133 Soar Jobs - Page 6

Looking strong Incident response resource who will have knowledge on SOAR/SIEM tools(No need hands on experience on SOAR tools) as per JD is it multi skill requirements & to be considered only IR related points

Roles & Responsibilities: Experience in Splunk implementations and use case creation. Experience with Splunk ES, Splunk ITSI, Splunk UBA, Splunk SOAR Experience in any other SIEM along with Splunk is an advantage. Splunk Certification (Splunk Power User, Splunk Admin, Splunk Cloud Admin etc) Should be ready for travelling wherever projects demand

Roles & Responsibilities: Experience in Splunk implementations and use case creation. Experience with Splunk ES, Splunk ITSI, Splunk UBA, Splunk SOAR Experience in any other SIEM along with Splunk is an advantage. Splunk Certification (Splunk Power User, Splunk Admin, Splunk Cloud Admin etc) Should be ready for travelling wherever projects demand

Job description The Level 3 Security Operations Center (SOC) Resource is a highly skilled and experienced security professional who is responsible for the advanced detection, analysis, and response to security incidents. Roles and Responsibilities of SOC Analyst L3 Lead and mentor junior SOC analysts Conduct in-depth investigations into complex security incidents Identify and analyse emerging threats and vulnerabilities Develop and implement security incident response plans Drive end-to-end implementation of the SIEM and SOAR Solutions. Expertise in SOC team building. Qualifications and Skills for SOC analyst L3 Bachelor's(BE/B.Tech) degree in Computer Science, Information Security, or a related field 8+ years of experience in security operations or a related field. He shall be currently serving as Soc Analyst L3 and has minimum served on L3 position for atleast 2 years. Experience with security information and event management (SIEM) systems and SOAR Certifications for Soc Analyst L3 CISSP (Certified Information Systems Security Professional) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) Other relevant security certifications PS. Experience in L1, L2 and L3 mandatory. For more details feel free to call Jyoti Tiwari 9819589998

Roles and Responsibilities Conduct advanced threat analysis using various tools such as AV, EDR/XDR, HIPS/NIPS, Linux, NAC, Network Monitoring tools, Packet Analysis, PIM, IAM, UBEA, VAPT. Analyze security events and incidents to identify potential threats and vulnerabilities. Develop incident response plans and procedures for handling security breaches. Collaborate with other teams to resolve complex technical issues related to cybersecurity. Stay up-to-date with industry trends and best practices in IT security.

Requirement Splunk L3 / SME (B3) Expertise Splunk Enterprise / Cloud (Deployment, Administration & Development) Key responsibilities Deployment and configuration of Splunk platform (Enterprise) / Splunk Cloud Demonstrate Splunk Core capabilities to the prospective clients Optimizes Splunk platform architecture for large-scale and distributed deployments Adopt best practices and development standards, and deployment of the same Develops and customizes Splunk apps and dashboards and Builds advanced visualizations Key Skills Administering Production Systems, where Splunk platform is with multiple data sources as Metrics, Windows sources, HEC, ,etc. Migration / upgrade execution for Splunk platform Should perform in-depth diagnostic of incidents on any specific application and identify the root cause of problems Should document resolved issues in an effective manner for knowledge management, cross-train peers with tool usage and assist in creation of best-practices, work independently on multiple assignments, proactively prioritizing focus and effort Should have good hands on knowledge of Deployment , Administration and Development of the Splunk Enterprise platform Implements and maintains Splunk platform infrastructure and configuration Undertakes day-to-day operational and user support & Executes new projects as well as data and user onboarding Experience in integrating other tools like JIRA, ServiceNow, Jenkins, AWS etc. with Splunk using 3rd party app Proficient in writing SPL queries and experience in advanced level dashboarding, scheduled jobs, Data models, Lookups and other knowledge objects Experience in performance optimization of existing dashboards, reports and alerts Experience in MLTK, DB Connect Apps and experience in any one of the scripting tools (Python / Shell) Experience in at least one Premium App like ITSI, ES, Phantom, UBA, Splunk Observability Good to have Skills Experience in scripting, Ansible / Puppet for Run book Automation Fair understanding of AWS cloud and cloud services Splunk certified Professional

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information SOAR Developer JD- Client looking for a strong playbook developer resource for XSOAR/Splunk Phantom/Splunk SOAR who has SOC/CSIRT practical experience along with technical skills for developing playbooks. The resource would be helping to develop playbooks for our existing requirements and also work more directly with our analysts to leveraging their SOC/CSIRT experience to help come up with the best solution to solve the business need. This may require influencing process change on the SOC side to provide the best solution to meet their needs. Looking for well experienced (5+ yrs) XSOAR developer who understand SOC use cases and develop new playbook automations and work on enhancement requests. Palo XSOAR playbook development, Security Incident Response, SOC operations 2. Operation Manger- splunk JD- We are seeking an experienced Operations Manager to oversee and optimize our daily operations. The Operations Manager will be responsible for ensuring that our business processes run smoothly and efficiently, coordinating between various departments, managing resources, and driving continuous improvement initiatives. The ideal candidate will have strong leadership skills, a deep understanding of operational processes, and the ability to implement strategies that enhance productivity and profitability. Key Responsibilities: - Operations Management: - Oversee the day-to-day operations of the organization, ensuring that all processes are running efficiently and effectively. - Monitor key performance indicators (KPIs) to identify areas for improvement and implement strategies to enhance productivity. - Coordinate between departments (e.g., production, logistics, customer service) to ensure seamless operations and the timely delivery of products or services. - Resource Management: - Manage and allocate resources (e.g., personnel, equipment, budget) to optimize operational efficiency and meet organizational goals. - Develop and implement resource management plans to address current and future operational needs. 3. Splunk Content Developer L3 JD- C ontent Development: - Design and develop custom dashboards, reports, and alerts within Splunk to meet the needs of various business units, including IT operations, security, and business intelligence. - Create and optimize complex SPL queries to extract meaningful data and insights. - Develop and maintain data models, saved searches, and macros to streamline content creation and improve performance. - Requirement Gathering: - Work closely with stakeholders to understand their needs and translate business and technical requirements into effective Splunk content. - Collaborate with cross-functional teams to ensure the content aligns with organizational goals and objectives. 4. Splunk Analyst JD The Splunk Analyst will be responsible for the design, implementation, and maintenance of Splunk solutions. This role involves working with large datasets, creating dashboards, alerts, and reports to provide actionable insights, and supporting the organizations IT security, compliance, and operational monitoring needs. Key Responsibilities: - Data Onboarding & Management: - Collect, monitor, and analyze data from various sources by configuring and deploying Splunk forwarders and ingesting data into the Splunk platform. - Optimize Splunk data models and indexes for performance. - Ensure data integrity, proper parsing, and normalization of data. - Dashboard & Report Development: - Design, develop, and maintain Splunk dashboards, alerts, and reports to provide insights into system performance, security events, and operational metrics. - Collaborate with stakeholders to gather requirements and tailor reports/dashboards to meet business needs. - Monitoring & Alerting: - Implement and fine-tune Splunk alerts to proactively monitor for security incidents, performance issues, and anomalies. - Conduct regular system health checks to ensure the stability and performance of the Splunk environment. - Troubleshooting & Support: - Investigate and resolve issues with Splunk performance, data ingestion, and search/query errors. - Provide support to end-users, helping them to use Splunk effectively

About The Role : Position: SOC L1 Analyst (Cyber Threat Detection, Investigation and Response) Location: Bangalore (Sarjapur), Noida (GNDC), or Hyderabad (Manikonda Village) Shift: 24*7 Rotational Job Summary: The SOC L1 Analyst is a highly skilled cybersecurity professional responsible for identifying, investigating, and responding to complex security incidents and threats within the organization's IT environment. This role involves in analysis of security alerts, incident triage andworks closely with other members of the Security Operations Center (SOC) team, collaborating to enhance the organization's overall security posture. Responsibilities: Analyze and respond to complex security incidents, including advanced persistent threats, malware infections, suspicious or malicious activity and data breaches. Investigate and implement incident response plans and procedures to contain, mitigate, and eradicate security threats promptly. Working experience/ hands-on experience required on (security technologies we have) SIEM/ Next Gen SIEM, SOAR/Automation, XDR, EDR, Cloud Security (AWS, GCP, MS etc.), CSPM, CASB/MDCA/MCAS, NDR, ITDR, IDS/IPS, SPAM/Phishing Investigation, MS Exchange ATP, Service-Now, etc. Collaborate with cross-functional teams, including network engineers, system administrators, and application developers, to implement security best practices and remediate identified vulnerabilities. Conduct advanced threat-hunting activities to proactively identify security threats and vulnerabilities within the organization's network and systems. Awareness of NIST, MITRE & Attack framework, and its implementation in the operations. Document security incidents, including their timelines, findings, and remediation actions taken, in accordance with established procedures and regulatory requirements. Develop and maintain detailed documentation of incident response procedures, playbooks, and lessons learned. Stay up to date on the latest cybersecurity trends, threats, and vulnerabilities through continuous learning and professional development activities. Conduct quality reviews and internal audits for the governance of operations. Provide mentorship and guidance to junior analysts, assisting in their skill development and knowledge enhancement. Contribute to continuously improving SOC processes, technologies, and methodologies. Must be able to create dashboards, and reports based on the customer requirements on both- ServiceNow and SIEM platforms. #LI-AD3