27 Sysdig Jobs - Page 2

Security Operations Centre (SOC) - Lead Location: Pune(Aundh/Baner),India (On-site, In-House SOC)Department: Security Operations CenterExperience: 4–6 YearsWork Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview:We are looking for an experienced and technically strong SOC Lead / Senior Engineer who will own and manage the core administration, tuning, detection engineering, and incident response infrastructure within the Security Operations Center. This is a hands-on technical role for someone who thrives in a high-paced, cloud-first environment and has expertise in SIEM (QRadar), XDR (CrowdStrike), DLP (Netskope), Deception (Canary), TIP/SOAR, and AWS Security. Key Responsibilities:Monitor, investigate, and close security incidents using QRadar SIEM, with deep expertise in offense triage and management.Administer and fine-tune configurations across multiple security platforms including QRadar, CrowdStrike XDR, Netskope DLP, Canary, Sysdig/Falco, and G-Suite Security to ensure optimal performance.Architect and deploy new SIEM content such as correlation rules, filters, dashboards, active lists, reports, and trends based on threat intelligence and business needs.Lead use case design and development for new detections based on the evolving threat landscape and attack techniques (MITRE ATT&CK alignment).Own the log onboarding lifecycle, including parsing, normalization, and enrichment for diverse AWS services and third-party SaaS platforms.Manage SLAs for incident detection, escalation, and resolution; ensure robust reporting and analytics for SOC operations.Conduct advanced threat hunting, packet-level analysis, and proactive detection activities using telemetry and behavioral analytics.Integrate and manage SOAR and TIP tools to drive automation and enrichment in incident response workflows.Lead vulnerability assessments and penetration testing activities in collaboration with infrastructure and DevSecOps teams.Develop and test incident response plans (IRPs) and playbooks for high-impact scenarios like ransomware, insider threats, and data exfiltration.Stay abreast of the latest threats, vulnerabilities, and exploits; conduct periodic threat briefings and internal knowledge transfers.Maintain detailed documentation of configurations, security procedures, SOPs, incident reports, and audit logs.Mentor junior SOC analysts and provide technical guidance during critical incidents and escalations.Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management.Experience in Designing and deploying use cases for SIEM and other security devices.Continuously monitor security alerts and events to identify potential security incidents or threats. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary.Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.).Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation.Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats.Ensure all actions are compliant with internal policies, security standards, and regulatory requirements.Required Skills & Experience:Minimum 4 years of experience in SOC operations, including administrative expertise in SIEM platforms (preferably QRadar).Strong hands-on knowledge of SIEM tuning, content development, threat detection, and incident handling.Expertise in 3 or more of the following: SIEM (QRadar), XDR (CrowdStrike), SOAR/TIP Platforms, DLP (Netskope), Cloud Security (AWS), Deception Technology (Canary)Experience with network traffic analysis, packet capture tools, and deep dive investigations.Strong analytical, problem-solving, and decision-making skills.Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS Controls.Preferred Qualifications:Professional certifications such as GCIA, GCED, GCIH, CEH, CCSP, AWS Security Specialty, or QRadar Certified Specialist.Prior experience in managing an in-house 24x7 SOC or leading shift teams.What We Offer:Work on a modern cloud-native security stack in a dynamic FinTech environment.Opportunity to lead security engineering and detection strategy for critical financial platforms.Be part of a tight-knit, expert-level team with a strong learning and innovation culture.Competitive salary, performance-based incentives, and growth opportunities.

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life. What You’ll Be Doing… You will be part of the Network Planning group in GNT organization supporting development of deployment automation pipelines and other tooling for the Verizon Cloud Platform. You will be supporting a highly reliable infrastructure running critical network functions. You will be responsible for solving issues that are new and unique, which will provide the opportunity to innovate. You will have a high level of technical expertise and daily hands-on implementation working in a planning team designing and developing automation. This entitles programming and orchestrating the deployment of feature sets into the Kubernetes CaaS platform along with building containers via a fully automated CI/CD pipeline utilizing Ansible playbooks, Python and CI/CD tools and process like JIRA, GitLab, ArgoCD, or any other scripting technologies. Leveraging monitoring tools such as Redfish, Splunk, and Grafana to monitor system health, detect issues, and proactively resolve them. Design and configure alerts to ensure timely responses to critical events.Working with the development and Operations teams to design, implement, and optimize CI/CD pipelines using ArgoCD for efficient, automated deployment of applications and infrastructure.Implementing security best practices for cloud and containerized services and ensure adherence to security protocols. Configure IAM roles, VPC security, encryption, and compliance policies.Continuously optimize cloud infrastructure for performance, scalability, and cost-effectiveness. Use tools and third-party solutions to analyze usage patterns and recommend cost-saving strategies.Working closely with the engineering and operations teams to design and implement cloud-based solutions.Maintaining detailed documentation of cloud architecture and platform configurations and regularly provide status reports and performance metrics. What We’re Looking For... You’ll need to have: Bachelor’s degree or one or more year of work experience.Experience years in Kubernetes administrationHands-on experience with one or more of the following platforms: EKS, Red Hat OpenShift, GKE, AKS, OCIGitOps CI/CD workflows (ArgoCD, Flux) and Very Strong Expertise in the following: Ansible, Terraform, Helm, Jenkins, Gitlab VSC/Pipelines/Runners, ArtifactoryStrong proficiency with monitoring/observability tools such as New Relic, Prometheus/Grafana, logging solutions (Fluentd/Elastic/Splunk) to include creating/customizing metrics and/or logging dashboardsBackend development experience with languages to include Golang (preferred), Spring Boot, and PythonDevelopment Experience with the Operator SDK, HTTP/RESTful APIs, MicroservicesFamiliarity with Cloud cost optimization (e.g. Kubecost)Strong experience with infra components like Flux, cert-manager, Karpenter, Cluster Autoscaler, VPC CNI, Over-provisioning, CoreDNS, metrics-serverFamiliarity with Wireshark, tshark, dumpcap, etc., capturing network traces and performing packet analysisDemonstrated expertise with the K8S ecosystem (inspecting cluster resources, determining cluster health, identifying potential application issues, etc.)Strong Development of K8S tools/components which may include standalone utilities/plugins, cert-manager plugins, etc.Development and working experience with Service Mesh lifecycle management and configuring, troubleshooting applications deployed on Service Mesh and Service Mesh related issues Expertise in RBAC and Pod Security Standards, Quotas, LimitRanges, OPA & Gatekeeper PoliciesWorking experience with security tools such as Sysdig, Crowdstrike, Black Duck, etc.Demonstrated expertise with the K8S security ecosystem (SCC, network policies, RBAC, CVE remediation, CIS benchmarks/hardening, etc.)Networking of microservices, solid understanding of Kubernetes networking and troubleshootingCertified Kubernetes Administrator (CKA)Demonstrated very strong troubleshooting and problem-solving skillsExcellent verbal communication and written skills Even better if you have one or more of the following: Certified Kubernetes Application Developer (CKAD)Red Hat Certified OpenShift AdministratorFamiliarity with creating custom EnvoyFilters for Istio service mesh and integrating with existing web application portalsExperience with OWASP rules and mitigating security vulnerabilities using security tools like Fortify, Sonarqube, etc.Database experience (RDBMS, NoSQL, etc.) Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.