201 Siem Tools Jobs - Page 8

TITLE- SOC ANALYST-L3 JOB DESCRIPTION: Responsible for responding to security incidents identified by internal controls or external SOC partners Strictly adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling security incidents and events. Hands-on experience with Security Information and Event Management (SIEM) tools such as Splunk, IBM Q-Radar, Microsoft Sentinel, LogRhythm, or ArcSight. Proficient in Incident Response and automation workflows as it relates to Security Operations. Detects, identifies, and responds to cyber events, and incidents in line with cyber security policies and procedures. Should be capable of independently leading and managing security event investigations with minimal guidance from SOC leadership, while effectively collaborating with other departments as needed Evaluate and update current SOC procedures and runbooks as required or directed. QUALIFICATION REQUIRED: Bachelors degree in computer science, Information Technology, Business or equivalent discipline Minimum 5 years of technical experience in Security Operations Center (SOC) and Information Security required. SIEM certification or Security technology related certification is a plus. Candidate should be willing to work in 24*7*365 shifts Candidate should be able to work from Ares Office located in Mumbai Experience- 5 to 7 years Location-Mumbai (In office) Shift- Rotational shifts Notice- Immediate joiners NOTE- Candidates are expected to attend inperson interview in Mumbai.

Greetings from Datamark!!! Postion : Information Security Analyst Experience : 5 Yrs in Experience Location: Ambattur Industrial Estate , Chennai Position Overview: The Information Security Analyst is responsible for the administration of the organizations information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelors degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals If you are interested please share your updated resume to jagadish.jayavel@datamark.net or contact us 9500681139

Role & responsibilities • Monitor and respond to real-time cyber threats using SIEM tools and threat intelligence platforms. Conduct regular vulnerability assessments and penetration testing. Analyze security incidents and provide detailed incident reports with remediation plans. Oversee firewall, antivirus, and intrusion detection/prevention systems (IDS/IPS). Perform security risk assessments for infrastructure, applications, and cloud environments. Ensure compliance with HIPAA, GDPR, ISO 27001, and other relevant regulations. Develop and enforce information security policies, procedures, and standards. Work closely with the DevOps, Network, and Infrastructure teams to enforce security protocols. • Lead incident response drills and disaster recovery planning. Prepare security metrics and dashboards for internal reviews and audit support. Stay current on evolving cyber threats and emerging security technologies Preferred candidate profile • Bachelor's degree in Computer Science, Information Security, or a related field. • Strong knowledge of threat intelligence, security monitoring tools (e.g., Splunk, IBM QRadar, or similar). Experience in cloud security (AWS/Azure/GCP) and endpoint security. Familiarity with frameworks such as NIST, MITRE ATT&CK, OWASP. Certifications preferred: CISSP, CISM, CEH, or CompTIA Security+. Strong analytical skills and ability to handle security incidents independently. Excellent communication skills and ability to work with cross-functional teams. Nice to Have • Experience working in healthcare or pharmaceutical industries. • Knowledge of data privacy regulations applicable to clinical or health data. • Exposure to machine learning applications in threat detection.

Preferred candidate profile Security Incident monitoring & Security Incidents analysis Good experience in using SIEM tools Knowledge on Threat analysis, evolving Threat landscape Knowledge on Event logging and event analysis Knowledge on Corporate security products like firewalls, IPS, Web/content Filtering tools, Compliance tools, ITIL process Knowledge on Vulnerabilities and threats Knowledge on Packet Analysis and Forensic Analysis React to attacks observed during incidence monitoring Good knowledge about common security attacks, targeted attacks Define and act to common security incidents and reporting to stakeholders Contributing to continue monitoring and improvement of security posture of the organization Skills/Exposure SIEM tools, SOC, Security Incident Management Firewall, IPS, Proxy (Web/content Filtering tools), AV, APT Tools, RSA Wireshark,

Job Title: Information Security Analyst (InfoSec Analyst) Location: Remote Job Type: Fulltime YoE: 12+ years relevant experience Shift: 2 to 11 pm IST Description: The Information Security Analyst is responsible for the defining, planning, and monitoring of security measures for the protection of computer networks and information. This individual will also be responsible for monitoring and analyzing network security hardware and software and assist in the development and enforcement of network security policies. This position will work within the legal department and report to the Director, Head of the Security, Compliance, & Risk (SCR) department. Duties and Responsibilities: The following duties are normal for this job. These are not to be construed as exclusive or all-inclusive. Other duties may be required and assigned. Defines, maintains, and reports on overall computer network security strategies (Best Practices/Common Practices) with all information assets connected to the Vaco network. Must have the ability to communicate security policies and strategies to people of varying technical ability both verbally and in written format. Monitors operation of, and provides reports on, perimeter security systems such as firewalls, routers, proxy servers, intrusion detection and protection systems. Monitors operation of, and provides reports on, end point security systems such as anti-virus, patch management and vulnerability assessment tools. Monitors operation of, and provides reports on, security information and event management (SIEM) systems. Must have the ability to examine a variety of data sources to correlate events and determine courses of action. Participates in the incident response process when network anomalies are discovered and drives the incident process to completion. Manages relationships and coordinates operational activities between Vaco and external security services providers (e.g., Managed Security Services Providers, Penetration Testers, Solution providers, etc.). Coordinates vulnerability remediation activities and works with the IT operations section to mature the patch management lifecycle based on vulnerability management Service Level Agreements (SLAs) defined by the SCR function. Creates and publishes daily/weekly/monthly/quarterly/annual incident management reports as requested/required. Desired Competencies and Skills: Knowledge of SIEM systems Knowledge of Intrusion Detection Systems/Intrusion Protection Systems Knowledge of networking and firewall appliances Knowledge of Information Security standards (International Organization for Standardization 27000 series, National Institute of Standards and Technology, HITRUST) Knowledge of a variety of vulnerability management solutions Strong verbal and written communication skills. Project management and organizational skills Educational Requirements: Bachelor’s degree in Computer Science, Information Technology, Information Security or Electrical Engineering preferred, with at least two (2) years of experience of Information Security experience. One of the following certifications is required: Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM); GIAC certifications and/or Certified Ethical Hacker (CEH); CompTIA Security+. Any equivalent combination of education, training, and experience which provides the requisite knowledge, skills, and abilities for this job may be considered. Travel Requirements: 10% -Occasional travel to onsite offices or vendor conferences may occur

Hi Everyone, I am on lookout for Infosec Analyst- GSOC for leading product based MNC in Yerwada, Pune. Kindly refer below JD:- Should have experience with Global Security Operation Center(SOC) Should have good experience with concepts of SIEM Should have strong experience in Incident Response Any SIEM tools experience: (Splunk, Azure Sentinel, EDR, MS Defender, Azure Sentinel, Any) Share your resume on nitika.sh@peoplefy.com NOTE: Immediate joiners to max 30 days are preferred.

As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources.

SOC Analyst 5+ Years of exp in SOC, and should have exp with Azure/AWS cloud. Exp in Remediation and "Defender for Cloud " is a must. About the role As a SOC Analyst L3, you will play a critical role in strengthening our organization's security posture through proactive threat detection and response. You will monitor system and network activity for any dangers or weaknesses and delve into the details of potential security incidents. Along the way, you will get to: Incident Analysis: Analyze security notifications to identify potential security issues and evaluate their impact and severity. Incident Response: Oversee the response to verified security incidents, including containment measures and investigation. Threat and Vulnerability Analysis: Investigate, document, and report on information security issues and emerging trends. Adjust Security Tools and Processes: Fine-tune security tools and processes to improve the organization's overall security posture. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. What were looking for Technical Proficiency: In-depth knowledge of security protocols, techniques, and technologies. Analytical Skills: Ability to analyze system performance and troubleshoot complex security issues. Communication: Effective communication skills to interact with team members and stakeholders. What you can expect Were legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another locationeven an international destination—for up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Today's talent leads tomorrow's success. Learn more about Insight: https://www.linkedin.com/company/insight/

Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune. We are looking for candidates with 3 + years of experience in : Security operations center Global SOC Experience Threat Monitoring/ Threat Detection/ Threat Prevention Any SIEM tools Interested candidates for above position kindly share your updated CV to asha.ch@peoplefy.com with below details : Notice Period : Experience: CTC : ECTC : Current Location :

Hiring for SOC Analyst in one of our Top Banking company @ Chennai & Hyderabad location Job Title: SOC Analyst Experience : 6 - 9 Years Department: Cybersecurity / Information Security Location: Chennai & Hyderabad Employment Type: Hybrid Mode - 3 days WFO and 2 days WFH . Job Summary: We are seeking a skilled and detail-oriented Security Operations Center (SOC) Analyst to join our cybersecurity team. The SOC Analyst will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents using a variety of tools and techniques. This role is critical to maintaining and improving our organization's security posture by ensuring real-time threat detection and incident response. Key Responsibilities: Monitor security alerts and events from SIEM tools (e.g., Splunk, QRadar, Microsoft Sentinel). Analyze and triage events to determine impact and severity. Investigate security incidents and provide incident reports with detailed analysis. Escalate validated threats and vulnerabilities to the appropriate teams and assist in mitigation efforts. Coordinate with IT teams to ensure containment, eradication, and recovery actions are taken for confirmed incidents. Perform threat intelligence analysis to support proactive detection and defense. Document incident handling procedures and maintain an incident knowledge base. Participate in continuous improvement of SOC operations, including playbooks and automation. Stay current on the latest cybersecurity trends, threats, and tools. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field; or equivalent work experience. 13 years of experience in a SOC or information security role. Experience with SIEM platforms, IDS/IPS, firewalls, and endpoint protection tools. Understanding of TCP/IP, DNS, HTTP, VPN, and network protocols. Knowledge of common threat vectors, MITRE ATT&CK framework, and kill chain. Strong analytical and problem-solving skills. Excellent communication skills and ability to work under pressure. Preferred Qualifications: Certifications such as CompTIA Security+, CEH, GCIA, GCIH, or Splunk Certified Analyst. Experience with scripting (e.g., Python, PowerShell) for automation. Familiarity with cloud security monitoring (e.g., AWS GuardDuty, Azure Defender). Exposure to incident response frameworks and forensic tools. Work Schedule: [24x7 shift-based / Regular business hours / On-call rotation as applicable]

Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune . The Security Analyst position is part of the Groups Computer Emergency Response Team (CERT) , the organizations cyber defense division. The mission of this team encompasses three critical areas: Threat Prevention & Crisis Preparedness – Proactively anticipate and mitigate threats while preparing for cyber crises. Threat Detection & Analysis – Identify vulnerabilities, detect threats, and uncover attacks. Incident Response – Investigate, manage, and resolve security incidents while mitigating their impact on the IT ecosystem. Key Responsibilities: 1. Security Incident Handling: Analyze and confirm the severity of security incidents based on available data. Follow documented incident response procedures to resolve threats efficiently. Collaborate with technical experts to develop and implement remediation plans. Track and monitor corrective actions, ensuring stakeholders are informed and engaged. Write detailed incident reports, including "hot" and "cold" feedback, for major incidents. Participate in crisis management, including artifact collection, risk analysis, and first-level threat assessments. 2. Projects, Continuous Improvement, and Expertise Sharing: Stay updated on the latest incident response techniques through training and daily monitoring. Provide technical expertise for projects, including tool evaluations, risk analysis assistance, and technical audits. Propose and develop new detection scenarios, automation tools, or enhancements to improve productivity. Conduct team knowledge-sharing sessions by presenting in-depth technical topics. Contribute to the broader expertise missions within the team based on skillsets. Experience Requirements: 10–12 years of relevant experience in cyber security, with a focus on security incident handling, detection, and analysis. Qualifications and Skills: Technical Skills: Data Analysis & SIEM Tools : Proficient in SPL (Search Processing Language) for data analysis, threat hunting, and creating dashboards. Strong experience with SIEM tools like Splunk (Preferred) , Q Radar or Sentinel. Endpoint Protection (EPP) & Endpoint Detection and Response (EDR): Hands-on experience with tools such as: Trend Micro Deep Security Microsoft Defender Palo Alto Cortex Tehtris eGambit Network Security & Firewalls: Knowledge of firewalls , IDS/IPS , VPNs , and network devices such as: Cisco Palo Alto Global Protect Proficiency in analyzing firewall logs and interpreting PCAPs using tools like Wireshark . Operating Systems & Programming: Working knowledge of Windows and Linux will be an added advantage. Knowledge of PowerShell scripting and other system scripting languages. Knowledge on software programming and SDLC will be added advantage. Investigative Skills: Ability to autonomously investigate alerts from detection to resolution. Key Traits and Competencies: Strong analytical and problem-solving skills. Ability to work independently while collaborating with a global team. Excellent communication and report-writing skills. Passion for continuous learning and knowledge sharing. Flexibility to work in a fast-paced environment and support on-call rotations. Interested candidates for above position kindly share your CVs on pranita.th@peoplefy.com with below details - Experience : CTC : Expected CTC : Notice Period : Location :

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Senior Security Operations Analyst We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you’ll do: Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities Perform proactive threat hunting to identify and mitigate advanced threats Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership Continuously improve SOC processes and playbooks to streamline operations and response efforts Mentor junior SOC analysts and provide guidance on security best practices This role requires participation in a rotational shift Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed What you’ll bring: Strong analytical and problem-solving abilities Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams Proven ability to remain calm and efficient under a high-pressure environment Proficient in using SIEM tools, such as Microsoft Sentinel Experience with data migration strategies across SIEM platforms Experience on Cloud Security Operations and Incident Response platforms such as Wiz In-depth understanding of cyber threats, vulnerabilities, and attack vectors Proficient in creating KQL queries and custom alerts within Microsoft Sentinel Expertise in developing SIEM use cases and detection rules Skilled in incident response and management procedures Experienced in conducting deep-dive investigations and root cause analysis for incidents Adept at collaborating with stakeholders to resolve complex cybersecurity challenges Ability to automate routine SOC processes to enhance operational efficiency Experienced in mentoring and guiding junior analysts in security operations Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: Excellent interpersonal (self-motivational, organizational, personal project management) skills Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System Ability to analyze cyber threats to develop actionable intelligence Skill in using data visualization tools to convey complex security information Academic Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks Experience with SIEM migration Expertise in incident response, threat detection, and security monitoring Solid understanding of Windows, Linux, and cloud security concepts Relevant certifications (e.g., CompTIA Security+, Microsoft CertifiedSecurity Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred Preferred Security Cloud CertificationsAWS Security Specialty Perks & Benefits ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

Role & responsibilities Responsibilities: • Escalate validated and confirmed incidents to designated SOC Lead/ Incidents response team. • Security Event Correlation as received from L2 SOC or Incident Response staff or relevant sources to determine increased risk to the business. • Indepth knowledge on multiple SIEM platforms like Securonix, IBM QRadar, LogRhythm, Arcsight, FortiSIEM , Microsoft Sentinel, and others • Support the SOC Manager in his duties (e.g. extension of SOC services) • Update Security Operations reporting • Triage security events and incidents, detect anomalies, and report/direct remediation actions. • Development and execution of SOC procedures • Should have indepth knowledge of Firewall, EDR, IDS/ IPS, VPN, Cloud Security • Should have hands on Experience in Threat Hunting. • Should have good hands-on experience in VAPT. • Should have good knowledge in integrating TI feeds and Third-Party tools. • Should have knowledge in Building SIEM platform with SOAR, NBAD, UEBA Integration. • Should have hands on experience in developing Use case and Parser Creation. • Should have knowledge in Breach simulation attack. • Sound knowledge in Unix, Linux, Windows, and security devices like firewall, etc. • Preparation of RCA, Preparation of runbook and Training to L2 and L1 team. Qualification: B.E./B.Tech/MCA Certification CEH, ECIH, CISSP, CISM, GCIH, GCFA, Certified Threat Hunter, SIEM certifications for platforms like (Qradar, LogRhythm etc) Work experience: 8 + Years NOTE : Work location will be Mumbai Andheri Seepz, and this is permanent Work from Office role NO HYBRID Option

Job Description: Systems Engineer (PCI Vulnerability Mitigation) Position Overview: We are seeking a highly skilled Systems Engineer with experience in identifying, mitigating, and managing PCI DSS (Payment Card Industry Data Security Standard) related vulnerabilities. The ideal candidate will have a strong background in systems engineering, security best practices, and vulnerability management to ensure the protection of sensitive payment data across enterprise systems. Key Responsibilities: - Identify, assess, and remediate vulnerabilities across infrastructure, applications, and cloud environments. - Collaborate with Security, Infrastructure, and Development teams to prioritize and implement vulnerability remediation efforts. - Perform vulnerability scans, risk assessments, and penetration tests to identify PCI-related risks. - Analyze scan results from tools such as Qualys, Tenable, or similar to prioritize vulnerabilities based on risk impact. - Develop and maintain system hardening standards in alignment with PCI DSS and industry best practices. - Create and maintain technical documentation, including vulnerability remediation plans, system configurations, and security policies. - Support audit and compliance assessments by providing evidence of vulnerability management and patching efforts. - Automate patch management and vulnerability remediation processes using tools like Ansible, PowerShell, or Python. - Monitor emerging threats, vulnerabilities, and vendor security patches to proactively address potential risks. Required Skills and Qualifications: - Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience). - 3+ years of experience in systems engineering or vulnerability management with a focus on PCI DSS compliance. - Experience with vulnerability scanning tools such as Qualys, Tenable or Nessus. - Hands-on experience in patch management and system hardening across Windows, Linux, and cloud platforms. - Solid understanding of network protocols, firewalls, and secure system configurations. - Experience with SIEM tools and log analysis for identifying security incidents. - Scripting skills (PowerShell, Python, Bash) to automate security tasks. - Strong documentation and communication skills. Preferred Qualifications: - Relevant certifications such as CompTIA Security+, CISSP, or PCI Professional (PCIP). - Experience with cloud environments (AWS, Azure, GCP) and cloud security controls. - Knowledge of container security (Docker, Kubernetes). - Experience working in Agile or DevOps environments.

?Job Description As a Solutions Architect at Gruve India, you will be lead for the Splunk Practice You will be responsible for developing and leading the Splunk Practices strategy, delivering technical leadership, and overseeing the execution of client engagements, Key Responsibilities Client Relationship Management: Own, develop, and grow client relationships Act as the voice of the client within Gruve and serve as the escalation point for all engagement-related issues, Project Leadership: Fully responsible for overseeing the delivery of projects, ensuring they meet client expectations and contractual obligations Lead engagements with support from technical service management and project leads, Stakeholder Alignment: Ensure seamless alignment across multiple stakeholders, including internal teams and external partners, Customer Success: Drive customer success by ensuring service delivery meets expected outcomes Identify opportunities for upselling and engage the sales team for pursuit, Digital Transformation: Align services with customer transformation strategies and goals, Service Planning and Review: Set up proactive service plans and conduct regular service review meetings with clients, covering both operational and strategic topics, Solution Architecture and Design: Develop and design end-to-end architecture for Splunk deployments, ensuring alignment with business goals and technical requirements, Customize Splunk configurations for client environments, including data ingestion, parsing, and correlation, to maximize insights from data, Implementation and Deployment: Oversee the deployment, integration, and configuration of Splunk instances in client environments, ensuring best practices and compliance with industry standards, Lead and support the installation, Assessment, tuning, and optimization of Splunk solutions to ensure optimal performance, scalability, and security, Technical Leadership and Consultation: Act as the primary technical point of contact for Splunk solutions, advising on system design, architecture, data sources, and technical integrations, Collaborate with Customer security, IT operations, and data teams to develop advanced analytics, searches, dashboards, and alerts tailored to business needs Issue Management: Act as the escalation point for delivery-related topics, including incidents and service requests, Onboarding and Project Delivery: Oversee client onboarding activities, deliver upgrade/migration projects, and other service delivery initiatives, Commercial Management: Support commercial change request management, contract compliance, and risk management Assist in positioning additional service offerings and support contract renewals, Knowledge Sharing: Provide training and knowledge transfer to clients and internal teams on best practices for using Splunk Documentation: Maintain thorough documentation of Splunk architectures, configurations, and standard operating procedures, Basic Qualifications Bachelors degree in information technology, Computer Science, or a related field, 7+ years technology-related project delivery experience Security-related project delivery experience working with enterprise customers, Extensive experience in designing, deploying, and managing Splunk environments, including data ingestion, parsing, and correlation, Solutions delivery experience with Splunk Enterprise Security, Splunk SOAR, Splunk User Behavior Analytics, Splunk Analyzer, Splunk Asset and Risk Intelligence Solutions delivery experience with Splunk Observability Cloud and Splunk IT Service Intelligence Strong understanding of cybersecurity principles, SIEM technologies, and incident response practices, Preferred Qualification Ability to assess customer environments, make design and solution recommendations, and troubleshoot multi-vendor issues Ability to lead and organize a large virtual technical team, with good negotiation skills and people management skills, Understanding of cloud business models, hybrid infrastructure, and cloud operation processes, 7+ years of security-related project delivery experience working in an industry (e-g , Healthcare, Government, Education, Manufacturing, Financial Services, Retail) One or more of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Security Certification SC-500, Splunk Core Certified Power User, Splunk Core Certified Advanced Power User, Splunk Enterprise Certified Architect, Splunk Core Certified Consultant Solid understanding of cloud security technologies Threat protection (Endpoint security, E-mail security, Incident Response, etc ), Kill Chain, Cloud Native Application Protection Platform (CNAPP), Security Information and Event Monitoring (SIEM), Multi-Cloud Security, Identity and Access management Excellent written, verbal, and presentation skills, Ability to work under pressure and deliver results in a dynamic environment,

The Security Engineer is responsible for designing, implementing, and maintaining security across all products and infrastructure, with a focus on both blockchain/wallet and general application security. This role requires a strategic mindset, strong risk management skills, and the ability to communicate security concepts to both technical and non-technical stakeholders. The ideal candidate is proactive, detail-oriented, and committed to fostering a culture of security throughout the organization. Responsibilities Develop and enforce security policies, standards and best practices. Lead security architecture reviews and risk assessments. Collaborate with engineering, product, and operations teams to ensure secure design and implementation. Oversee incident response, forensics, and post-incident analysis. Conduct security awareness training and promote a security-first culture. Stay current with emerging threats, vulnerabilities, and security technologies. Ensure compliance with relevant regulations and industry standards. Coordinate with external auditors, partners, and vendors on security matters. Qualifications and Experience Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). Relevant security certifications (CISSP, CISM, CEH, OSCP, etc.). 5+ years of experience in security engineering or related roles. Demonstrated experience with both blockchain and traditional application/infrastructure security. Experience leading security initiatives and incident response. Deep understanding of security frameworks, standards, and regulations (NIST, ISO 27001, GDPR, etc.). Awareness of current threat landscape and security technologies. Familiarity with blockchain security and smart contract vulnerabilities.

- Manage Fortinet, Zscaler, NAT, VPN to AWS - Ensure redundancy, failover, high availability - Support Cisco Meraki, 9200L, SD-WAN - Use SolarWinds, Splunk, Sentinel for monitoring - Handle config, logs, and troubleshooting

- Administer Cisco Meraki, 9200L, SD-WAN - Monitor via SolarWinds, Splunk, Sentinel - Ensure network uptime, redundancy, failover - Manage Fortinet, Zscaler, NAT rules, VPN to AWS - Handle logs, incident response, escalations

Why Join Siemens? At Siemens, you will be part of a global leader committed to innovation, quality, and excellence. This role offers the opportunity to work on challenging projects, develop professionally, and make a significant impact in the electrical and instrumentation domain, particularly within power plant and renewable energy projects. If you are passionate about leading a talented team and driving technical excellence, we encourage you to apply. As Siemens Energy, "We energize society" by supporting our customers to make the transition to a more sustainable world, based on innovative technologies and our ability to turn ideas into reality. We do this by Expanding renewables Transforming conventional power Strengthening electrical grids Driving industrial decarbonization Securing the supply chain and necessary minerals Looking for challenging role? If you really want to make a difference - make it with us Siemens Energy (SE) is a global pacesetter in energy, helping customers to meet the evolving demands of today's industries and societies. SE comprises broad competencies across the entire energy value chain and offers a uniquely comprehensive portfolio for utilities, independent power producers, transmission system operators and the oil and gas industry. Products, solutions and services address the extraction, processing and the transport of oil and gas as well as power generation in central and distributed thermal power plants and power transmission in grids. With global headquarters in Munich in Germany and more than 88,000 employees in over 80 countries, Siemens energy has a presence across the globe and is a leading innovator for the energy systems of today and tomorrow, as it has been for more than 150 years. Your new role "“ challenging and future-oriented You would be responsible for all system administration requirements like installation, upgrades, and updates of DCS Systems (SPPA T3000) before the delivery of components to customers as well as during the after-sales service phase. You would be part of remote service support center and would support customers in troubleshooting of problems faced by customer. As part of your profile there would be requirement of travelling to many project sites during installation as well as service phase of I&C Systems. You have great opportunity to work with global remote support centers and global teams We don't need superheroes, just super minds You're a bachelor's in engineering with 3 to 5 years of experience in system administration of Instrumentation & Control (I&C)/PLC systems. You've great knowledge and experience of DCS & PLC Systems You've great knowledge of SPPA T3000 control system and "˜know-how' on the system administration and troubleshooting would be an added advantage. You've great knowledge of network implementation including switches, firewalls, router etc. You've professional exposure in implementation of cyber solutions like NIDS, Application Whitelisting, Domain Controller, SIEM Solutions would be added advantage. We've got quite a lot to offer. How about you? This role is based in Gurgaon, where you'll get the chance to work with teams impacting entire cities, countries "“ and the shape of things to come. We're Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow.

Dodge Position Title: Senior Security Engineer Location: Bangalore, India Roles and Responsibilities Implement and optimize security tools such as SIEM, EDR, IDS/IPS Firewalls, and threat intelligence platforms to enhance threat detection and response. Configure and manage SIEM Indicators of Compromise (IoCs) to ensure accurate correlation, alerting, and detection of malicious activities. Continuously monitor and correlate network traffic, security alerts, and events to detect potential threats and anomalous activity. Follow incident response protocols, investigate security breaches, and work with internal teams to resolve vulnerabilities efficiently. Conduct regular security assessments, penetration tests, and vulnerability scans to identify risks and recommend improvements. Ensure the organization complies with relevant security standards, regulations, and best practices. Educate employees on cybersecurity best practices, phishing prevention, and safe internet usage to enhance the companys security posture. Work closely with IT staff to ensure secure configurations, patch management, and adherence to cybersecurity policies. Qualifications Hands-on working knowledge and experience is required in: Windows, Linux (Ubuntu, CentOS, Red Hat), macOS Firewalls (Palo Alto, Cisco ASA, Fortinet) SIEM Technologies (ArcSight, Splunk, QRadar, LogRythm, Sentinel, Exabeam, Insight IDR) TCP/IP, DNS, VPNs, Zero Trust Networking, WPA3 EDR/XDR/MDR (CrowdStrike, SentinelOne, Microsoft Defender ATP, Rapid7) Scripting (Python, PowerShell, Bash, SQL) Vulnerability Scanning (Nessus, Qualys) IDS/IPS/NSM (Snort, Suricata, Zeek, Security Onion) IAM Solutions (OAuth/SAML, Active Directory, AWS IAM) AWS Security Certification, Operating System: Linux, SIEM: Splunk, EDR/XDR/MDR: CrowdStrike or Defender or Sentinel One, Vulnerability Scan: Qualys, Network Security, Hands-on working knowledge and experience is preferred in: Penetration Testing Tools: Metasploit, Burp Suite, Nmap SDLC: SAST/DAST Experience Security Frameworks (NIST, ISO 27K1, CIS, SOC1/2) MITRE ATT&CK AWS Security Hub, Azure Security Center, Google Security Command Center Secrets Management (CyberArk Conjur, Hashicorp, AWS Secrets Mgr, Doppler) Encryption Tools: OpenSSL, BitLocker, VeraCrypt Certifications Preferred : Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) CompTIA Security+ Education and Years of Experience: At least 5 years of experience in cybersecurity, IT, or network administration

OT Cybersecurity Engineer for Digital Industries Customer Services, India About Siemens Accelerating transformation for industries For us, it all starts and ends with our customers. Maximizing value for them is what drives us! Combining the real world of automation with the digital world of information technology opens up completely new possibilities for our customers in all industries, empowering them to make better decisions and enable them to accelerate their transformation to become a Digital Enterprise. With our unique portfolio, we can make a decisive contribution to sustainable industrial innovation transforming the everyday and creating a better tomorrow for societies and people around the world. Cybersecurity for Industry We give Cybersecurity for Industry the highest priority in successful digitalization, so we place it at the center of our development of innovative products, solutions, and services. We rely on the multilayer Defense in Depth concept strengthened by Zero Trust principles. This ensures reliable and always up-to-date protection on all levels, thanks to three pillars plant security, network security, and system integrity including Industrial Cybersecurity Services. At Digital Industries we create and implement digital manufacturing concepts for our vertical customer based on the Digital Enterprise software suite, TIA, MindSphere, Industrial Edge and Industrial cybersecurity offerings from Digital Industries. Are you passionate about safeguarding critical infrastructure and ensuring the security of industrial control systems? Join our team as a Cybersecurity Engineer and play a pivotal role in protecting our ICS and SIS systems, networks, and information. About The Role Key Responsibilities: Security MeasuresEngineer, implement, and monitor robust security measures to protect ICS and SIS systems, related networks, and sensitive information. System Security RequirementsIdentify and define system security requirements to ensure comprehensive protection. Security ArchitectureDesign and develop detailed cybersecurity architectures and designs, adhering to industry-standard blueprints and best practices. Implementing Backup Solutions and ManagementImplement and manage system backup technologies like Acronis, Veritas, Veeam and other providers, overseeing installation and deployment. Threat Detection and Vulnerability monitoringImplement solution like Claroty or Nozomi at ICS for the customers. Installing remediation to risk score for the customer. Endpoint SecurityDeploy and manage endpoint security and application control solutions from providers like McAfee, as well as SIEM solutions such as McAfee, Splunk, and Q-radar etc. Network SecurityImplement and manage network-based firewalls (e.g., Siemens, Fortinet, Palo Alto, CISCO), network troubleshooting, and intrusion detection products. Network ManagementInstall and manage network management solutions like SiNEC NMS, SolarWinds, WhatsUp Gold etc. Firmware UpdatesConduct firmware updates for various automation control systems, switches, and firewalls. Domain Controller ConfigurationConfigure and deploy domain controller settings and policies to defined computer groups as per approved list for ICS. Host-Based SecurityImplement host-based security technologies, including antivirus, data leakage prevention, host IPS, whitelisting, and anomaly detection. Installation and TestingPerform installation, configuration, and testing activities at both factory and customer sites, with experience in Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT). DocumentationPrepare comprehensive system documentation, including functional design specifications, backup systems documentation, firewall configurations, network diagrams, system architectures, asset inventory, FAT and SAT procedures, and operation & maintenance manuals. Experience 5 to 6 years of experience in working for OT Security systems design, implementation and consulting with at least some experience in industrial automation systems design. Proven experience in cybersecurity, particularly in ICS. Strong understanding of cybersecurity principles and best practices. Proficiency in managing backup technologies, endpoint security, SIEM solutions, and network-based firewalls. Hands-on experience with network management solutions and firmware updates. Ability to configure domain controllers and implement host-based security technologies. Excellent documentation skills and experience with FAT and SAT procedures. Education o Bachelor"™s degree in engineering (Electrical Engineering, Computer Engineering, or related field). A degree in Cybersecurity is preferred. o Valid certification in OT security (e.g., CISSP, GICSP, OSCP) would be additional advantage. Business Travel You will be in the delivery and implementation team and hence should be willing to travel and experience various manufacturing sites across India

Role & responsibilities Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred. Lead and mentor the SOC team, fostering a culture of continuous improvement and collaboration. Oversee the day-to-day operations of the SOC, ensuring efficient incident detection, response, and recovery processes Collaborate with IT and business units to integrate cybersecurity measures into existing and new technology deployments Manage cybersecurity projects, including the selection and implementation of state-of-the-art security tools and technologies. Conduct regular security assessments, penetration testing, and proactive threat hunting to identify and mitigate potential security vulnerabilities. Relevant cybersecurity certifications such as CISSP, CISM, CEH, or GIAC. At least 5 years of experience in cybersecurity, with a minimum of 3 years in a leadership role within an SOC environment. Extensive knowledge of and experience with cybersecurity regulations and standards. Proficient in managing and configuring security technologies (e.g., SIEM, firewall, IDS/IPS, EDR, and vulnerability management tools). Demonstrated ability to lead and develop high-performing teams. Excellent problem-solving, communication, and presentation skills. Must be a flexible to work in US Shift

Greetings from Datamark !!! Postion : Information Security Analyst Experience : 3 to 5 Yrs in Experience Location: Ambattur Industrial Estate , Chennai Position Overview: The Information Security Analyst is responsible for the administration of the organizations information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelors degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals If you are interested please share your updated resume to jagadish.jayavel@datamark.net or contact us 9500681139

Job Title: Level 3 Security and Infrastructure Engineer Location: India Job Description: We are looking for an experienced Level 3 Security and Infrastructure Engineer with a strong focus on Security Operations to join our team. This role involves monitoring and managing security operations while also supporting critical infrastructure. The ideal candidate will be adept at analyzing SIEM logs, working with Darktrace, and implementing security action plans, alongside managing Windows, Linux, Office 365, and AWS Cloud Infrastructure. The role will focus approximately 60% on Security Operations and 40% on Infrastructure Management . Key Responsibilities: Security Operations (60%) Continuously monitor, analyze, and respond to security events using SIEM tools . Use Darktrace or similar AI-based security tools to identify anomalies and mitigate risks. Lead incident response efforts , including root cause analysis, containment, and remediation. Conduct regular security assessments, including log analysis, threat hunting, and vulnerability scans. Develop and maintain actionable incident response playbooks and ensure team readiness. Collaborate with internal teams to ensure security compliance with SOC-2 and HITRUST standards. Proactively recommend and implement security improvements to strengthen the overall organizational security posture. Infrastructure Management (40%) Manage and maintain Linux (LAMP), Windows Active Directory environments, including Group Policies, DNS, and security configurations. Administer Office 365 applications and services, ensuring secure configurations and uptime. Deploy, monitor, and optimize AWS Cloud Infrastructure , including EC2, S3, IAM, and security groups. Support infrastructure projects involving migrations, upgrades, and automation while aligning them with security best practices. Provide Level 3 escalation support for infrastructure-related issues and incidents. Required Skills & Qualifications: Bachelors degree in Computer Science, Information Technology, or relevant experience in related field. 2+ years of experience in security operations and infrastructure management. Experience with SIEM tools and interpreting security logs. Solid understanding of security frameworks and threat detection methodologies. Proficiency in managing Linux, Windows AD , Office 365 , and AWS cloud environments . Strong analytical and troubleshooting skills for both security and infrastructure challenges. Excellent communication skills with the ability to document and present findings clearly. Hands-on experience with Darktrace or similar AI-based security platforms is a bonus. Preferred Skills: Industry certifications such as CISSP , CEH , AWS Security Specialty , or Microsoft Certified: Security, Compliance, and Identity Fundamentals . Experience with scripting languages like Python, PowerShell, or Bash for automation and security tool integration. Familiarity with endpoint detection and response (EDR) tools. Understanding of DevSecOps practices and cloud-native security tools. What We Offer: A challenging and rewarding role focused on securing cutting-edge IT environments. Competitive salary and benefits package. Opportunities for growth and professional development in both security and infrastructure domains. If you are passionate about advancing your career in Security Operations while contributing to infrastructure management, we encourage you to apply! Join us in protecting and scaling secure IT environments for the future!

Cybersecurity Specialist Summary Apply Now vijayawada Full-Time 5+ Years Industry IT/Security Responsibilities Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. About The Role Develop and manage security measures for networks, systems, and applications. The role includes conducting regular security audits and responding to security incidents. Qualifications Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. Skills Expertise in network security, firewalls, and intrusion detection systems. Proficiency in SIEM tools like Splunk or QRadar. Strong knowledge of compliance standards (ISO, NIST). Experience with vulnerability assessment and penetration testing.