201 Siem Tools Jobs - Page 6

Overview: We are looking for a skilled SIEM Administrator to manage and maintain Security Information and Event Management (SIEM) solutions such as Innspark , LogRhythm , or similar tools. This role is critical to ensuring effective security monitoring, log management, and event analysis across our systems. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., Innspark, LogRhythm, Splunk). Develop and maintain correlation rules, s, dashboards, and reports. Integrate logs from servers, network devices, cloud services, and applications. Troubleshoot log collection, parsing, normalization, and event correlation issues. Work with security teams to improve detection and response capabilities. Ensure SIEM configurations align with compliance and audit requirements. Perform routine SIEM maintenance (e.g., patching, upgrades, health checks). Create and maintain documentation for implementation, architecture, and operations. Participate in evaluating and testing new SIEM tools and features. Support incident response by providing relevant event data and insights. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 3+ years of hands-on experience with SIEM tools. Experience with Innspark, LogRhythm, or other SIEM platforms (e.g., Splunk, QRadar, ArcSight). Strong knowledge of log management and event normalization. Good understanding of cybersecurity concepts and incident response. Familiarity with Windows/Linux OS and network protocols. Scripting knowledge (e.g., Python, PowerShell) is a plus. Strong troubleshooting, analytical, and communication skills. Industry certifications (CEH, Security+, SSCP, or vendor-specific) are a plus. Key Skills: SIEM Tools (Innspark, LogRhythm, Splunk) Troubleshooting Log Management & Analysis Scripting (optional) Security Monitoring Skills Siem,Splunk,Troubleshooting Required Skills Siem,Splunk,Troubleshooting

Job Summary: We are seeking a proactive and technically skilled information security (SOC) Engineer/Analyst to monitor, detect, and respond to cybersecurity threats in real-time. The ideal candidate will have strong analytical skills, be detail-oriented, and possess a sound understanding of threat landscapes, SIEM tools, and incident response. The ideal candidate will possess a strong foundational understanding of cybersecurity governance, robust technical skills in security operations, and a commitment to staying abreast of the evolving threat landscape and internal security requirements. Key Responsibilities Monitor security events and alerts from SIEM and other security tools. Perform initial triage and investigation of potential threats or anomalous behavior. Escalate incidents according to severity and defined procedures. Document incidents, provide root cause analysis, and maintain detailed logs. Analyze threat intelligence feeds and correlate with internal data. Assist in threat hunting and vulnerability management activities. Support continuous improvement of SOC processes and playbooks. Collaborate with other IT and Security teams for incident resolution. Assist in developing and tuning SIEM rules, queries, and dashboards for threat detection. Contribute to vulnerability management and secure configuration of internal systems and cloud environments. Support the testing and execution of recovery plans for security systems and data. Document incident findings, remediation steps, and contribute to post-incident reviews. Required Skills & Qualifications: Bachelors degree in Computer Science, Cybersecurity, or related field. 13 years of experience in a SOC environment or similar security operations role. Familiarity with SIEM tools (e.g., Splunk, QRadar, Sentinel). Understanding of TCP/IP, firewalls, IDS/IPS, and common attack vectors. Knowledge of malware, phishing, ransomware, and social engineering tactics. Hands-on experience with endpoint protection, network monitoring, and forensic tools. Excellent communication and documentation skills. Preferred Certifications: CompTIA Security+ or CySA+ Vendor-specific SIEM certifications.

We are seeking analyst level individuals with experience working in the field of cybersecurity and a desire to help organizations improve their operations to join our team and help run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have working knowledge in some or all these areas IT operations, security monitoring, active directory, IP networking and various cloud technologies. Position and Key Responsibilities At RSM, analysts work with large and small companies in variety of industries. They develop strong working relationships with their peers within the security operations center (SOC) while learning their clients businesses and challenges facing their organizations. Analysts work as part of a broader team under the direction of more senior analysts, threat hunters, shift leads, intelligence analysts and SOC managers in support of multiple clients. Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to: Role Responsibilities: Investigate security incidents using SIEM tools, automation, and other cybersecurity technologies (i.e. ServiceNow, Stellar Cyber, Hyas Insight and DNS Protect, sentinel One, ELK Stack, Virus total, Shodan, NetFlow, Passive DNS, Silobreaker, Tenable.io, Hatching Triage Sandbox) Analyze, escalate, and assist in remediation of critical security incidents. Improve and challenge existing processes and procedures in a very agile and fast-paced information security environment serving multiple clients Process IDS alerts and identifying incidents and events in customer data. Setup and execution and analysis of vulnerability scans Perform advanced analysis and investigation into alerts as they are identified Performing initial basic malware analysis utilizing automated means (static and dynamic sandbox analysis or other available tools) Incident intake, ticket updates and reporting of cyber events and threat intelligence Understanding, identifying, and researching indicators of compromise (IOCs) from a variety of sources such as threat intelligence reports and feeds Writing incident reports, process documentation, and interact with clients as required Transcribe and implement atomic indicators into a monitoring environment. Consume policy documentation and determine applicability in a network. Work with protocols at layers 2 and higher in the OSI model, to include ARP TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use well-known ports. Develops the playbooks to respond and recovery from various attacks/incidents. Drives the automation efforts focused on the closing cases, responding to Cyber events and analyzing data required to enable efficient response activities. Processing of Cyber Threat Intel that is used across RSM detection platforms to understand and prepare for potential threats. Threat intel is heavily used across RSM platforms drive issue prioritization. Open to working shifts in a 24x7 operations environment. Qualifications and Experience: Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience. Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security 3-5 years experience working in a security operations center, networking operations center or threat intelligence capacity. Possess at least one security industry certification such as CYSA+, Security+, CISSP, SANS GIAC (GSOC, GCIA, GMON, CGCDA) Knowledge of security standards and information security and compliance frameworks, controls, and best practices, including SSAE 16, SOC 2 and SOC3, OWASP Top 10, SANS, NIST Must have a naturally curious mindset and approach to solving problems. Basic understanding of cloud technologies and their operations Experience supporting various operating systems such as Windows/Linux Understanding of IP network protocols

The Senior Analyst role within Bain's Cyber Security Department focuses on safeguarding the organization's digital assets and integrity. As a Senior Analyst, you will play a crucial role in understanding how security measures align with the organizational strategy. Your responsibilities will include organizing and leading the development and implementation of security controls that comply with regulatory requirements and best practices. You will be responsible for monitoring, analyzing, and responding to potential security incidents and threats. Assessing their urgency and impact on Bain, you will implement necessary measures to protect the organization's digital assets, data, and infrastructure. This may involve taking a leadership position in coordinating activities across the team, collaborating with technical teams and Security leadership. The Senior Analyst Security Operations role encompasses various disciplines, including Threat Intelligence, Vulnerability Management, Pro-Active Security Testing, and Enhanced Security Operations. Depending on the requirements, team members may dedicate a percentage or all of their time to these specific disciplines. Your principal accountabilities will include: - Vulnerability Management (80%) - Collaborating with cross-functional teams and providing leadership and guidance. - Conducting regular vulnerability scans on the organization's network, applications, and systems. - Implementing and operationalizing vulnerability management tools, processes, and best practices. - Prioritizing vulnerabilities based on risk and potential impact. - Leading meetings to remediate identified vulnerabilities and tracking progress. - Enhanced Security Operations (10%) - Expertise in Forensic Investigations and Tooling. - Leadership experience in Red Team, Blue Team, Purple team exercises. - Professional Development and Innovation (10%) - Staying informed about emerging trends and technologies in cybersecurity. - Collaborating with security team members, IT departments, and relevant business units to address security concerns. - Exploring Professional Certifications and planning trainings with leadership. Your knowledge, skills, and abilities should include: - Strong expertise in Security Monitoring & Incident Detection and Response. - Knowledge of various security tools like Splunk, CrowdStrike, Windows Defender, and others. - Understanding of Vulnerability & Attack Surface Management toolsets, Threat Intelligence tools, etc. - General skills such as good communication, analytical mindset, ability to work independently and in a team, eagerness to learn, and entrepreneurial spirit. Qualifications and Experience: - Bachelor's degree in a related field or equivalent education and experience. - 4-6 years of experience in the same domain. - Experience in deploying systems or applications, complex problem solving, and working in a dynamic environment. - Strong customer service, communication, troubleshooting, and endpoint security control design skills. - Experience with automation of Information Security controls, scripting, and cloud security control frameworks. In this role, you will play a vital part in enhancing the organization's overall security posture and addressing security concerns effectively. Your ability to adapt to new challenges, work collaboratively, and stay updated with cybersecurity trends will be crucial for success in this position.,

JD: 2+ Years of Industry experience, daily hands-on activities of the incident response and analysis. Must be good in managing Incident Responses. Good understanding of cybersecurity concepts, threat types, and attack vectors. Familiarity with SIEM tools (e.g., Splunk, QRadar), firewalls, and endpoint protection. Knowledge of TCP/IP, DNS, HTTP, and other networking protocols. Strong analytical and communication skills. Willingness to work in rotational shifts, including nights and weekends. Monitor security alerts and events from SIEM, IDS/IPS, antivirus, and other security tools. Perform initial triage of security incidents to assess severity and potential impact. Escalate confirmed incidents to L2 analysts with relevant context and evidence. Assist in gathering logs, screenshots, and other artifacts for incident documentation. Follow predefined playbooks and standard operating procedures (SOPs) for incident handling. Maintain accurate and timely records of all incident-related activities. Support evidence collection and ensure logs are preserved for further analysis. Coordinate with internal IT teams for basic containment actions (e.g., isolating endpoints). Participate in shift-based operations to ensure 24x7 monitoring coverage. Role & responsibilities Preferred candidate profile 2+ Years of Industry experience, daily hands-on activities of the incident response and analysis. Must be good in managing Incident Responses. Good understanding of cybersecurity concepts, threat types, and attack vectors. Familiarity with SIEM tools (e.g., Splunk, QRadar), firewalls, and endpoint protection. Please fill below forms if you are interested for the same https://forms.cloud.microsoft/r/v0S2BXfWim

Dear Candidate, We are looking for a skilled Cybersecurity Analyst to monitor, detect, and respond to security threats. If you have expertise in threat intelligence, SIEM tools, and incident response, wed love to hear from you! Key Responsibilities: Monitor network traffic and systems for potential security threats. Investigate and analyze security incidents to prevent breaches. Implement security controls and best practices for data protection. Manage security tools such as SIEM, IDS/IPS, and endpoint protection. Conduct vulnerability assessments and recommend mitigation strategies. Ensure compliance with security standards like ISO 27001, NIST, and GDPR. Required Skills & Qualifications: Strong knowledge of security frameworks and incident response. Experience with SIEM tools (Splunk, QRadar, ArcSight). Proficiency in scripting (Python, Bash, PowerShell) for security automation. Understanding of network protocols, firewalls, and VPN security. Knowledge of penetration testing and ethical hacking techniques. Soft Skills: Strong analytical and problem-solving skills. Excellent attention to detail and ability to work under pressure. Good communication and teamwork skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Come and join a 10-year-old, Fastest Growing, IT Managed Services. We have open positions at various levels throughout the organization. About TeamLogic IT Assist Were a 100-person, $22M managed services provider operating across PA, NJ, NC and FL. Our culture is built on Empathy, Transparency, and Data-Driven Decision-Making, and our mission is simple: Make fans of clients, coworkers, and vendors. For three years running weve been named a Best Place to Work in PA, and we maintain a 98% CSAT and 89 NPS. Our Motto is simple yet powerful: MAKE FANS OUT OF OUR CLIENTS MAKE FANS OUT OF OUR VENDORS MAKE FANS OUT OF EACH OTHER We pride ourselves in creating a family-oriented culture and creating a career path for every employee. We invest all our energy in making sure that you achieve your career goals. We are proud of our Glassdoor Review of 5.0 of employee testimonials. Check it out yourself. https://www.glassdoor.com/Reviews/TeamLogic-IT-Newtown-Reviews- EI_IE222125.0,12_IL.13,20_IC1152654.htm Company Website: https://www.teamlogicit.com/ Position Name - NOC & Security Specialist I Department : Security Operations Reports To : Director of Technology Employment Type : [Full-time] Job Location - India (Remote) Overview: The Network Operations & Security Specialist I serves as a first line of defense for security events while also supporting key NOC functions such as daily monitoring, incident response, network performance assurance, and system uptime. This hybrid role is critical to early threat detection, initial incident response, and proactive infrastructure monitoring to prevent critical outages or breaches. The ideal candidate will be hands-on with tools and platforms in both the cybersecurity and network operations domains and play a key role in maintaining service reliability and security for our clients. Key Responsibilities: Security Operations: Monitor alerts and events from SIEMs, EDR/MDR platforms, and other security tools. Perform initial triage and classification of security incidents. Investigate low-severity alerts and perform response and remediation activities where applicable. Escalate high-risk or complex security incidents to senior Security Advisors and Management. Collaborate with partner MDR and SOC vendors to collect additional context or execute recommended actions. Assist in onboarding, tuning, and maintaining security platforms (e.g., EDR, MDR, SIEM). Maintain detailed documentation for security incidents and actions taken. Support the development and enforcement of internal SecOps policies and procedures. Stay current on emerging threats, vulnerabilities, and mitigation strategies. Network Operations Center (NOC): Monitor the health and performance of client environments using RMM and NOC monitoring tools. Proactively identify and respond to service degradations, outages, and other network/system issues. Perform basic troubleshooting of hardware, network, and system-related problems. Communicate status updates for incidents to internal teams, clients, and management. Ensure tickets are properly documented, prioritized, and resolved within defined SLAs. Prepare standard daily, weekly, and monthly operations and availability reports. Coordinate with team members to ensure smooth handoffs and coverage across shifts. Position Requirements: Education : An associate degree in computer science, information technology, cybersecurity, or a related field. OR- 2 or more years of professional experience in an equivalent position. Technical Skills : Foundational knowledge of cybersecurity principles, threats, and vulnerabilities. Familiarity with: Firewalls, antivirus software, EDR/MDR platforms. SOC/SIEM tools and IDS/IPS systems. Network infrastructure, IP networking, and common protocols (TCP/IP, DNS, DHCP, etc.). Experience working with: PSA and RMM tools (e.g., Autotask, NinjaOne, ConnectWise, etc.) BCDR tools and SaaS environments. Microsoft Windows (desktop and server) and virtualized environments. Additional Skills : Excellent customer service and communication skills, with a strong focus on customer satisfaction. Ability to work independently and manage a flexible schedule. Strong documentation skills to record activities and solutions thoroughly and accurately. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work in a fast-paced and dynamic environment. Willingness to work rotational shifts, including nights and weekends. Preferred Qualifications : Relevant certifications such as CompTIA Security+ or equivalent. Work experience for a Managed Services Provider services multiple client environments Physical Requirements : None Work Environment : This is a fully remote role Application Process : Interested candidates should submit their resume and a cover letter detailing relevant experience and qualifications. TeamLogic IT is committed to creating a diverse environment and is proud to be an equal opportunity employer. We do not discriminate based on race, color, religion, national origin, age, sex, disability, genetic information, veteran status, sexual orientation, gender identity, or any other status protected under applicable federal, state, or local laws. We encourage all qualified candidates to apply and join our inclusive and welcoming team.

Role Details Responsible for monitoring SOC tools in 24*7 environment Job Summary Key Responsibility Area 1)24*7 SIEM Monitoring for MSSP environment and alert on Incidents/alerts 2)Maintains record of security monitoring and incident response acvies, ulizing case management and ckeng technologies 3)Incident Management and coordinate with customer for Incident closure 4)Registering and Handling customer complaints 5)First level incident handling 6)Prepares briengs and reports of analysis methodology and results 7)Tagging of events based on priority levels & severity levels 8)Follow Standard Operang Procedures to perform rst level troubleshoong 9)Generates end-of-shi reports for documentaon and knowledge transfer to subsequent analysts on duty 10)SLA management 11)Escalate to L2 in case of any deviaonBasic Requirement Exposure to and Knowledge of 1)SIEM 2)Network Security 3)Windows server, Virtualizaon (VMware) and Linux commands Fundamental understanding of computer networking (TCP/IP), Windows, Linux, Cisco Operating Systems, Information Security knowledge of VA, IDS, Network infrastructure & Security and SIEM, Malware and its types 4) Experience in Arcsight is mandatory Competencies Companies/Industry to be sourced from 1)Network Defenders 2)Creang, Modifying, and Updang Security Informaon Event Management (SIEM) 3)Maintaining Security Records of Monitoring and Incident Response Acvies 4)Performing Security Analyses 5)Performing Threat Analyses 6)Client request handling

As a Cyber Security Analyst at our organization located in Noida Sec 63, your role will be crucial in safeguarding our digital infrastructure. You will be responsible for monitoring systems, assessing potential threats, and responding to incidents to ensure a secure IT environment. Your key responsibilities will include: - Monitoring security tools and dashboards to detect and respond to threats in real time - Analyzing security incidents and conducting root cause analysis - Performing vulnerability assessments and risk analysis on networks, systems, and applications - Implementing and maintaining security measures such as firewalls, antivirus, and intrusion detection systems (IDS/IPS) - Managing security audits and compliance reviews - Developing and enforcing security policies and procedures - Staying updated with the latest cybersecurity trends, threats, and technology - Assisting in disaster recovery and business continuity planning - Collaborating with IT and development teams to ensure best practices in system security To qualify for this role, you should have: - A Bachelor's degree in Cyber Security, Computer Science, IT, or a related field - Proven experience as a Cyber Security Analyst or in a similar role - Strong understanding of network protocols, firewalls, and threat landscapes - Experience with SIEM tools, endpoint protection, and vulnerability scanners - Knowledge of data privacy regulations (e.g., GDPR, ISO 27001, etc.) - Excellent analytical, problem-solving, and communication skills - Relevant certifications are preferred (e.g., CEH, CompTIA Security+, CISSP, etc.) Preferred attributes include being a critical thinker with attention to detail, proactive attitude towards continuous learning, a strong team player with the ability to work under pressure, and being comfortable with night shifts or rotational shifts if required. This is a full-time position, and we offer benefits such as commuter assistance, health insurance, leave encashment, life insurance, and provident fund. If you meet the qualifications and are interested in this opportunity, please share your resume at ankita.saxena@rcvtechnologies.com.,

As an Endpoint Security Engineer at our organization based in Hyderabad, you will play a crucial role in implementing, managing, and maintaining security solutions for all endpoint devices. Your responsibilities will include designing and implementing endpoint security strategies to safeguard against various threats, managing and configuring endpoint security tools, monitoring security alerts, conducting vulnerability assessments, performing endpoint security audits, and developing and enforcing security policies. You will collaborate with other security teams to ensure a comprehensive approach to securing endpoints and provide guidance and training to employees on best practices for endpoint security. Additionally, you will generate reports on endpoint security posture, incident metrics, patch compliance, and threat landscape. We are looking for a candidate with a strong background in endpoint security, cybersecurity, or related fields, experience with EDR solutions, proficiency in managing endpoint protection platforms, hands-on experience with vulnerability management and patching systems, and knowledge of mobile device management and data loss prevention technologies. Familiarity with endpoint forensics, malware analysis, SIEM tools, operating systems, networking protocols, and network security technologies is also required. The ideal candidate should possess excellent communication and interpersonal skills, attention to detail, ability to work independently, and analyze and respond to security incidents effectively. This is a full-time position with occasional on-call support required for incident management and collaboration with OEM Teams and Distributors. If you have experience in Endpoint Implementation, Configuration, Troubleshooting, DLP, and implementation, we encourage you to apply. The application deadline for this position is 19/07/2025.,

Manage, monitor and analyze cybersecurity systems to protect Data Center Infrastructure from intrusions. Preparing reports for DIT, detailing incident severity, root causes to prevent reoccur. Manage CSOC event and information intake.

Job Summary: We are looking for a Security Analyst to join the MakeMyTrip Cybersecurity team and strengthen MMTs defense against evolving cyber threats. This role involves monitoring, analyzing, and responding to security incidents while enhancing our security framework. The ideal candidate should have 4-6 years of experience in Security Operations, with a strong focus on Endpoint Security and network security controls. Hands-on experience with security tools in these areas is essential. Scripting knowledge is preferable, along with a proactive learning attitude, strong problem-solving skills, and a can-do mindset. Key Responsibilities: Monitor and analyse security events across endpoints, networks, and cloud environments. Implement and manage security controls using various security technologies. Ensure strong endpoint protection and respond to threats, vulnerabilities, and suspicious activities. Manage and enhance email security to prevent phishing, malware, and other emailbased threats. Work on Zero Trust security principles to enhance access control and identity security. Assist in security incident detection, response, and remediation efforts. Develop and maintain security policies, procedures, and compliance documentation. Collaborate with IT and security teams to strengthen the overall security posture. Automate security processes using Python, PowerShell, or Bash. Stay updated on emerging threats, vulnerabilities, and security technologies. Required Skills & Qualifications: 4-6 years of experience in cybersecurity, focusing on endpoint security, network security, and cloud security. Hands-on experience with security tools in areas such as: Endpoint Security: EDR, XDR, Incident Response, malware analysis, threat hunting. Network Security: NAC, firewalls, IDS/IPS, network segmentation, Zero Trust access. Cloud & Web Security: SSE, CASB, Secure Web Gateway, DLP, cloud security posture management Email Security: Email analysis, expertise in email authentication protocols, knowledge of modern email-based cyber threats, and integration of threat intelligence Strong understanding of Zero Trust security models and implementation. Knowledge of security best practices, frameworks, and compliance standards (NIST, ISO 27001, CIS, etc.). Experience in security incident investigation, threat intelligence, and vulnerability management. Scripting knowledge (Python, PowerShell, Bash) is a plus. Familiarity with SIEM tools and log analysis for threat detection. Excellent problem-solving skills and a proactive learning attitude. Strong communication and documentation skills to convey security insights effectively.

MECPL is a construction company specializing in Civil, Structural & Interior Contracts. We focus on delighting clients by consistently meeting requirements and exceeding expectations through Quality Construction, Timely completion, and After Sales Service of Industrial, Commercial & Institutional Projects. Our use of state-of-the-art technology and commitment to quality construction keeps us at the forefront of the industry. This is a full-time on-site Information Technology Security role located in Pune at MECPL. The role involves implementing cybersecurity measures, ensuring network security, managing information security, and overseeing application security on a day-to-day basis. You will lead the organization's cybersecurity posture and ensure the safe deployment and operation of cloud platforms, SaaS apps, and user identity systems. Key Responsibilities: - Implement firewalls, MFA, endpoint detection (EDR/XDR) - Ensure Email security: SPF, DKIM, DMARC; spam/phishing protection - Monitor threats, audit logs, VPN, and remote access policies - Maintain Microsoft 365 / Google Workspace security configuration - Oversee Cloud workload security (if using AWS, Azure, GCP) Must-Have Skills: - CISSP/CEH/CISM preferred or equivalent experience - Knowledge of SIEM tools, endpoint security (CrowdStrike, SentinelOne) - Familiarity with Microsoft Intune, Google Admin Console, Okta/Azure AD Qualifications: - Cybersecurity, Network Security, and Information Security skills - Experience in Information Technology and Application Security - Strong understanding of security principles and best practices - Certifications like CISSP, CISM, or CISA are a plus - Bachelor's degree in Computer Science, Information Technology, or a related field - Relevant work experience in IT security roles,

Come and join a 10-year-old, Fastest Growing, IT Managed Services. We have open positions at various levels throughout the organization. About TeamLogic IT Assist Were a 100-person, $22M managed services provider operating across PA, NJ, NC and FL. Our culture is built on Empathy, Transparency, and Data-Driven Decision-Making, and our mission is simple: Make fans of clients, coworkers, and vendors. For three years running we’ve been named a Best Place to Work in PA, and we maintain a 98% CSAT and 89 NPS. Our Motto is simple yet powerful: MAKE FANS OUT OF OUR CLIENTS MAKE FANS OUT OF OUR VENDORS MAKE FANS OUT OF EACH OTHER We pride ourselves in creating a family-oriented culture and creating a career path for every employee. We invest all our energy in making sure that you achieve your career goals. We are proud of our Glassdoor Review of 5.0 of employee testimonials. Check it out yourself - TeamLogic IT Reviews in Newtown | Glassdoor Company Website: https://www.teamlogicit.com/ Job Title: Associate Security Specialist Location: India Department: Security Operations Reports To: Director of Technology Employment Type: [Full-time] Overview: The Associate Security Specialist will act as the first defense on our Security Operations team (SecOps). This role will be responsible for monitoring security tools, triaging alerts, and managing low-severity incidents. This role is crucial in detecting threats early and resolving them before they escalate into critical breaches. Key Responsibilities: Monitor security alerts and events from various security tools and systems. Perform initial triage and analysis of security incidents to determine their severity and impact. Perform response activities for routine security incidents. Interact and gather information and recommended actions from partner MDR and SOC teams. Escalate high-severity incidents to Senior Security Specialists or Security Advisors as needed. Follow published SecOps policies and procedures Conduct basic troubleshooting and remediation of security incidents. Maintain detailed and accurate documentation of security incidents and actions taken. Assist in the implementation and maintenance of security policies, procedures, and controls. Onboard services and tools for core security products. Collaborate with other team members to improve security monitoring and incident response processes. Prepare and distribute standard internal and customer reports. Stay up to date with the latest security trends, threats, and technologies. Position Requirements: Education: An associate degree in computer science, information technology, cybersecurity, or a related field. Alternatively, 2 or more years of professional experience in an equivalent position. Technical Skills: Basic understanding of cybersecurity principles, threats, and vulnerabilities. Familiarity with security tools and technologies such as firewalls, antivirus software, EDR/MDR, SOC/SIEM, and intrusion detection/prevention systems (IDS/IPS). Good grasp of networking concepts Additional Skills: Excellent customer service and communication skills, with a strong focus on customer satisfaction. Ability to work independently and manage a flexible schedule. Strong documentation skills to record activities and solutions thoroughly and accurately. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work in a fast-paced and dynamic environment. Willingness to work rotational shifts, including nights and weekends. Preferred Qualifications: Relevant certifications such as CompTIA Security+ or equivalent. Physical Requirements: None Work Environment: This is a fully remote role Application Process: Interested candidates should submit their resume and a cover letter detailing relevant experience and qualifications. ________________________________________ TeamLogic IT is committed to creating a diverse environment and is proud to be an equal opportunity employer. We do not discriminate based on race, color, religion, national origin, age, sex, disability, genetic information, veteran status, sexual orientation, gender identity, or any other status protected under applicable federal, state, or local laws. We encourage all qualified candidates to apply and join our inclusive and welcoming team.

Join our team in spearheading innovations in healthcare for the betterment of all, worldwide, in a sustainable manner. Our inclusive and supportive environment fosters a diverse global community that cherishes individuality. We invite you to expand your horizons beyond your comfort zone, providing resources and flexibility to nurture both your professional and personal development, all while recognizing and appreciating your unique contributions. As a key member responsible for enhancing product and solution security within a business organization, you will bring over 12 years of experience in integrating cybersecurity considerations throughout the product lifecycle, from design and implementation to review, updates, and end-of-life management. Your role will involve monitoring product cybersecurity threats and vulnerabilities, conducting planned and ad-hoc Cybersecurity Risk Assessments, collaborating with the architecture and engineering teams to develop and prioritize mitigating solutions, and coordinating comprehensive security assessments such as Product Penetration Testing. Your expertise will be crucial in identifying and resolving potential and existing security issues, configuring security tools for static code analysis, and conducting third-party and vulnerability assessments. You will offer hands-on technical support across software design and development, system engineering, IT, and networking when necessary. Additionally, you will ensure the provision of quality documentation on security concepts to adhere to regulations and certifications, stay abreast of the latest trends and risks in the cybersecurity landscape, and devise strategies and roadmaps to continuously enhance the security of our products. In addition to providing support for broader risk and compliance activities, including security certifications like ISO27001, you will communicate vulnerabilities and their impacts to the product team, collaborate with geographically dispersed development teams in the USA, UK, and India, and possess the following qualifications: - Experience with Cloud Security, preferably Azure - Proficiency in Cloud services security configurations - Strong grasp of Application Security Design and implementation - Knowledge of Data regulations of various countries (e.g., GDPR) - Familiarity with SOA/Microservices security - Understanding of SIEM tools - Experience with on-premises network and system hardening - Ability to think like a hacker to anticipate threats - Excellent communication and teamwork skills, with fluency in written and spoken English - Bachelor's degree in software engineering, computer science, or related field - 4+ years of professional experience in application security implementation, with a total of 10+ years in software development - Proficiency in at least one high-level programming language (preferably Java or Python) - Ability to collaborate effectively in a team environment, demonstrating resourcefulness and proactiveness in information gathering and idea sharing - Capability to work autonomously and as part of a team of professionals - Demonstrated expertise in current software technologies - Strong time management, organizational, and interpersonal skills Join our team of over 73,000 dedicated Healthineers across more than 70 countries who are committed to advancing medical technology to improve patient outcomes and experiences globally. Our innovative portfolio plays a vital role in clinical decision-making and treatment pathways. As an equal opportunity employer, we welcome applications from individuals with disabilities. For data privacy reasons and compliance with GDPR and other data protection regulations, we kindly request that you do not email your CV or resume. Instead, please create a profile to upload your CV, which will also indicate your interest in career opportunities with us and enable us to notify you when relevant positions become available. Register here to begin the process. Please exercise caution regarding potential job scams and suspicious recruiting activities from individuals falsely claiming to be Siemens Healthineers recruiters or employees. These fraudulent entities may seek your confidential personal or financial information. If you have concerns about the legitimacy of an offer from Siemens Healthineers or the recruiter's identity, please verify by checking the posting on the Siemens Healthineers career site. Note to recruitment agencies: Siemens Healthineers does not accept agency resumes. Kindly refrain from forwarding resumes to our jobs alias, employees, or any other company location. Siemens Healthineers does not bear responsibility for any fees associated with unsolicited resumes.,

The Information Security Analyst I is an early-career role designed for individuals with a foundational knowledge in cybersecurity and IT systems. Under direct supervision, they support incident detection and response within the Security Operations Center (SOC), using enterprise security tools to monitor and triage events. As an Information Security Analyst I, you will frequently interact with members of all brand Security and IT teams as well as third-party platform providers. In this dynamic, global environment, you will be responsible for responding to, researching, and addressing network security events. On-call duties are expected. Responsibilities Independently investigate alerts using a SIEM platform (e.g., QRadar) and escalate potential incidents. Perform triage on security events. Investigate and document findings for stakeholders through a ticketing system. Analyze relevant threat intelligence and communicate findings to senior level analyst and management. Identify opportunities for rule tuning and use case improvements to communicate with leadership. Collaborate with other Security Services Subject Matter Experts to deliver a consistent and effective security service. Work efficiently by establishing runbooks and standard operating procedures where needed. Track evolving cyber threats and trends to ensure coverage of activity is implemented. Minimum Requirements: BTECH / Degree in Cybersecurity or Information Technology or equivalent work experience. 6-8 Years of experience in a cybersecurity role, preferably in a SOC environment. 2-3 years of IT experience (e.g. service desk, network operations) Industry certifications such as Security+, Network+, or CCNA preferred. Foundational knowledge of network protocols (e.g., TCP/IP), intrusion detection systems, and cybersecurity principles. Familiarity with SIEM platforms and incident ticketing workflows. Awareness of security frameworks such as the Cyber Kill Chain. Effective time management and critical thinking skills. Strong desire to learn and develop technical cybersecurity skills. Excellent verbal and written communication skills. Ability to work in a fast-paced, collaborative team environment.

Role Overview We are hiring a highly experienced L3 Web Application Firewall (WAF) Specialist to lead the planning, implementation, and optimization of WAF solutions across enterprise environments. This is a technical leadership role requiring deep understanding of application-layer security, strong hands-on experience with WAF technologies (especially F5 ASM or equivalent), and the ability to handle complex security incidents independently. You will act as the subject matter expert (SME) for WAF in client-facing and internal security engagements, guiding application protection strategies, overseeing advanced threat prevention, and mentoring L1/L2 engineers. Key Responsibilities Lead WAF Design & Deployment : Architect, configure, and deploy enterprise-grade WAF solutions across multi-tenant, multi-region environments using technologies like F5 ASM, Citrix, or Imperva. Incident Management & Escalation (L3 Level) : Handle high-priority WAF incidents, perform root cause analysis (RCA), implement custom mitigations, and ensure resolution within defined SLAs. Policy Tuning & Custom Rules : Develop and optimize custom WAF rules (iRules, regex, JSON filters) based on traffic analysis, threat signatures, and business use cases to minimize false positives and ensure maximum protection. Threat Intelligence Integration : Analyze logs and correlate WAF events with threat intelligence feeds and SIEM tools to proactively detect and respond to Layer 7 attacks (e.g., SQLi, XSS, RFI, LFI, bot traffic). Pre-Production Application Review : Collaborate with DevSecOps and App teams to assess applications prior to production rollout, ensuring adequate WAF protection is in place through rigorous policy simulations and tuning. Patch & Upgrade Planning : Plan and execute firmware upgrades, policy migrations, and security patching aligned with vendor lifecycle and enterprise security policies. Compliance & Audit Support : Align WAF posture with OWASP Top 10, PCI-DSS, GDPR, and internal compliance frameworks; prepare documentation and reports for audits and security assessments. Mentoring & Process Improvement : Mentor L1/L2 WAF engineers, define SOPs, standardize response playbooks, and drive automation initiatives where possible. Required Skills & Experience Minimum 7 years of hands-on experience managing Web Application Firewalls in enterprise or service provider environments. Deep expertise in WAF platforms such as F5 BIG-IP ASM , Citrix AppFirewall , Imperva , or Fortinet WAF. Strong knowledge of Layer 7 protocols , HTTP/HTTPS traffic analysis , TLS/SSL decryption , and web server architectures . Familiarity with protocols and technologies such as BGP, OSPF, VXLAN, or MP-BGP EVPN is a plus. Advanced understanding of application-layer threats , bot mitigation , credential stuffing , zero-day exploit patterns , and custom rule writing . Proven ability to manage complex security incidents independently and interface with customers, stakeholders, and internal security teams. Experience with configuration backup/recovery , version control , and multi-tenant policy management . Excellent documentation, troubleshooting, and stakeholder communication skills. Certifications (Mandatory) F5-301/F5-303/Other Industry leading OEM Professional level Certification Nice to Have Exposure to cloud-native WAFs (e.g., AWS WAF, Azure WAF, Cloudflare). Experience in ACI (Application Centric Infrastructure) and Software Defined Networking (SDN) for securing microservices or hybrid apps. Scripting or automation knowledge (Python, Bash, Ansible) to streamline monitoring and deployment tasks.

About the Role We are seeking a highly skilled Security Analyst (Level 2) to join our MSSP SOC team. The ideal candidate will have expertise in SIEM (Splunk, QRadar), XDR/EDR solutions, and security analysis with hands-on experience in investigating and responding to security alerts. This role requires proficiency in reviewing and analyzing Level 1 alerts, providing detailed recommendations, and engaging with customers for incident handling. The candidate should also have basic SIEM administration knowledge and Python scripting skills for troubleshooting and playbook development. Key Responsibilities Threat Detection & Response: Analyze and investigate security alerts, events, and incidents generated by SIEM, XDR, and EDR solutions. Incident Investigation & Handling: Conduct in-depth security incident investigations, assess impact, and take appropriate actions. Incident Escalation & Communication: Escalate critical incidents to Level 3 analysts or senior security teams while maintaining detailed documentation. Content Management: Develop and fine-tune correlation rules, use cases, and alerts in SIEM/XDR platforms to improve detection accuracy. Malware Analysis: Perform basic malware analysis and forensic investigation to assess threats. Customer Request Handling: Collaborate with customers to address security concerns, provide recommendations, and respond to inquiries. SIEM Administration: Assist in the administration and maintenance of SIEM tools like Splunk or QRadar, ensuring smooth operations. Automation & Playbooks: Utilize Python scripting for automation, troubleshooting, and playbook development to enhance SOC efficiency. Reporting & Documentation: Prepare detailed reports on security incidents, trends, and mitigation strategies. Basic Qualifications B.E/B. Tech degree in computer science, Information Technology, Masters in Cybersecurity 3+ years of experience in a SOC or cybersecurity operations role. Strong knowledge of SIEM tools (Splunk, QRadar) and XDR/EDR solutions. Hands-on experience in threat detection, security monitoring, and incident response. Knowledge of network security, intrusion detection, malware analysis, and forensics. Basic experience in SIEM administration (log ingestion, rule creation, dashboard management). Proficiency in Python scripting for automation and playbook development. Good understanding of MITRE ATT&CK framework, security frameworks (NIST, ISO 27001), and threat intelligence. Strong analytical, problem-solving, and communication skills. Ability to work in a 24x7 SOC environment (if applicable) Preferred Qualifications Certified SOC Analyst (CSA) Certified Incident Handler (GCIH, ECIH) Splunk Certified Admin / QRadar Certified Analyst CompTIA Security+ / CEH / CISSP (preferred but not mandatory

Greetings from Datamark!!! Position: Information Security Analyst Experience : 4 Yrs+ of Experience Location : Ambattur Position Overview: The Information Security Analyst is responsible for the administration of the organizations information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelors degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals. If you are interested please share your updated resume to jagadish.jayavel@datamark.net or contact us Whatsapp -9500681139

SOC Analyst 3+ Years of exp in SOC, and should have exp with Azure/AWS cloud. Exp in Remediation and "Defender for Cloud " is a must . About the role As a SOC Analyst, you will play a critical role in strengthening our organization's security posture through proactive threat detection and response. You will monitor system and network activity for any dangers or weaknesses and delve into the details of potential security incidents. Along the way, you will get to: Incident Analysis: Analyze security notifications to identify potential security issues and evaluate their impact and severity. Incident Response: Oversee the response to verified security incidents, including containment measures and investigation. Threat and Vulnerability Analysis: Investigate, document, and report on information security issues and emerging trends. Adjust Security Tools and Processes: Fine-tune security tools and processes to improve the organization's overall security posture. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. What were looking for Technical Proficiency: In-depth knowledge of security protocols, techniques, and technologies. Analytical Skills: Ability to analyze system performance and troubleshoot complex security issues. Communication: Effective communication skills to interact with team members and stakeholders. What you can expect Were legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another locationeven an international destinationfor up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you dont feel like your skills are a perfect match - we still want to hear from you! Today's talent leads tomorrow's success. Learn more about Insight: https://www.linkedin.com/company/insight/

Responsibilities Involved in detailing and implementing user stories. Understand the technical specifications and design the solutions. Validate and implement the integration components of the third-party applications. Build scalable and fault-tolerant software solutions adhering to the organization's secured coding standards. Strive for 100% unit tests code coverage. Do code quality checks and code reviews regularly to ensure safe and efficient code. Verify and deploy software solutions for development needs. Work closely with the team to deliver the sprint objectives. Continuously look to improve the organization's standards. Requirements A Bachelors masters degree in engineering or information technology. 4 7 years of software development experience with 2+ years of experience with Python programming language. A thorough understanding of computer architecture, operating systems, and data structures. An in-depth understanding of the Internet, Cloud Computing & Services, and REST APIs. Must have experience with any one of the python frameworks like Flask FastAPI Django REST. Must know GIT and Python virtual environment. Should have experience with python requests module. Must know how to use third-party libraries in Python. Knowledge of Python module/library creation will be added advantageous. Familiarity with SIEM tools like the Qradar app Splunk app and Splunk add-on will be an advantage. Experience working with Linux/Unix and shell scripts. Experience working with Linux/Unix and shell scripts A meticulous and organized approach to work. A logical, analytical, and creative approach to problem-solving. A thorough, detail-oriented work style.

Job Description: We are seeking an experienced Senior Network & Security Administrator to manage and secure enterprise-class network infrastructure across data centers, DR, and corporate environments. The ideal candidate must have hands-on experience with core networking, firewalls, load balancers, and DNS/DHCP/IPAM systems . You will be responsible for ensuring 99.99% uptime , network security, and efficient change management. Key Responsibilities: Manage and maintain network infrastructure including Cisco core routers/switches , Checkpoint firewalls, and F5 Load Balancers (LTM/ASM/APM). Configure and administer Infoblox for DNS, DHCP, and IPAM management. Design, implement, and support enterprise VPN (IPSec/MPLS/B2B) and LAN/WAN infrastructure. Administer and troubleshoot Cisco ASA/FTD firewalls , TACACS, ISE policies. Implement and monitor firewall rules, NAT, ACLs, and access control policies . Work closely with internal teams and external vendors to deploy, patch, upgrade and troubleshoot networking devices. Monitor and optimize network performance using SolarWinds, SIEM tools , and log analyzers. Ensure compliance with industry best practices, patch management, and change documentation. Manage network device backups and contribute to DR/BCP planning . Participate in on-call support rotation , incident response, and RCA documentation. Mandatory Skills (Must-Have): Cisco Routers/Switches (Nexus, Catalyst), BGP, OSPF, VLAN, STP, HSRP Checkpoint Firewall, Cisco ASA/FTD, Fortinet (preferred) F5 Load Balancer (LTM, ASM, APM), GSLB, SSL offloading Infoblox DNS/DHCP/IPAM VPN IPSec, MPLS, GRE tunnels Network Monitoring SolarWinds, SNMP Cisco ISE, TACACS, AAA NAT, ACL, Access Policies SIEM tool exposure AWS Networking knowledge (VPC, SGs, routing) Good to Have (Optional but Preferred): Citrix ADC (NetScaler), Aruba NAC, McAfee DLP Meraki MS/MR/MX devices Experience in patching and firmware upgrades RMA, Vendor management, and escalation Pre/post-sales support experience

Location : Bangalore Mode: 5 days WF Office Exp:4-7 yrs JD: Should have minimum 4-6 years in IBM Qradar administration. Monitor and analyze security alerts from QRadar SIEM and other security tools. Perform in-depth investigation of security incidents . Tune and optimize QRadar rules, filters, and use cases to reduce false positives. Must have experience in creating Usecases as per the customer requirement. Should be able to understand the existing usecases/logics configurated and able to perform break fix or improvement on own. should be able to handle the SIEM administration on own and drive the topics. Should have good administration skill in Qradar console/server management. Able to perform upgrade, drill activities for Qradar servers. Conduct root cause analysis and document findings in incident reports. Maintain and update incident response playbooks and procedures. Support threat hunting activities and contribute to continuous improvement of detection capabilities. Generate periodic reports on security posture and incident trends.

Overview: We are looking for a skilled SIEM Administrator to manage and maintain Security Information and Event Management (SIEM) solutions such as Innspark , LogRhythm , or similar tools. This role is critical to ensuring effective security monitoring, log management, and event analysis across our systems. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., Innspark, LogRhythm, Splunk). Develop and maintain correlation rules, s, dashboards, and reports. Integrate logs from servers, network devices, cloud services, and applications. Troubleshoot log collection, parsing, normalization, and event correlation issues. Work with security teams to improve detection and response capabilities. Ensure SIEM configurations align with compliance and audit requirements. Perform routine SIEM maintenance (e.g., patching, upgrades, health checks). Create and maintain documentation for implementation, architecture, and operations. Participate in evaluating and testing new SIEM tools and features. Support incident response by providing relevant event data and insights. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 5+ years of hands-on experience with SIEM tools. Experience with Innspark, LogRhythm, or other SIEM platforms (e.g., Splunk, QRadar, ArcSight). Strong knowledge of log management and event normalization. Good understanding of cybersecurity concepts and incident response. Familiarity with Windows/Linux OS and network protocols. Scripting knowledge (e.g., Python, PowerShell) is a plus. Strong troubleshooting, analytical, and communication skills. Industry certifications (CEH, Security+, SSCP, or vendor-specific) are a plus. Key Skills: SIEM Tools (Innspark, LogRhythm, Splunk) Troubleshooting Log Management & Analysis Scripting (optional) Security Monitoring Job location: Thiruvananthpuram Notice period: Immediate Required Skills Siem,Splunk,Troubleshooting

Must-Have Skills: Experience with SIEM vendors such as QRadar, Sentinel, Splunk Incident response and threat hunting expertise Strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) Experience in writing procedures, runbooks, and playbooks Strong analytical and problem-solving skills Hands-on experience with system logs, network traffic analysis, and security tools Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) Good-to-Have Skills: Experience setting up SIEM solutions and troubleshooting connectivity issues Familiarity with security frameworks and best practices Ability to collaborate with IT and security teams effectively Responsibilities: Act as an escalation point for high and critical severity security incidents Conduct in-depth investigations to assess impact and understand the extent of compromise Analyze attack patterns and provide recommendations for security improvements Perform proactive threat hunting and log analysis to detect potential threats Provide guidance on mitigating risks and improving security hygiene Identify gaps in security processes and propose enhancements Ensure end-to-end management of security incidents Document and update incident response processes and define future outcomes Participate in war room discussions, team meetings, and executive briefings Train team members on security tools and incident resolution procedures Required Skills L3 SOC Analyst, Qradar OR Sentinel OR Splunk or Google Chronicle) - Any 2 of the SIEM tools required EDR tools (Crowdstrike OR Defender OR SentinelOne) - Any 2 of the EDR tools required