16 Siem Technologies Jobs

In this role at Tradeweb Markets, you will be part of Tradeweb's Security Operations team, contributing to the protection of clients and employees from evolving threats. Your responsibilities will include overseeing a team of SOC engineers, enhancing existing security operations processes, and collaborating with various cybersecurity experts and business teams. As a key member of the technical incident response team, you will focus on forensics, log analysis, and threat intelligence to ensure a secure environment. **Key Responsibilities:** - Oversee a team of SOC engineers to provide 24x7x365 detection and response capabilities - Enhance existing processes to deliver measurable results across SecOps OKRs - Execute technical incident response processes including forensics, log analysis, and report creation - Collaborate with Cyber Threat Intelligence teams to stay updated on current threat actor TTPs - Manage relationships with security vendors to uphold Tradeweb standards - Train and mentor security engineers in incident response, threat hunting, and security automation - Build partnerships with key stakeholders in Compliance, Infrastructure, and Risk organizations - Publish metrics, KPIs, and KRIs while providing updates to senior management **Qualifications:** - Minimum 10 years of experience in information security with 6 years in security operations, incident response, or cyber threat investigations - Expertise in Windows and Unix environments focusing on forensic analysis - Experience leading and maturing security teams with strong technical skills - Knowledge of SIEM technologies and hands-on experience with tools like Splunk, ELK, XSIAM, QRadar - Ability to translate technical, legal, and compliance requirements in a regulated environment - Effective communicator able to convey cyber risk to diverse audiences - Deep understanding of network security architecture, internet protocols, and web service technologies - Financial services or FinTech experience preferred - CISSP, CISM, or equivalent certifications are advantageous Join Tradeweb Markets and be a part of a dynamic team dedicated to enhancing electronic trading and maintaining a secure environment for clients and employees.,

As a Security Analyst at our high-performance team in Mumbai, you will be responsible for monitoring security events and alerts to identify potential malicious behaviors. Your role will involve evaluating the type and severity of security events using packet analyses, an in-depth understanding of exploits and vulnerabilities, and providing incident response and escalation to the incident response team. This is a 24x7 role with a fully work from office option only. Your responsibilities will include using SIEM technologies and other native tools for 24x7 monitoring of security events, managing inbound requests via the ticketing system and telephone calls, and providing security notifications through incident tickets, emails, and telephone calls. You will conduct analysis on logs produced by network devices, perform security events analysis, identify potential threats and anomalies, document findings, provide recommendations, and perform cybersecurity root-cause analysis for any unresolved tickets. To excel in this role, you will need a Bachelor's degree or equivalent in Computer Science, Systems Engineering, Cybersecurity, Information Technology, or a related area, along with a minimum of 4 years of monitoring experience in a Cyber Security Operations Center. Technical expertise in troubleshooting Microsoft products and operating systems is essential, with desirable knowledge of MAC OS and Linux. An understanding of basic network services, TCP/IP, IP Routing, attacks, exploits, vulnerabilities, experience with VPN, SSL, encryption methodology, and working knowledge of Security Operations Center protocols is required. Desired certifications for this role include CompTIA Security+, Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), Certified SOC Analyst (CSA), and Microsoft Certified: Security Operations Analyst Associate. Experience with security tools and technologies such as SIEM, IDS/IPS, Web application firewalls, Antivirus, Proxy and Url filtering, DLP, and Vulnerability scanner is preferred. At Kroll, we bring clarity and truth into focus with the Kroll Lens, using sharp analytical skills and the latest technology to provide clients with valuable insights across various business areas. We value diverse backgrounds and perspectives that enable us to think globally and offer a supportive and collaborative work environment. As part of One team, One Kroll, you will contribute to an environment that empowers you to excel. Kroll is a global valuation and corporate finance advisor with expertise in complex valuation, disputes and investigations, M&A, restructuring, compliance, and regulatory consulting. Our professionals leverage analytical skills, market insight, and independence to help clients make informed decisions. We think globally as an organization and encourage our employees to do the same. Kroll is committed to equal opportunity and diversity in recruitment based on merit. To be considered for a position, please apply formally via careers.kroll.com.,

Marriott Tech Accelerator is a division of Marriott International, a renowned global leader in the hospitality industry. Marriott International, Inc. is a prominent American multinational corporation with a diverse portfolio of lodging brands, encompassing hotels and residential properties worldwide. With a presence in over 141 countries and territories, Marriott International boasts more than 30 well-established brands and nearly 8,900 properties. As a Senior Manager, Security Architecture at Marriott, you will play a pivotal role in overseeing Security Data Lakes (SDL) environments and AI/ML Security Technologies. Your primary responsibility will involve spearheading the development and management of a comprehensive SDL strategy to bolster Marriott's cybersecurity capabilities and ensure compliance with regulatory mandates. The ideal candidate for this role should possess a fervor for data, business intelligence (BI), SDL, AI/ML, and emerging technologies, coupled with a visionary outlook towards crafting next-generation capabilities and a tenacious drive for achieving success. In this capacity, you will serve as a subject matter expert and lead architect for data lakes within the Data Platform team, with a special focus on the SDL domain. Your duties will encompass conducting research, analysis, design, and development across a broad spectrum of cutting-edge data capabilities and products. Specifically, you will be tasked with establishing technical standards, designing the semantic data modeling layer, and defining metrics within the SDL domain. Furthermore, you will be instrumental in setting data modeling standards to ensure uniform and efficient data models across all data products. Taking ownership of technical aspects and support for Service Provider deliverables, you will guide their technical personnel to ensure the delivery of high-quality outputs adhering to our technical standards and best practices, while also ensuring scalability. Additionally, you will explore emerging technologies that promise future capabilities and seek solutions for intricate technical challenges, making informed decisions on complex, non-routine requests to aid analytics-driven decision-making by Marriott's business units. The role demands 8-10 years of progressive architecture and engineering experience across various domains like Security SDL, Machine Learning, AI, SIEM Technologies, and familiarity with security tools such as Splunk, Cribl, and AWS. You should exhibit a strong aptitude for conducting Proof of Concepts (POCs) and delivering demos to leadership, possess exceptional communication skills, and demonstrate the ability to plan resource requirements based on high-level specifications. Experience in data management, data analytics, data science in a regulated global enterprise setting, as well as information protection and security, are crucial aspects for this role. Moreover, candidates should have a track record of 2+ years in direct management or team leadership roles within technical teams, coupled with 3+ years of experience involving responsibilities related to data pipeline management, security architecture, cybersecurity incident response, compliance, or investigative processes. Additional qualifications such as AWS Solutions Architect or Developer certification, proficiency in agile methodologies, familiarity with security standards and regulatory requirements related to AI and data protection, and knowledge of AI/ML frameworks and platforms are highly desirable. Education-wise, a Bachelor's degree in computer/data sciences, information management, or a related technology or security field, or equivalent experience/certification, is required for this position. The work location for this role is Hyderabad, India, with a hybrid work mode in place.,

Career Level Summary Requires working knowledge and experience in own job discipline and broadens capabilities Continues to build knowledge of the company, processes and customers Performs a range of assignments related to job discipline Uses learned and prescribed guidelines or processes in analyzing situations Receives a moderate level of guidance and direction Critical Competencies Systems Thinking : Assists with a whole systems approach to analyzing issues by ensuring all components (structure, people, process and technology) are identified and accounted for Idea Creation : Provides ideas and designs new solutions, methods and products to update what existed prior Key Responsibilities Integration of security products into RMS and GES operations. Frontline support & end-to-end management of fleet-wide security tooling within RMS customer and GES internal environments. Engineering of internal and external capabilities & infrastructure to support security tooling. Automation of customer lifecycle workflows. Review & contribute to the development of technical documentation. Development of security tooling to improve automation & enhance quality of workflows. Assessment of environments to deploy security capabilities. Perform audit / QC of targeted environments through monitoring & report on agent coverage status. Fleet Management lifecycle (patches, upgrades). Provide technical guidance for RMS teams & RMS customers support meetings / calls as required. Validate & advise on supported RMS customer architectures handle customer deviations from supported architectures. Manage early access product releases & provide SME for development & product teams. Ability to diagnose & rectify the most complex server & system issues. Due to 24/7/365 Security Operations Center operation, available for out-of-hours work on occasion. Knowledge Building managing and maintaining physical, virtual, and cloud based infrastructure. Scripting Techniques Using Fleet Automation Ansible, Jenkins Linux Troubleshooting Antivirus Endpoint Detection and Response (EDR) Vulnerability Management SIEM Technologies (Security Information and Event Management) Intermediate Understanding of: Configuration Management Hardening standards (CIS, NIST) Security Concepts, principles, and technologies Compliance Frameworks (ISO27k, PCI, HiTrust, SOC1 and SOC2, etc) Public cloud Platforms (AWS, Azure, GCP)

A career in our Advisory Service Delivery Centre is the natural extension of PwC's leading-class global delivery capabilities. We provide premium, cost-effective, high-quality services that support process quality and,

You are invited to join our Information Security team as an Enterprise IT Security Analyst specializing in Security Operations Center (SOC) activities. In this role, you will play a crucial part in maintaining the security and effectiveness of our security operations by monitoring security alerts, analyzing incidents, and contributing to incident response processes. Your expertise in SOC operations, incident response, and security monitoring tools will be invaluable in supporting SOC initiatives. Your key responsibilities will include monitoring security alerts and events using tools such as Splunk, Microsoft Sentinel, Kusto (KQL), or Splunk Search Processing Language (SPL). You will be tasked with analyzing and triaging security incidents, assisting in incident response processes, handling security incidents and tickets, conducting security assessments, and contributing to the design of SOC use cases. Additionally, you will provide technical support for SOC-related issues, leverage AWS skills for cloud security monitoring, and stay up-to-date with the latest SOC trends and technologies. To excel in this role, you must possess a Bachelor's degree in computer science or a related field, along with 3 years of experience in SOC operations. A CompTIA Security+ certification or similar qualification is required, as well as experience with SIEM technologies and a strong understanding of SOC principles, practices, and frameworks. Your proven experience in incident response and management will be highly beneficial. While not mandatory, proficiency in AWS cloud security and Windows Defender, excellent problem-solving and analytical skills, strong communication abilities, and the capacity to work both independently and as part of a team are considered advantageous. Experience in a SOC analyst role within a security operations team and knowledge of cloud security challenges will also be beneficial. At Notified, we value diversity and are committed to providing equal opportunities for all. This role is based out of The Leela Office in Bangalore, with a hybrid work schedule that allows flexibility in your working arrangements. By joining our team, you will have the opportunity to work in an international environment, foster innovation and creativity, and benefit from comprehensive health insurance and extensive learning opportunities. Your contributions will help us amplify stories globally and support our clients in reaching their audiences effectively.,

Join our dynamic team as a Cyber Security Analyst where you will play a crucial role in safeguarding our digital assets. With a focus on Security Operations Center (SOC), you will monitor and respond to security incidents, ensuring the integrity and confidentiality of our systems. This hybrid role offers the opportunity to work both remotely and on-site with occasional travel required. Your responsibilities will include monitoring security alerts and incidents using SOC tools, analyzing security incidents to determine root causes, collaborating with IT teams to develop and implement security measures, conducting regular security assessments, providing expert guidance on security best practices, developing incident response plans, utilizing Microsoft Sentinel for threat detection, preparing detailed reports on security incidents, staying updated on cybersecurity threats and trends, participating in policy development, conducting training sessions, and coordinating with external partners and vendors for comprehensive security coverage. To qualify for this role, you should possess a strong understanding of SOC and Security Information and Event Management (SIEM) technologies, demonstrate expertise in cybersecurity principles and practices, have hands-on experience with C-SOC and Microsoft Sentinel, exhibit knowledge of compliance standards such as SOC1 Type1&2 SAAE18 and SSAE16, show proficiency in conducting security assessments and audits, display excellent analytical and problem-solving skills, and communicate effectively with technical and non-technical stakeholders. The certifications required for this position are Certified Information Systems Security Professional (CISSP) and Certified SOC Analyst (CSA).,

You should have at least 6-10 years of experience, with a minimum of 5+ years specifically in Microsoft DLP (Microsoft Defender/MS Purview & Compliance) and Microsoft Sentinel, or equivalent tools for data leakage prevention. Your role will involve evaluating data loss products, building and implementing them, integrating with existing systems, and providing technical support and stakeholder management. Your responsibilities will include hands-on experience in rule creation and maintenance, antispam and anti-phishing administration, report analysis, and making recommendations for future configurations and rules. Knowledge or exposure to Data Loss Prevention integration with SIEM technologies like Splunk, HP ArcSight, etc., will be beneficial. It would be advantageous to have knowledge of programming languages such as Java, .NET, Python, etc. The top 3 skills required for this role include proficiency in MS Purview & Compliance (MS DLP), MS Sentinel, and basic scripting for automation. If you find this opportunity exciting, please share your resume at deepika.eaga@quesscorp.com.,

Job description Engineering leadership and support for existing and future SIEM and SOAR technology (Splunk ES, Phantom, etc.) Requirements To be successful in this role you should have proven experience within the Technology sector with knowledge of the following skills: . The role requires an experienced systems engineer with strong technical leadership and collaboration skills.The ideal candidate will have significant experience in SIEM technologies, Linux and/or Windows system administration and cloud infrastructure (e.g. Splunk ES, Splunk SOAR, RHEL/AL2, Windows Server, AWS platform services, etc.). Technical expertise of enterprise-level SIEM technology and logging frameworks. Extensive experience in deploying, configuring, upgrading and administering Splunk clusters at scale. An ability to perform installation, configuration management, capacity planning, license management, data integration, data transformation, field extraction, event parsing, data preview and application management of Splunk. Scripting/Programming experience with Python, Bash, Powershell. .An ability to communicate complex and technical issues to diverse audiences. .Self-motivated and possessing of a high sense of urgency and personal integrity. A team-focused mentality with the proven ability to work effectively with diverse stakeholders. .Ability to orchestrate, manage and successfully implement major procedural and technological change within a complex, global organization. .Formal education and advanced degree in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience in the same fields. Bonus points for: .Experience with Splunk deployment and management in AWS. You'll achieve more when you join HSBC HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. Issued by - HSBC Software Development India

Tradeweb Markets is a global leader in electronic trading, catering to approximately 2,500 clients worldwide, spanning various sectors such as banks, asset managers, hedge funds, insurance companies, wealth managers, and retail clients across 65 countries. Since its inception in 1998, Tradeweb has been instrumental in revolutionizing and digitizing the fixed income markets. The company prides itself on a culture centered around innovation, creativity, and collaboration, leveraging the expertise of talented individuals, cutting-edge technology, and a wide network of clients to enhance financial market trading practices. As part of Tradeweb's Security Operations team, you will play a crucial role in safeguarding clients and employees from evolving cyber threats. The position involves supporting and improving the Security Operations program during the transition to a hybrid operating model. The ideal candidate should possess a blend of hands-on technical proficiency and exceptional communication skills to convey complex concepts in layman's terms. Additionally, the role offers opportunities to collaborate with cybersecurity experts spanning infrastructure, data analytics, application development, and business units. Reporting to the Director of Security Operations, you will lead a team of security operations engineers responsible for providing round-the-clock detection and response capabilities. Your key responsibilities will include enhancing existing processes to achieve measurable outcomes, executing technical incident response procedures, collaborating with Cyber Threat Intelligence teams, managing relationships with security vendors, training and mentoring security engineers, and establishing partnerships with various business stakeholders. The qualifications for this role include a minimum of 10 years of experience in information security and related technical fields, with at least 6 years dedicated to security operations, incident response, or cyber threat investigations. Proficiency in Windows and Unix operating systems, along with expertise in disk and memory forensic analysis, is essential. The candidate should have a proven track record of leading and developing security teams, familiarity with SIEM technologies like Splunk or ELK, and the ability to interpret and implement technical and compliance requirements in regulated environments. Moreover, effective communication skills, a deep understanding of network security architecture, financial services background, and certifications such as CISSP or CISM are advantageous for this role. By joining Tradeweb, you will be part of a dynamic team committed to enhancing the efficiency, connectivity, and transparency of electronic trading within the global financial markets.,

You are an experienced and skilled Privileged Access Management (PAM) Programmer with 7 to 15 years of expertise in the IT industry, including a minimum of 5 years focused on Privileged Access Management. Your role as a Privileged Access Management Programmer at Persistent involves designing and implementing PAM solutions for clients, assessing their infrastructure and security needs, configuring and customizing PAM components, and leading PAM projects. As the technical leader of the PAM team, you will be involved in strategy development, planning, and implementation for end clients. Your responsibilities include providing guidance to the implementation team, conducting testing and troubleshooting, defining access controls and policies for privileged accounts, and collaborating with cross-functional teams to integrate PAM solutions successfully. You are expected to have extensive hands-on experience in implementing, configuring, and administering PAM solutions such as Delinea and CyberArk. Your knowledge of cybersecurity principles, privileged access management concepts, and best practices will be crucial in securing privileged access and preventing insider threats. Additionally, you should be familiar with integrating privileged management solutions with tools like Active Directory, Azure/OKTA SAML, SMTP, and NTP, as well as with Monitoring tools and SIEM technologies like Splunk and HP ArcSight. At Persistent, you will enjoy competitive salary and benefits, a culture focused on talent development, opportunities to work with cutting-edge technologies, and various employee engagement initiatives. The company values diversity and inclusion, offering a hybrid work environment, flexible working hours, and accessible facilities for employees with disabilities. If you have specific requirements, you are encouraged to communicate them during the application process or at any point during your employment. Persistent is committed to creating an inclusive environment where all employees can thrive, accelerate their growth both professionally and personally, make a positive impact using the latest technologies, and enjoy collaborative innovation with diversity and work-life wellbeing at the core. Join Persistent to unlock global opportunities and unleash your full potential in a value-driven and people-centric work environment.,

You will be responsible for monitoring, analyzing, and detecting security events and incidents. Your role will involve managing, tuning, and optimizing the SIEM tool (LogRhythm) to meet business requirements. You will also provide recommendations to clients" security teams to enhance security controls such as IDS/IPS, endpoint security, vulnerability management, and data loss prevention (DLP). Collaboration with the SOC manager will be essential for creating new operational guidelines, processes, and procedures. In the 24X7 SOC Environment, you will manage shifts and the team, serving as the first point of escalation for the SOC team and assigning work tasks to team members. Handling escalated security incidents and conducting deep dive analysis, threat hunting, and malware analysis will be part of your responsibilities. Continuous improvement in security operations will be a key focus, along with ensuring that service level agreements are met and processes are followed. You will guide and mentor L1 and L2 analysts in investigating and mitigating security threats and incidents. The ideal candidate should have more than 5 years of experience in the information security field and be well-versed in security operations, intrusion detection, and incident handling. Experience in security monitoring with SIEM technologies such as LogRhythm and Splunk is required. Strong teamwork, adaptability to a dynamic environment, and a customer service-oriented approach are essential qualities. Additionally, proficiency in communication, writing, interpersonal skills, and leadership skills is necessary. You will be expected to have knowledge of current and emerging technologies and processes used within a SOC to enhance efficiency and effectiveness. Proficiency in case management and ticketing systems is desired. Experience with various SOC tools like LogRhythm, Sourcefire IPS/IDS, Cisco AMP, Digital Guardian, Cisco Ironport, Cloudflare, and System Center Endpoint Protection is advantageous. Good understanding of network security, TCP/IP, Linux, Windows, etc., is also beneficial. Join EthicalHat Cyber Security Pvt. Ltd. to lead and mentor staff, provide growth opportunities through delegation, training, and project assignments, and contribute to the enhancement of security operations.,

At EY, you will have the opportunity to shape a career that reflects your uniqueness, supported by a global network, inclusive environment, and cutting-edge technology to help you reach your full potential. Your distinctive voice and perspective are crucial in contributing to the continuous improvement of EY. Join us in creating an exceptional experience for yourself while working towards a better working world for all. As an EY Cyber Security Threat Detection & Response (TDR) Operations Manager, you will play a pivotal role in managing Operations and Delivery for TDR projects, ensuring effective security incident investigation support and adherence to client SLAs and KPIs through the utilization of various SIEM, EDR, and NSM solutions. Your responsibilities include overseeing the detection, reporting, and response to security incidents, managing security tools and technologies, leading the Security Operations Centre (SOC), and ensuring Service Level Agreements are met. Additionally, you will provide technical guidance to junior team members, enhance security monitoring processes, and communicate complex technical concepts to both technical and non-technical stakeholders. Key Skills and Attributes: - Proficiency in SIEM technologies like Microsoft Sentinel and Splunk - Extensive experience in Security Monitoring and Cyber Incident Response - Knowledge of cloud security, IOT/OT, and network monitoring platforms - Familiarity with endpoint protection tools such as Carbon Black, Defender, and CrowdStrike - Ability to work autonomously and prioritize customer service - Strong communication and interpersonal skills - Minimum 10 years of experience in implementing SIEM solutions and Project Management - Certification in a SIEM platform and relevant certifications (CISM, CEH, CISSP, etc.) - Understanding of RegEx, Perl scripting, and SQL query language is advantageous To qualify for this role, you should hold a B. Tech./ B.E. degree, exhibit technical proficiency, work effectively in different time zones, and possess excellent English language skills. You should demonstrate a combination of technical expertise, critical thinking, and strong leadership abilities. Ideal candidates will have a proven track record in leading SOC operations, configuring SIEM solutions, and a commitment to continuous improvement. Join EY in our mission to build a better working world through innovation, trust, and collaboration across diverse teams worldwide. EY | Building a better working world,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As part of our EY-cyber security team, you shall work as a SOC Senior consultant who will assist clients in the administration and management of security solutions. We're looking for a Senior Security consultant with expertise in CrowdStrike. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities include: - Administration and management support of CrowdStrike - Acting as the subject matter expert on the solution for the customer and utilizing its capabilities in daily operational work - Advising customers on best practices and use cases to achieve customer end state requirements - Developing content for automated security event monitoring and alerting, along with corresponding event response plans for systems Skills and attributes for success: - Customer service-oriented with a commitment to meeting customer needs and seeking feedback for improvement - Experience in managing CrowdStrike - Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from an Analysts point of view - Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus - Strong knowledge and experience in Security Monitoring and Cyber Incident Response - Familiarity with network monitoring technology platforms such as Fidelis XPS or others - Knowledge in other endpoint protection tools, techniques, and platforms such as Carbon Black, Symantec, or others To qualify for the role, you must have: - B. Tech./ B.E. with sound technical skills - Strong command of verbal and written English language - Technical acumen and critical thinking abilities - Strong interpersonal and presentation skills - Minimum 4 years of hands-on experience operating/implementing the above security tools - Certification in any of the SIEM platforms is a plus - Knowledge of RegEx, Perl scripting, and SQL query language - Certification - CCSA, CEH, CISSP, GCIH What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You'll get to work with inspiring and meaningful projects, receive support, coaching, and feedback from engaging colleagues, opportunities to develop new skills and progress your career, and the freedom and flexibility to handle your role in a way that's right for you. EY exists to build a better working world, helping to create long-term value for clients, people, and society, and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

As a Deputy Director with over 13 years of experience in the IT industry, including 5 years of specialized expertise in Cloud Security and a thorough understanding of the SAFE Agile framework, you will play a crucial role in ensuring the security of our cloud infrastructure. Your responsibilities will encompass driving excellence in security engineering processes, managing SIEM technologies, and actively participating in the SAFE Agile transformation of our IT operations. This role demands a blend of robust technical skills, effective leadership qualities, and a comprehensive grasp of security principles and best practices. In the domain of Cloud Security Engineering, you will be tasked with designing, implementing, and overseeing cloud security architecture across major platforms such as AWS, Azure, and Google Cloud. Your role will involve leading the establishment of secure cloud environments in compliance with industry regulations like GDPR, HIPAA, and NIST. Additionally, you will be responsible for identifying and mitigating security vulnerabilities, deploying cloud-native security tools, defining security policies and compliance rules, and implementing Role-Based Access Control (RBAC), SSO, and API security measures. Your role also entails ensuring the excellence of security engineering practices within the organization. You will lead incident response and remediation efforts, collaborate with DevOps teams to bolster secure pipelines and code practices, and set Key Performance Indicators (KPIs) for security metrics. Furthermore, you will actively drive the SAFE Agile transformation process for IT security teams, ensuring security alignment with Agile principles and facilitating security integration in all development phases. In terms of collaboration and strategy, you will work closely with IT leadership to define and execute a comprehensive security strategy aligned with business objectives. You will also mentor junior security engineers, promote knowledge-sharing practices, and engage in continuous learning to stay abreast of the latest trends and best practices in cloud security, IT security, and Agile methodologies. To qualify for this role, you should possess a minimum of 13 years of IT experience, with at least 5 years dedicated to Cloud Security engineering. Additionally, experience in SAFE Agile processes and implementations, proficiency in cloud platforms and associated security services, and relevant certifications such as CISSP, AWS Certified Security Specialty, and Certified SAFe Program Consultant (SPC) will be advantageous. Strong leadership, communication, and mentoring skills are essential attributes for this role. Join us in our mission to uphold the security of our cloud infrastructure, drive security excellence, and champion Agile transformation within our IT operations.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As the Threat Detection & Response Operations Manager in the EY-cyber security team, you will lead Operations/Delivery for TDR engagements with end-to-end security incident investigation support to ensure client SLAs and KPIs are met, leveraging multiple SIEM/EDR/NSM solutions. Your key responsibilities will include overseeing the process of detecting, reporting, and responding to security incidents, ensuring that the SOC team can effectively manage incidents when they occur. You will be responsible for managing the security tools and technologies used by the SOC team and ensuring they are properly configured and maintained to monitor and detect security threats effectively. Additionally, you will lead and manage the Security Operation Centre primarily responsible for security event monitoring of clients" networks and ensure that Service Level Agreements are defined, tracked, and met for all clients. Providing technical leadership and advice to junior team members on SOC activities, revising standard operation policies & procedures as required, identifying opportunities to improve security monitoring and operational tasks, and conveying complex technical security concepts to technical and non-technical audiences including executives are also part of your responsibilities. Developing and maintaining productive working relationships with client personnel, overseeing the daily SOC tasks that can be automated, and providing both a strategic view and benefits to clients while working with limited resources to achieve them are essential aspects of the role. To qualify for this role, you must have a B. Tech./ B.E. degree with sound technical skills, the ability to work in the client's time zone, a strong command of verbal and written English language, demonstrate both technical acumen and critical thinking abilities, strong interpersonal and presentation skills, a minimum of 10 years of hands-on experience of operating/implementing/designing SIEM solutions, and proven experience in Project Management. Certification in any of the SIEM platforms, knowledge of RegEx, Perl scripting, and SQL query language are considered value adds. Certifications such as CISM, CEH, CISSP, GCIH, GIAC, SABSA, TOGAF are also preferred. The ideal candidate for this role will have proven experience in leading operations for SOC projects with hands-on experience in SIEM configuration and setup.,