5 Soar Platforms Jobs

The Senior Manager of Bot Protection will lead a high-performing development team responsible for engineering and advancing core bot mitigation and Security Orchestration and Response (SOAR) platforms. You will drive the technical strategy for a cutting-edge orchestration engine, unifying threat signals from both internal and external tools to trigger automated, real-time responses. As a security expert, you will independently resolve complex security challenges and provide strategic direction on problem resolution across the security domain. You will define methods and procedures for new assignments, collaborating with cross-functional teams to drive security initiatives aligning with business needs. Leading complex, high-impact security projects, you will apply an in-depth understanding of business trends and security challenges to develop innovative solutions. With a keen awareness of the broader impact of decisions, your initiatives often lead to enterprise-wide improvements that enhance security practices and operational efficiency. You will lead a security engineering team, set clear priorities, define actionable plans, and ensure alignment with organizational goals. Guiding team members through complex challenges, you will foster their growth and development while maintaining a focus on high-impact results. Minimum qualifications include a minimum of 12 years of relevant work experience and a Bachelor's degree or equivalent experience, along with previous management experience. Join us and be part of a culture that values Inclusion, Innovation, Collaboration, and Wellness. Discover more about our culture and community at https://about.pypl.com/who-we-are/default.aspx. We are committed to diversity and inclusion. If you believe in your skills and potential, don't hesitate to apply.,

Summary The Director DDIT ISC CSOC Automation Engineering will be an integral part of the Novartis Cyber Security Operations Center (CSOC). The CSOC is an advanced global team passionate about actively defending against the most sophisticated cyber threats and attacks. The Director DDIT ISC CSOC Automation Engineering is a seasoned leader who will lead a team of skilled SOAR engineers and manage tools to support the proactive detection, investigation, and mitigation of emerging and persistent threats that impact Novartis networks, systems, users, and applications. This role will involve coordination and communication with technical and non-technical teams, including security leadership and business stakeholders. As an experienced and skilled manager, this role will also involve coaching and mentoring talented Security Engineers with diverse backgrounds. About The Role MAJOR ACCOUNTABILITIES In Addition To Accountabilities Listed Above In Job Purpose SOAR Manager Lead and manage a geographically distributed team of skilled SOAR Engineers, providing guidance and support while leveraging their diverse skill sets and personalities. Evaluate and review performance metrics and KPIs to ensure the SOAR team is meeting targets and delivering efficient and effective results. Take accountability for the team&aposs performance in various areas, including, but not limited to: Manage SOAR platforms Support audit requests and reports Engage with product teams to address technical challenges Manage stakeholders' commitments Act as the primary point of contact for first-level escalations, addressing any issues or concerns that arise and ensuring timely resolution. Develop and maintain comprehensive documentation to facilitate knowledge sharing and ensure consistently achieving quality outcomes. Drive a culture of continuous improvement and innovation within the team, identifying opportunities to optimize processes and enhance efficiency. Serve as a subject matter expert in SOAR processes and play an active role in guiding the team and providing expertise whenever needed. Workflow Orchestration and Process Automation Define, design, evaluate, and improve business processes and playbooks integrating automation and orchestration. Integrate a variety of technology devices, applications, and datasets to support workflow orchestration and process automations. Gather requirements, plan, design, implement, and test automations with SOAR platform and surrounding technologies. Develop custom integrations to support CSOC workflow automation and orchestration. Develop and maintain effective documentation; including automation playbooks, processes, and other supporting operational material. Case Management and Analytics Interface with engineering teams to design, test, and implement case management with workflow orchestration and automation. Define, design, evaluate, and enhance case management features including front end interface, backend data model, and technology integrations to support measurable, effective, and streamlined CSOC activities. Scripting and Development Design, develop, and test scripts and other solutions to support CSOC mission and activities. Research and test new technologies and platforms; develop recommendations and improvement plans. Cooperating with stakeholders Management Periodically report to management the current status of sources and use cases in the system. Operational stakeholders (CSOC analysts, Cyber Center) Maintain a good understanding of stakeholders needs in regard to activities and requirements. Essential Requirements University working and thinking level, degree in business/technical/scientific area or comparable education/experience. Desirable Requirements: Professional information security certification, such as CISSP, CISM or ISO 27001 auditor / practitioner is preferred. Professional (information system) risk or audit certification such as CIA, CISA or CRISC is preferred. Preferably one or more XSOAR, Phantom trainings/certifications. Experience 6+ Years work experience. 4+ Years Python scripting or other similar coding experience. Experience with Python and Splunk. Experience planning, designing, developing, and testing automation solutions with SOAR platforms (Cortex, Phantom, FortiSOAR, etc). Experience developing solutions with SIEM tools (Splunk, QRadar, Sentinel, etc.). Experienced IT administration with broad and in-depth technical, analytical and conceptual skills. Experience in reporting to and communicating with senior level management (with and without IT background, with and without in depth risk management background) on incident response topics. Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related and incident response concepts to technical as well as nontechnical audiences. Excellent understanding and knowledge of general IT infrastructure technology and systems. Proven experience to initiate and manage projects that will affect CSOC services and technologies. Skills/Job Related Knowledge Understanding of SOAR architecture components, including technology integrations, common automation scenarios and solutions. Understanding of configuration files and relationship between GUI configuration and backend configuration file impact. Experience with software development lifecycle and user acceptance testing. An understanding of error messages and logs displayed by various software. Ability to troubleshoot, diagnose and solve issues independently. Self-learner, ability to document learning as experience is gained. Understanding of network protocols and topologies. Strong technical troubleshooting and analytical skills. Experience with platform and application automated deployment and version control software e.g. (Ansible, Git, Bitbucket). A knowledge of the MITRE ATT&CK framework is a beneficial. Ability to prioritise workload. Excellent written and spoken English. Calm and logical approach. NETWORKS High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity. Ability to handle competing priorities, and seeking consensus when stakeholders have different or even contradicting opinions. CORE COMPETENCIES Leadership Establishes clear direction and sets stretch objectives. Aligns and energizes Associates behind common objectives. Champions the Novartis Values and Behaviors. Rewards/encourages the right behaviors and corrects others. Establishes clear directives and objectives. Communicates positive expectations for others on the team. Integrates and applies learning to achieve business goals. Customer/Quality Focus Assigns highest priority to customer satisfaction. Listens to customer and creates solutions for unmet customer needs. Established effective relationships with customers and gains their trust and respect. Defines quality standards to ensure customer satisfaction. Creates and supports world-class quality standards to ensure customer satisfaction. Fast, Action-Oriented Is action-oriented and full of energy to face challenging situations. Is decisive, seizes opportunities and ensures fast implementation. Strives for simplicity and clarity. Avoids &aposbureaucracy&apos. Alerts others to potential risks and opportunities. Keeps organizational processes simple and efficient. Takes acceptable/calculated risks by adopting new or unknown directions. Results Driven Can be relied upon to succeed targets successfully. Does better than the competition. Pushes self and others for results. Anticipates potential barriers to achievement of shared goals. Pushes self and others to see new ways of achieving results (e.g., better business model). Uses feasibility and ROI analyses to ensure results. Keeps pace with new developments in the industry. Why Novartis: Helping people with disease and their families takes more than innovative science. It takes a community of smart, passionate people like you. Collaborating, supporting and inspiring each other. Combining to achieve breakthroughs that change patients lives. Ready to create a brighter future together https://www.novartis.com/about/strategy/people-and-culture Join our Novartis Network: Not the right Novartis role for you Sign up to our talent community to stay connected and learn about suitable career opportunities as soon as they come up: https://talentnetwork.novartis.com/network Benefits and Rewards: Read our handbook to learn about all the ways well help you thrive personally and professionally: https://www.novartis.com/careers/benefits-rewards Show more Show less

#PrimarySkills #CloudSecurity #AWS #IAM #DLP #SecurityConsultant #DataEncryption #Logging #SecretsManagement #SecurityPosture #RiskAssessment #ComplianceFrameworks #SIEM #SOAR #IncidentResponse #AutomatedSecurity #AIinSecurity #RemoteJobsIndia #JobDescription We are seeking an experienced Security Consultant with 710 years of deep technical expertise across AWS security practices, posture assessment, incident response, and automation in security environments. The ideal candidate will play a key role in advising on cloud security design, conducting risk assessments, and strengthening compliance and data protection mechanisms in cloud-native environments. #KeyResponsibilities Lead cloud security strategy and implementation for AWS-based applications Conduct Security Posture Assessments, identify gaps, and define risk prioritization plans Implement and manage AWS security controls: IAM (Identity & Access Management) Network Security & Logging Data Encryption & Secrets Management Ensure adherence to compliance frameworks (ISO 27001, NIST, CIS, etc.) Implement Data Loss Prevention (DLP), Data Masking/Obfuscation solutions Drive SIEM/SOAR integration for intelligent threat detection and response Develop and maintain Incident Response plans and coordinate response activities Conduct automated security scanning and integrate into DevSecOps pipelines Provide consultation and innovation around Agentic AI applications in security #Qualifications 7+ years of hands-on experience in cloud security, with a focus on AWS Deep knowledge of IAM, encryption, secrets management, and compliance frameworks Experience with SIEM/SOAR platforms, automated scanning tools, and AI-driven security solutions Strong documentation, communication, and stakeholder collaboration skills Ability to work independently in a remote team structure Location: Delhi NCR,Bangalore,Chennai,Pune,Kolkata,Ahmedabad,Mumbai,Hyderabad

1. SIEM Administration and Engineering Oversee the installation, configuration, and maintenance of IBM Qradar. Develop and implement SIEM architecture and engineering strategies. 2. Rule & Use Case Development Design, implement, and optimize custom rules, searches and dashboards. Develop and maintain advanced use cases for threat detection and incident response 3 . Incident Response and Forensics Lead the investigation of complex security incidents escalated by L1 & L2 analyst. Perform deep-dive analysis of security events and conduct forensic investigations 4. Performance and Optimization Monitor and manage the performance QRadar environment. Conduct regular health checks and audits to ensure optimal SIEM Performance. 5. Collaboration and Mentoring Work closely with SOC analysts, IT, and security teams to enhance detection capabilities. Providing training and mentorship to L1 & L2 analysts on QRadar functionalities and best practices. 6. Documentation and Reporting Develop and maintain comprehensive documentation for SIEM configurations, procedures, and incident responses. Generate detailed reports and metrics on SIEM performance and security incidents. 7. Continuous Improvement Stay updated with the latest security trends, vulnerabilities, and technologies. Contribute to the development of security policies, standards, and guidelines. Preferred Mumbai/Pune based candidates ONLY.

We are looking for a skilled SOAR (Security Orchestration, Automation, and Response) Automation Professional to help automate and improve security operations. You will build workflows and playbooks that respond to security threats quickly and effectively. This role is perfect for someone with a strong background in cybersecurity, scripting, and security tools integration. Key Responsibilities: Design, build, and maintain SOAR playbooks and workflows to automate incident response processes. Work closely with SOC analysts and security teams to understand their needs and automate repetitive tasks. Integrate various security tools (SIEM, firewalls, antivirus, threat intel platforms, etc.) with the SOAR platform. Troubleshoot and improve existing automation scripts and integrations. Monitor automation performance and suggest improvements for speed and accuracy. Document workflows, technical steps, and troubleshooting guides. Stay up to date with new security threats and technologies that can be automated. Required Skills: Hands-on experience with SOAR platforms (e.g., Splunk Phantom, Palo Alto Cortex XSOAR, IBM Resilient, Swimlane). Strong skills in Python, JavaScript, or other scripting languages. Good understanding of security operations, incident response, and threat detection. Experience in integrating security tools/APIs with SOAR platforms. Knowledge of c like MITRE ATT&CK, NIST, etc.