Threat Intelligence tools, creating efficient Python-based Playbooks, and employing the Splunk SOAR platform for automation across various technologies. Collaboration with security operations teams, incident responders, and intelligence groups is crucial. Experience in security operations centers and familiarity with SIEM solutions like Splunk and Microsoft Sentinel is advantageous, as is knowledge of Splunk content development. You should be eager to learn new technologies, contribute to technical content development, and conceptualize automation for business workflows. Proficiency in network monitoring technologies and endpoint protection platforms is desired. Your ability to support production issues, engage with stakeholders, coordinate with vendors for incident closure, and develop remediation action plans is essential. Ideal qualifications include a minimum of 3+ years in cybersecurity with network architecture expertise, experience in deploying and integrating Splunk SOAR in enterprise environments, and familiarity with ServiceNow SOAR. Strong communication skills, network administration background, scripting proficiency, and a technical degree are required. Additionally, certifications in Splunk and core security disciplines are beneficial. Join EY in building a better working world, where diverse teams worldwide use data and technology to provide assurance and support client growth and transformation. Be a part of EY's mission to address complex global challenges through innovative solutions across assurance, consulting, law, strategy, tax, and transactions.,

Dream11 is seeking a skilled Senior Security Engineer - Security Operations to strengthen our defense against evolving threats. If you have over 5 years of experience in SecOps, incident response, or threat hunting, and a strong background in SIEM implementation, you'll be crucial in maintaining security compliance and building automated defense frameworks. Your Role Integrate data sources, analyze logs, write/fine-tune alerts, and maintain security compliance across the infrastructure. Manage and implement SIEM solutions for both on-premise and cloud architectures. Develop and optimize the incident response framework , including processes, playbooks, and documentation. Develop and optimize the threat hunting/intelligence framework , including processes, playbooks, and documentation. Build automated frameworks to remediate threats without human intervention based on incident response policies. Effectively communicate with internal and external stakeholders to drive the security operations roadmap . Qualifiers 5+ years of work experience in SecOps/Incident Response/Threat hunting (Blue Team)/SIEM tool implementation . Working knowledge of security technologies like EDR/Firewalls/Antivirus/SOAR .

As a member of our team at FIS, you will be part of a dynamic and innovative environment that tackles some of the most challenging issues in financial services and technology. We value curiosity, motivation, and forward-thinking individuals who thrive in an open, collaborative, and fun team setting. You will have the opportunity to work alongside a talented group of individuals dedicated to providing cutting-edge financial technology solutions on a global scale. Your role will involve executing security controls to safeguard company information, maintaining security systems, and enforcing security policies to regulate system access. Additionally, you will be responsible for researching potential security breaches, creating security documentation, and responding to security-related inquiries using established protocols. A key aspect of your responsibilities will involve managing and expanding coverage of the SIEM solution, identifying and implementing security controls, and collaborating with the user community to understand and address security needs. You will also play a vital role in developing custom automations to streamline processes and enhancing workflow efficiency. To excel in this role, you should possess knowledge and experience in deploying SIEM solutions, cloud technologies, network technologies, and security technologies. Strong time management, communication, decision-making, and organizational skills are essential, along with the ability to establish and maintain effective working relationships with both technical and non-technical audiences. The ideal candidate will hold a Bachelor's degree in computer science or have an equivalent combination of education, training, and work experience. This position is classified as a developing level professional role, requiring moderate skills with a high level of proficiency and the ability to work on complex projects in various technical environments. If you are looking to be part of a forward-thinking team that is dedicated to innovation and excellence in financial technology solutions, we encourage you to apply for this exciting opportunity at FIS.,

Candidate must have expertise in selling cybersecurity products/services, experience in revenue and target ownership and a strong track record in team leadership and mentoring. Engage with customers to assess their technical requirements, Required Candidate profile Certifications such as CISSP, CISM, CEH, or vendor-specific certifications. Understanding of cybersecurity products and services, The candidate must have deep expertise in corporate/B2B sales.

Job Description We are looking for a Senior Identity Access Management Engineer (PAM Architecture) to lead the design of our PAM architecture strategy. This role will also involve contributing to the design and implementation of the PAM platform and its associated tools. Responsibilities: Develop a comprehensive PAM architecture strategy that aligns with organizational objectives and regulatory requirements. Lead the design contribute to the development and deployment of PAM solutions, focusing on workload access controls and secrets management. Contribute to the implementation and management of secrets management solutions ensuring secure storage, access and rotation of privileged credentials. Leverage PAM tools such as CyberArk, HashiCorp Vault, and Microsoft Entra ID to enhance security measures and streamline access management processes. Design PAM policies, standards, and procedures to ensure consistent and secure management of privileged accounts. Ensure PAM practices comply with organizational policies and regulatory requirements. Assess the effectiveness of PAM controls, making data-driven decisions to reduce risk and enhance security posture. Collaborate with technology and business partners to identify and mitigate risks associated with privileged access. Stay current with emerging trends and technologies in PAM and cybersecurity and driving enhancements to existing solutions. Qualifications 6+ years of experience in Privileged Access Management using PAM Solutions like CyberArk/StrongDM as an Architect/SME. Strong industry experience in architecting and designing PAM solutions and deployment across the enterprise. Deep technical understanding of PAM capabilities, controls and security technologies in areas related to identity and access management to address privilege-based risk. Familiarity with regulatory requirements related to PAM, such as PCI DSS, HIPAA, or GDPR. Expertise with build vs. buy solution options. Good understanding of security concepts and technologies in the wider Identity and Access Management space: Logical Access Controls, LDAP and RBAC, Authentication solutions, PKI concepts, and SIEM solutions. Proficient in Privileged Access Management (PAM) concepts and standard processes, covering privileged account discovery and vaulting, session management, DevOps secret management, and endpoint privilege management. Nice to have: Experience with Python, PowerShell, and Bash. We offer: Culture of Relentless Performance: join an unstoppable technology development team with a 99% project success rate and more than 30% year-over-year revenue growth. Competitive Pay and Benefits: enjoy a comprehensive compensation and benefits package, including health insurance, and a relocation program. Work From Anywhere Culture: make the most of the flexibility that comes with remote work. Growth Mindset: reap the benefits of a range of professional development opportunities, including certification programs, mentorship and talent investment programs, internal mobility and internship opportunities. Global Impact: collaborate on impactful projects for top global clients and shape the future of industries. Welcoming Multicultural Environment: be a part of a dynamic, global team and thrive in an inclusive and supportive work environment with open communication and regular team-building company social events. Social Sustainability Values: join our sustainable business practices focused on five pillars, including IT education, community empowerment, fair operating practices, environmental sustainability, and gender equality. * Miratech is an equal opportunity employer and does not discriminate against any employee or applicant for employment based on race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity, or any other protected status under applicable law.

Job Description We are looking for a Senior Identity Access Management Engineer (PAM Architecture) to lead the design of our PAM architecture strategy. This role will also involve contributing to the design and implementation of the PAM platform and its associated tools. Responsibilities: Develop a comprehensive PAM architecture strategy that aligns with organizational objectives and regulatory requirements. Lead the design contribute to the development and deployment of PAM solutions, focusing on workload access controls and secrets management. Contribute to the implementation and management of secrets management solutions ensuring secure storage, access and rotation of privileged credentials. Leverage PAM tools such as CyberArk, HashiCorp Vault, and Microsoft Entra ID to enhance security measures and streamline access management processes. Design PAM policies, standards, and procedures to ensure consistent and secure management of privileged accounts. Ensure PAM practices comply with organizational policies and regulatory requirements. Assess the effectiveness of PAM controls, making data-driven decisions to reduce risk and enhance security posture. Collaborate with technology and business partners to identify and mitigate risks associated with privileged access. Stay current with emerging trends and technologies in PAM and cybersecurity and driving enhancements to existing solutions. Qualifications 7+ years of experience in Privileged Access Management using PAM Solutions like CyberArk/StrongDM as an Architect/SME. Strong industry experience in architecting and designing PAM solutions and deployment across the enterprise. Deep technical understanding of PAM capabilities, controls and security technologies in areas related to identity and access management to address privilege-based risk. Familiarity with regulatory requirements related to PAM, such as PCI DSS, HIPAA, or GDPR. Expertise with build vs. buy solution options. Good understanding of security concepts and technologies in the wider Identity and Access Management space: Logical Access Controls, LDAP and RBAC, Authentication solutions, PKI concepts, and SIEM solutions. Proficient in Privileged Access Management (PAM) concepts and standard processes, covering privileged account discovery and vaulting, session management, DevOps secret management, and endpoint privilege management. Nice to have: Experience with Python, PowerShell, and Bash. We offer: Culture of Relentless Performance: join an unstoppable technology development team with a 99% project success rate and more than 30% year-over-year revenue growth. Competitive Pay and Benefits: enjoy a comprehensive compensation and benefits package, including health insurance, and a relocation program. Work From Anywhere Culture: make the most of the flexibility that comes with remote work. Growth Mindset: reap the benefits of a range of professional development opportunities, including certification programs, mentorship and talent investment programs, internal mobility and internship opportunities. Global Impact: collaborate on impactful projects for top global clients and shape the future of industries. Welcoming Multicultural Environment: be a part of a dynamic, global team and thrive in an inclusive and supportive work environment with open communication and regular team-building company social events. Social Sustainability Values: join our sustainable business practices focused on five pillars, including IT education, community empowerment, fair operating practices, environmental sustainability, and gender equality. * Miratech is an equal opportunity employer and does not discriminate against any employee or applicant for employment based on race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity, or any other protected status under applicable law.