59 Sysdig Jobs - Page 3

We're Hiring: CNAPP Implementation Engineer Location: Gurugram Experience Required: 3–5 Years Hiring Partner: Nurture HRM About the Role: Join a fast-growing cybersecurity leader, where innovation meets protection. As a CNAPP Implementation Engineer, you'll play a key role in implementing and optimizing CNAPP solutions like Prisma Cloud, Orca, Sysdig, and more. If you're passionate about securing cloud infrastructures and thrive in client-facing, technical environments, this role is for you. Key Responsibilities: Pre-Sales Support: Partner with sales teams to provide technical expertise during client discussions and solution evaluations. Solution Implementation: Lead onboarding and deployment of CNAPP platforms across hybrid and multi-cloud environments. Client Consultation: Understand client needs within AWS and Azure ecosystems and recommend tailored security solutions. Proof of Concept (PoC): Drive PoC setup and execution, aligning configurations with client security policies. Architecture Design: Collaborate with client technical teams to integrate CNAPP tools within their existing infrastructure. Market & Product Insight: Stay updated on cloud security trends and CNAPP features to provide strategic guidance. Must-Have Skills: 3–5 years of experience in cloud security across AWS, GCP, and Azure. Expertise in platforms like Prisma Cloud, Orca, Sysdig, etc. Strong grasp of cloud compliance frameworks and security architectures. Working knowledge of tools such as CloudTrail, GuardDuty, and Kubernetes. Effective communication and demo presentation skills. Preferred Skills: Background in pre-sales or technical sales within cloud security. Hands-on experience with Kubernetes and container security. Experience working directly with CNAPP solutions. Share your CV with us @ Recruitment@nurturehrm.com Show more Show less

Job Description It’s an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one of Inc. magazine’s Best Workplaces for 2020, Infoblox is the leader in cloud-first networking and security services. Our solutions empower organizations to take full advantage of the cloud to deliver network experiences that are inherently simple, scalable, and reliable for everyone. Infoblox customers are among the largest enterprises in the world and include 70% of the Fortune 500, and our success depends on bright, energetic, talented people who share a passion for building the next generation of networking technologies—and having fun along the way. We are looking for an Associate Manager, Enterprise Supportto join our Support team in Trivandrum, reporting to the Manager of Enterprise Technical Support. In this role, you will lead a team of enterprise support engineers that are responsible for the 24/7 support and monitoring of our rapidly growing cloud platform, drive major incidents, work with cross-functional teams until resolution, and drive root cause analysis efforts. You’re the ideal candidate if you are a strategic thinker who has hands-on experience in all functional areas, is driven to collaborate across teams, operates independently, and is driven by meeting deadlines and achieving results. What you’ll do: Exceptional collaboration, social, and interpersonal skills Manage a group of support engineers and are responsible for their performance reviews and engagements. Manage and engage in escalations with engineering and customers. Manage communications and troubleshooting efforts for critical/global product incidents. Co-ordinate cross-functional meetings with Engineering/PM/Sales. Review QA test case scenarios and provide inputs. Define and outline technical trends Work with cross-functional departments on customer announcements Daily and Weekly Support/Engineering ticket review Review and prioritize supportability requirements. Work with SMEs and trainers to identify knowledge gaps and fixes(training/documentation/feedback) for those. Ability to identify opportunities for improvement and drive those plans to completion What you’ll bring: 3-5 years in hands-on team lead or management experience. Experience managing a monitoring environment, preferably for a SaaS based product. Basic understanding of Cloud-native architecture, Kubernetes, CI/CD tools Basic understanding of Cloud monitoring and hands-on experience with monitoring tools like NewRelic, Sysdig, and Thousand eyes Experience in systems administration or technical operations Hands-on experience maintaining and troubleshooting Linux/UNIX servers in a production environment Exceptional collaboration, social, and interpersonal skills Ability to remain calm and collected in stressful situations, such as a major service outage Ability to take quick decisions during major Incidents and communicate with quality. Ability to look at things in a detailed manner. Ability to identify opportunities for improvement and drive those plans to completion Comfort working in a dynamic environment with a highly technical team Demonstrated attention to detail, follow-through, and ability to prioritize quickly What success looks like: After the first six months, you will… Understand the current Infoblox SaaS infrastructure (cloud-native) Be aware of the monitoring tools and the significance of each monitor Follow the incident management process Start leading incidents based on what you’ve learned and the processes that are in place After About a Year, You Will… Be a role model on the team and help to develop the talent Identify trends in terms of product and operations and implement plans to improve We’ve got you covered: Our holistic benefits package includes coverage of your health, wealth, and wellness—as well as a great work environment, employee programs, and company culture. We offer a competitive salary and benefits package, including a 401k with company match and generous paid time off to help you balance your life. We have a strong culture and live our values every day—we believe in transparency, curiosity, respect, and above all, having fun while delighting our customers. Why Infoblox? We’ve created a culture that embraces diversity, equity, and inclusion and rewards innovation, curiosity, and creativity. We achieve remarkable results by working together in a supportive environment that focuses on continuous learning and embraces change. So, whether you’re a software engineer, marketing manager, customer care pro, or product specialist, you belong here, where you will have the opportunity to grow and develop your career. Check out what it’s like to be a Bloxer . We think you’ll be excited to join our team. Show more Show less

SOC Analyst Location: Pune(Aundh/Baner),India (On-site, In-House SOC) Department: Security Operations Center Experience: 1–3 Years Work Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview: As a SOC Analyst, you will be part of our in-house 24x7 Security Operations Centre based in Pune. You will be responsible for monitoring, analyzing, and responding to security incidents and alerts using cutting-edge security technologies and platforms. This role is a great opportunity to grow in a fast-paced FinTech environment leveraging tools like QRadar SIEM, CrowdStrike XDR, Netskope DLP, AWS Cloud Security, Sysdig, Falco, Canary Tokens, and G-Suite Security and other security solutions. Key Responsibilities: Continuously monitor security alerts and events using QRadar SIEM , CrowdStrike , Falco , and other integrated tools. Perform initial triage and analysis to assess the nature and severity of potential security incidents. Escalate incidents in line with established procedures and severity levels. Create, update, and manage incident tickets throughout their lifecycle using ticketing systems. Analyze logs and security data from various sources, including AWS Cloud , G-Suite , and endpoint solutions. Assist in proactive threat hunting and detection of malicious activity across systems and applications. Technical experience working in a SOC and cybersecurity incident response. Generate daily, weekly, and ad-hoc reports detailing SOC operations and incident statistics. Support 24x7 operations by participating in rotational shifts, including nights and weekends. Understanding of AWS Services for security detection and mitigation. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary. Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.). Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management. Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats. Ensure all actions are compliant with internal policies, security standards, and regulatory requirements. Required Skills & Experience: 1–3 years of hands-on experience in SOC operations or cyber security monitoring. Exposure to SIEM tools, preferably IBM QRadar . Experience with Endpoint Detection & Response (EDR) solutions such as CrowdStrike . Familiarity with DLP (preferably Netskope) and cloud-native security tools. Working knowledge of Linux/Unix command line and scripting basics. Understanding of AWS Cloud Security concepts . Knowledge of TCP/IP, DNS, HTTP, and other networking protocols. Familiarity with common attack vectors and threat landscape (MITRE ATT&CK framework is a plus). Good to Have: Experience with Falco , Sysdig , or other container security tools. Exposure to Canary tokens or deception technologies. Basic certifications such as CompTIA Security+, CEH, AWS Security Specialty, or CrowdStrike CCFA . What We Offer: Opportunity to work with modern cloud-native security stack. Learn and grow in an innovative FinTech environment. Mentorship and training on advanced threat detection and response practices. Strong team culture focused on collaboration and technical excellence. Competitive salary and shift allowances. Show more Show less

When you join Verizon You want more out of a career. A place to share your ideas freely even if theyre daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life. What Youll Be Doing... You will be part of a World Class Container Platform team that builds and operates highly scalable Kubernetes based container platforms (EKS, OCP, OKE and GKE) at a large scale for Global Technology Solutions at Verizon, a top 20 Fortune 500 company. This individual will have a high level of technical expertise and daily hands-on implementation working in a product team developing services in two week sprints using agile principles. This entitles programming and orchestrating the deployment of feature sets into the Kubernetes CaaS platform along with building Docker containers via a fully automated CI/CD pipeline utilizing AWS, Jenkins Ansible playbooks, AWS, CI/CD tools and process (Jenkins, JIRA, GitLab, ArgoCD), Python, Shell Scripts or any other scripting technologies. You will have autonomous control over day-to-day activities allocated to the team as part of agile development of new services: Automation and testing of different platform deployments, maintenance and decommissioning Full Stack Development Participate in POC (Proof of Concept) technical evaluations for new technologies for use in the cloud What were looking for... Youll Need To Have Bachelor's degree or four or more years of work experience. Three or more years of relevant Kubernetes-centric development experience. Address Jira tickets opened by platform customers. Hands-on experience with one or more of the following platforms: EKS, Red Hat OpenShift, GKE, AKS, OCI. RBAC and Pod Security Standards, Quotas, LimitRanges, OPA & Gatekeeper Policies. Expertise in one or more of the following: Ansible, Terraform, Helm, Jenkins, GitLab VSC/Pipelines/Runners, Artifactory. Proficiency with monitoring/observability tools such as New Relic, Prometheus/Grafana, logging solutions (Fluentd/Elastic/Fluentbit/OTEL/ADOT/Splunk) to include creating/customizing metrics and/or logging dashboards. Infra components like Flux, cert-manager, Karpenter, Cluster Autoscaler, VPC CNI, Over-provisioning, CoreDNS, metrics-server. Familiarity with Wireshark, tshark, dumpcap, etc., capturing network traces and performing packet analysis. Working experience with Service Mesh lifecycle management and configuring, troubleshooting applications deployed on Service Mesh and Service Mesh related issues. Demonstrated expertise with the K8S ecosystem (inspecting cluster resources, determining cluster health, identifying potential application issues, etc.) Experience creating self-healing automation scripts/pipelines. Bash scripting experience to include automation scripting (netshoot, RBAC lookup, etc.). Demonstrated strong troubleshooting and problem-solving skills. Demonstrated expertise with the K8S security ecosystem (SCC, network policies, RBAC, CVE remediation, CIS benchmarks/hardening, etc.). Strong troubleshooting and problem-solving skills. Certified Kubernetes Administrator (CKA). Excellent cross collaboration and communication skills. Even better if you have one or more of the following: GitOps CI/CD workflows (ArgoCD, Flux) and working in Agile Ceremonies Model. Working experience with security tools such as Sysdig, Crowdstrike, Black Duck, Xray, etc. Networking of microservices - Solid understanding of Kubernetes networking and troubleshooting. Experience with monitoring tools like NewRelic working experience with Kiali, Jaeger lifecycle management and assisting app teams on how they could leverage these tools for their observability needs. K8s SRE Tools for Troubleshooting. Certified Kubernetes Administrator (CKA). Certified Kubernetes Application Developer (CKAD). Red Hat Certified OpenShift Administrator. If Verizon and this role sound like a fit for you, we encourage you to apply even if you dont meet every even better qualification listed above. Where youll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Diversity and Inclusion Were proud to be an equal opportunity employer. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more. Locations Chennai, India Hyderabad, India Show more Show less

Location – Bangalore Band – B2 Exp – 4 to 8 Yrs CTC 15 to 16 LPA Immediate Joiners Job Title: Cloud DevOps Automation Engineer with Ansible, Linux admin, power shell scripting or python scripting Primary Skill - DevOps , Python Automation, Bash/Powershell, Ansible (Advanced), Chef We are looking for DevOps Automation Engineers with back-end web application and systems-level experience to join our Fabric Development Automation team. Our passion for innovation and winning in the cloud marketplace is infectious, and we hope you will feel it with us. The Fabric Development team is dedicated to ensuring that the IBM Cloud is at the forefront of cloud technology, from API design to application architecture to flexible infrastructure services. We are running IBM's current generation cloud platform to deliver performance and predictability for our customers' most demanding workloads, at global scale and with leadership efficiency, resiliency and security. It is an exciting time, and as a team we are driven by this incredible opportunity to thrill our clients. The Development Automation Team sits at the center of our larger development effort. Team members work in areas that are used by the larger development organization and are required to work with developers and stakeholders in other teams to help solve problems. Roles & Responsibilities: Implement and automate infrastructure solutions that support IBM Cloud products and infrastructure Build & Set up test automation and pipeline frameworks Administer automated CI/CD systems and tools for development and test teams Support the compliance and security integrity of the environment Partner with other teams, managers and program managers to develop alerting and monitoring for mission-critical services Support development of new and enhance existing capabilities for our compute infrastructure services Provide technical escalation support for other Infrastructure Operations teams Required technical & professional expertise: 8+ years of infrastructure engineer with proven record for delivering high-quality, large-scale solutions 8+ years of working knowledge with one or more operating systems: RHEL, CentOS Linux, and Windows Servers Working knowledge with one or more Virtualization technologies: Citrix Hypervisor, VMware vSphere, Ubuntu KVM, etc. Working knowledge with one or more programming tools: Bash, PowerShell, Python, Ruby and Go. Working knowledge with one or more key infrastructure tools/products: Active Directory, Ansible, Chef, etc. Working knowledge with Container technologies: Kubernetes, Docker, etc. Working knowledge with Monitoring technologies: Zabbix, Splunk, etc. Working knowledge with Network and Storage technologies Working knowledge with ServiceNow, JIRA, Confluent, and GitHub Desired Additional Qualifications and Skills ("Nice to Have") Experience with Message Queues, PostgreSQL/MySQL Databases, and NoSQL Databases Experience with technologies enabling reliable data processing pipelines such as Kafka, Elasticsearch, Splunk; database and data visualization technologies for operations such as SQL dbs, Influxdb, Grafana, Kibana. Experience with event monitoring/management ecosystems like Zabbix, Nagios, Sysdig, LogDNA, ServiceNow. Skills: cloud devops , Ansible , linux , powershell , Python Scripting

Introduction IBM Cognos Analytics is a comprehensive business intelligence platform that transforms raw data into actionable insights through advanced reporting, AI-powered analytics, and interactive visualizations. Designed to cater to organizations of all sizes, it offers high-quality, scalable reporting capabilities, enabling users to create and share customized reports efficiently. The platform's intuitive interface allows for seamless exploration of data, uncovering hidden trends and facilitating informed decision-making without the need for advanced technical skills. With robust governance and security features, IBM Cognos Analytics ensures data integrity and confidentiality, making it a trusted solution for businesses aiming to harness the full potential of their data. Your Role And Responsibilities Design, implement, and manage cloud infrastructure and CI/CD pipelines. Collaborate with software development and IT teams to improve and automate processes for software deployment and infrastructure management. Develop, optimize, and maintain Kubernetes clusters for containerized applications. Manage Docker containers and orchestration, ensuring efficient workflows and minimizing downtime. Write and maintain efficient Shell scripts and automation tools to streamline operations. Develop and maintain automation scripts in Python and JavaScript for system integration, deployment, and monitoring. Troubleshoot, debug, and resolve system issues related to networking, infrastructure, and application environments. Maintain and optimize Red Hat/UBI Linux environments, ensuring secure, reliable, and scalable systems. Collaborate with network engineers to implement and optimize networking solutions in a cloud-native environment. Stay up to date with emerging DevOps tools, technologies, and best practices to continually improve systems and processes. Preferred Education Master's Degree Required Technical And Professional Expertise Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent experience). 9+ years of experience in DevOps or related field with hands-on experience Source and project control (GitHub Enterprise, Jira) - hands-on Automation with Jenkins, Go, Python, Java script, Ansible, Shell scripting Monitoring and logging tools (sysdig, logdna) Continuous Integration platforms (ArgoCD, Jenkins, Terraform) Kubernetes CKA certificate Experience with one or more: IKS IBM kubernetes service , GKE - Google kubernetes engine, EKS - Amazon Elastic Service, AKS - Azure Kubernetes Service OpenShift Docker Linux - primarily RedHat Load balancing, geo routing, and proxying Networking – Firewalls and Load Balancing (Vyatta, StrongSwan) NoSQL databases, key-stores and other data-structure solutions (MongoDB, Redis) Relational DB’s (DB2, Oracle) Virtual application and web servers (Apache, NGINX, WebSphere, IIS) Fluency in English - both verbal and written Preferred Technical And Professional Experience Deployment tools and processes, CI/CD Pipeline, ArgoCD Hands-on experience with microservices, Docker, Kubernetes, or other cloud technologies In-depth understanding of the entire web development process, including strong expertise building REST APIs Show more Show less

In the cloud, every second counts. On the leading edge of security, Sysdig stops attacks in real-time by instantly detecting changes in cloud security risk with runtime insights and open source Falco. Trusted by a large enterprise customer base, we are a well-funded startup, passionate open source enthusiasts at heart, and problem-solvers who are building and delivering powerful solutions to secure cloud-native applications. We have an organizational focus on delivering value to customers. We appreciate diverse opinions and open dialogue to spur ideas. We believe in working together to achieve our goals, and we pride ourselves on a flexible work culture. We're an international company that understands how to cultivate an inclusive environment across remote teams. And we're a great place to work too - we've been named a "Best Places to Work" by Inc, the San Francisco Business Time, and Built In, with recognitions ranging from "Best Benefits" to a "Best Company for Happiness". We are looking for driven team members who want to join us on our mission to lead cloud security globally. Does this sound like the right place for you? What you will do Reporting to our Regional Sales Director you will implement sales plans for your assigned territory by forecasting and exceeding quota Through a combination of inbound and outbound leads, you will manage a high-velocity, SaaS funnel You will manage and track opportunities through CRM and other supporting tools You will collaborate on and improve the sales cycle, including product, support, and sales engineering You will work with and promote Partner ecosystem Convey Sysdig key value drivers and differentiators to prospects and customers Understand the competitive market, being familiar with competing companies and their offerings What you will bring with you 7+ years of IT Enterprise Sales experience, with a strong focus on security-related deals — including SaaS security, cloud security, Kubernetes/containers, open source, and APM Track record overachieving sales targets Ability to learn new products and processes quickly Experience with Salesforce and Clari Competitive/Driven Excellent communication skills verbal and written, team player Must be willing to travel to clients to support sales relationships (if required) Entrepreneurial – Willing to go the extra mile, strong work ethic, resourceful, "get it done" attitude Ability to work with multiple sources of pipelines, including LDR, SDR, ISR and Channels Ability to cross collaborate with Marketing, Customer Success and other business units as needed Ability to bring a C level network to the table and have C level conversations (CISO) What we look for SaaS sales experience Track records of hunting new business opportunities in greenfield territories MEDDPICC experience and Challenger sales experience When you join Sysdig, you can expect: Extra days off to prioritize your well-being Mental health support for you and your family through the Modern Health app Great compensation package We would love for you to join us! Please reach out even if your experience doesn't perfectly match the job description. We can always explore other options after starting the conversation. Your background and passion will set you apart, especially if your career path is different. Some of our Hiring Managers are globally distributed, an English version of your CV will be appreciated. Sysdig values a diverse workplace and encourages women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. Sysdig is an equal-opportunity employer. Sysdig does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, or any other legally protected status. #LI- MC #LI-Hybrid

In the cloud, every second counts. On the leading edge of security, Sysdig stops attacks in real-time by instantly detecting changes in cloud security risk with runtime insights and open source Falco. Trusted by a large enterprise customer base, we are a well-funded startup, passionate open source enthusiasts at heart, and problem-solvers who are building and delivering powerful solutions to secure cloud-native applications. We have an organizational focus on delivering value to customers. We appreciate diverse opinions and open dialogue to spur ideas. We believe in working together to achieve our goals, and we pride ourselves on a flexible work culture. We're an international company that understands how to cultivate an inclusive environment across remote teams. And we're a great place to work too - we've been named a "Best Places to Work" by Inc, the San Francisco Business Time, and Built In, with recognitions ranging from "Best Benefits" to a "Best Company for Happiness". We are looking for driven team members who want to join us on our mission to lead cloud security globally. Does this sound like the right place for you? What you will do Reporting to our Regional Sales Director you will implement sales plans for your assigned territory by forecasting and exceeding quota Through a combination of inbound and outbound leads, you will manage a high-velocity, SaaS funnel You will manage and track opportunities through CRM and other supporting tools You will collaborate on and improve the sales cycle, including product, support, and sales engineering You will work with and promote Partner ecosystem Convey Sysdig key value drivers and differentiators to prospects and customers Understand the competitive market, being familiar with competing companies and their offerings What you will bring with you 7+ years of IT Enterprise Sales experience, with a strong focus on security-related deals — including SaaS security, cloud security, Kubernetes/containers, open source, and APM Track record overachieving sales targets Ability to learn new products and processes quickly Experience with Salesforce and Clari Competitive/Driven Excellent communication skills verbal and written, team player Must be willing to travel to clients to support sales relationships (if required) Entrepreneurial – Willing to go the extra mile, strong work ethic, resourceful, "get it done" attitude Ability to work with multiple sources of pipelines, including LDR, SDR, ISR and Channels Ability to cross collaborate with Marketing, Customer Success and other business units as needed Ability to bring a C level network to the table and have C level conversations (CISO) What we look for SaaS sales experience Track records of hunting new business opportunities in greenfield territories MEDDPICC experience and Challenger sales experience When you join Sysdig, you can expect: Extra days off to prioritize your well-being Mental health support for you and your family through the Modern Health app Great compensation package We would love for you to join us! Please reach out even if your experience doesn't perfectly match the job description. We can always explore other options after starting the conversation. Your background and passion will set you apart, especially if your career path is different. Some of our Hiring Managers are globally distributed, an English version of your CV will be appreciated. Sysdig values a diverse workplace and encourages women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. Sysdig is an equal-opportunity employer. Sysdig does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, or any other legally protected status. #LI- MC #LI-Hybrid

Security Operations Centre (SOC) - Lead Location: Pune(Aundh/Baner),India (On-site, In-House SOC)Department: Security Operations CenterExperience: 4–6 YearsWork Type: Full-time| Hybrid Model | 24x7 Rotational Shifts Role Overview:We are looking for an experienced and technically strong SOC Lead / Senior Engineer who will own and manage the core administration, tuning, detection engineering, and incident response infrastructure within the Security Operations Center. This is a hands-on technical role for someone who thrives in a high-paced, cloud-first environment and has expertise in SIEM (QRadar), XDR (CrowdStrike), DLP (Netskope), Deception (Canary), TIP/SOAR, and AWS Security. Key Responsibilities:Monitor, investigate, and close security incidents using QRadar SIEM, with deep expertise in offense triage and management.Administer and fine-tune configurations across multiple security platforms including QRadar, CrowdStrike XDR, Netskope DLP, Canary, Sysdig/Falco, and G-Suite Security to ensure optimal performance.Architect and deploy new SIEM content such as correlation rules, filters, dashboards, active lists, reports, and trends based on threat intelligence and business needs.Lead use case design and development for new detections based on the evolving threat landscape and attack techniques (MITRE ATT&CK alignment).Own the log onboarding lifecycle, including parsing, normalization, and enrichment for diverse AWS services and third-party SaaS platforms.Manage SLAs for incident detection, escalation, and resolution; ensure robust reporting and analytics for SOC operations.Conduct advanced threat hunting, packet-level analysis, and proactive detection activities using telemetry and behavioral analytics.Integrate and manage SOAR and TIP tools to drive automation and enrichment in incident response workflows.Lead vulnerability assessments and penetration testing activities in collaboration with infrastructure and DevSecOps teams.Develop and test incident response plans (IRPs) and playbooks for high-impact scenarios like ransomware, insider threats, and data exfiltration.Stay abreast of the latest threats, vulnerabilities, and exploits; conduct periodic threat briefings and internal knowledge transfers.Maintain detailed documentation of configurations, security procedures, SOPs, incident reports, and audit logs.Mentor junior SOC analysts and provide technical guidance during critical incidents and escalations.Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Management.Experience in Designing and deploying use cases for SIEM and other security devices.Continuously monitor security alerts and events to identify potential security incidents or threats. Follow standard operating procedures (SOPs), incident response runbooks, and recommend improvements where necessary.Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC SMTP/IMAP, FTP, HTTP, etc.).Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and security remediation.Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats.Ensure all actions are compliant with internal policies, security standards, and regulatory requirements.Required Skills & Experience:Minimum 4 years of experience in SOC operations, including administrative expertise in SIEM platforms (preferably QRadar).Strong hands-on knowledge of SIEM tuning, content development, threat detection, and incident handling.Expertise in 3 or more of the following: SIEM (QRadar), XDR (CrowdStrike), SOAR/TIP Platforms, DLP (Netskope), Cloud Security (AWS), Deception Technology (Canary)Experience with network traffic analysis, packet capture tools, and deep dive investigations.Strong analytical, problem-solving, and decision-making skills.Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS Controls.Preferred Qualifications:Professional certifications such as GCIA, GCED, GCIH, CEH, CCSP, AWS Security Specialty, or QRadar Certified Specialist.Prior experience in managing an in-house 24x7 SOC or leading shift teams.What We Offer:Work on a modern cloud-native security stack in a dynamic FinTech environment.Opportunity to lead security engineering and detection strategy for critical financial platforms.Be part of a tight-knit, expert-level team with a strong learning and innovation culture.Competitive salary, performance-based incentives, and growth opportunities.