52 Ueba Jobs

Job Description for Technical Sales Support Professional for Cybersecurity Business Job Title: Technical Sales Support Professional for Cybersecurity business (OT & IT) Location: Gurgaon Business Unit: Electrification and Automation Customer Services Experience Level: 510 Years Job Type: Full-Time PL Level: PL 9 Industry: Energy / Power / Industrial Automation Business Unit: Smart Infrastructure Electrification & Automation, Customer Services We are seeking a highly skilled and experienced Cybersecurity professional to join our Customer Services team in the Electrification and Automation (EA) Business Unit. The ideal candidate needs to have a strong background in cyber security, with focus on operational technology environments. The primary role involves generating leads in the market & working as a Cyber Security Proposal Engineer, responsible for scaling cybersecurity business exponentially. The job demands comprehensive preparation from Opportunity development to Order Acquisition in line with business processes for the aforementioned solutions: Cybersecurity Audit Vulnerability Assessment & Penetration Testing and recommending mitigation measures Secure migration of protection & automation systems Intrusion Detection System (IDS) & Intrusion Prevention System (IPS) Security Information & Event Management (SIEM) Security Orchestration, Automation, and Response (SOAR) User and Entity Behavior Analytics (UEBA) Network Detection and Response (NDR) Security Operation Center (SOC) Role Base Access Control (RBAC) & Active Directory (AD) Antivirus and Whitelisting System Hardening Required Qualification & Experience Successfully completed degree in B-Tech/B.E. in Electrical & Electronics / Electronics & Communication/ Computer Science or comparable training with relevant professional experience of minimum 5 years in the field of Cyber Security. The Candidate must have knowledge on ISO 27001, IEC 62443 and implementation of the same, the certified candidate shall be having the preference. The candidate has hands-on experience in cyber security solutions SIEM, SOAR, UEBA, NDR, SOC, IPS/IDS, RBAC, AD, Hardening, Antivirus deployment. The Candidate must have knowledge on handling Ethernet Switches, Firewalls and Routers. The Candidate must have knowledge of OT systems and communication protocols. The candidate must have Knowledge of topics such as patch management, Vulnerability Assessment, network analysis and automation. The candidate having relevant cyber security certifications such as NNCE, IEC62443, CISSP, CISM, CEH, or GICSP shall be having the preference. The Candidate must have knowledge on different other Cyber Security aspects such as Secure Architecture, Secure Remote Access and Methodologies to protect endpoints. The candidate must have good communication and presentation skills. Soft Skills & Attributes Strong customer orientation with problem-solving and advisory mindset. Excellent communication and presentation skills. Ability to work independently and in cross-functional teams across global environments. Willingness to travel (national and occasionally international) as per project requirements. WEVE GOT QUITE A LOT TO OFFER, HOW ABOUT YOU?

Your potential, unleashed. Indias impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a Deputy Manager in our Cyber Team youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: 08*6 general shift and provide on call support for critical issues Platform management for SIEM, SOAR, UEBA, NBAD, DLP, Anti-APT, Deception, VM, and any other in scope solutions. Log Source Management, Ensure timely integration of log sources SIEM Rule Management - Ensure rules are up to date to reduce false positives Performance Tuning: Optimize SIEM performance to ensure efficient processing and alerting. Compliance and Reporting: Generate reports for compliance and audit requirements. Integrate UEBA solutions with existing security infrastructure. Model Development: Develop and fine-tune machine learning models to detect abnormal activities. Provide insights and context to support security investigations. Reduce false positives by fine-tuning alerting mechanisms. Create automated workflows to streamline security operations. Implement and manage incident response playbooks. Integrate SOAR platforms with various security tools and systems. Enhance the efficiency of security operations through orchestration and automation. Track and report on the effectiveness of automation and response efforts. Platform Management: The installation, configuration, maintenance, update, upgrade of SIEM, UEBA, SOAR, Anti APT, NBA, DLP, Deception, VA and any other in scope solutions. Work closely with other security teams to enhance threat detection, investigation, and response processes. Provide training and support to security analysts on the use and capabilities of these platforms. Ensure that the platforms meet regulatory and compliance requirements. Perform health check-up daily and share the reports with the stakeholders Perform major and minor upgrades of the platform Ensure all the components are up to date (n-1) Monitor the availability of all the deployed components Skills Required: Deep understanding of networking, operating systems, and security principles. Have designed and implemented the proposed solutions in at least 2 clients Strong analytical and problem-solving skills. Proficiency in using advanced security tools and technologies. Excellent communication and documentation skills. Ability to handle high-pressure situations and make critical decisions. Continuous learning mindset to stay updated with the evolving threat landscape. The platform engineer shall have minimum 4-9 years of experience in managing the proposed solutions with OEM certification SOC Operations -Platform Engineer - SIEM, SOAR and UEBA Palo Alto /SOAR/Splunk Desired qualifications Education B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields Experience- 4 to 9 years Location and way of working Base location: Koramangala - Bangalore Professional is required to work from office Your role as Deputy Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How youll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the worlds most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyones welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

A UEBA (User and Entity Behavior Analytics) Administrator is a cybersecurity professional responsible for deploying, configuring, maintaining, and optimizing UEBA solutions to detect and respond to anomalous user and entity behavior within an organization's network. This role is crucial in identifying insider threats, compromised accounts, and sophisticated attacks that might bypass traditional security measures. -------------------------Key ResponsibilitiesThe UEBA Administrator's responsibilities:*Deployment and Configuration:*Installing and setting up UEBA platforms and related components. *Integrating UEBA solutions with various data sources (e.g., SIEM, Active Directory, network devices, applications, cloud services, endpoint logs) to ensure comprehensive data ingestion. *Defining and configuring behavioral baselines for users and entities, utilizing machine learning algorithms.*Monitoring and Analysis:*Continuously monitoring UEBA dashboards and alerts for deviations from established baselines. *Analyzing anomalous activities to determine their risk level and potential impact. *Investigating security incidents triggered by UEBA alerts, collaborating with SOC teams and other security personnel. *Performing threat hunting activities using UEBA insights to proactively identify hidden threats.*Rule and Policy Management:*Developing, refining, and implementing correlation rules and policies within the UEBA platform to enhance threat detection accuracy. *Tuning the system to minimize false positives and ensure high-fidelity alerts. *Automating response actions where appropriate, such as locking accounts or blocking access.*System Maintenance and Optimization:*Performing regular health checks, upgrades, and patching of the UEBA infrastructure. *Optimizing the performance and efficiency of the UEBA solution. *Documenting configurations, procedures, and incident response playbooks related to UEBA.*Reporting and Compliance:*Generating reports on user and entity behavior, detected anomalies, and security posture. *Assisting with compliance requirements by providing data and insights from UEBA. * Staying updated with the latest threat landscape and UEBA capabilities.------------------- Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise ------Required Skills and Qualifications*Technical Expertise:*Strong understanding of UEBA conceptsHow machine learning and behavioral analytics are applied to security. *Proficiency with UEBA platformsExperience with leading UEBA solutions (e.g., Gurucul UEBA, Splunk UEBA, Exabeam, Fortra, Microsoft Sentinel UEBA, IBM QRadar UEBA). *Networking KnowledgeUnderstanding of network protocols, traffic analysis, and common attack vectors. *Operating SystemsFamiliarity with Windows, Linux, and other relevant operating systems. *Security Information and Event Management (SIEM)Experience with SIEM tools and their integration with UEBA. *Data AnalysisAbility to work with large datasets, perform data correlation, and extract meaningful insights. *Scripting/AutomationKnowledge of scripting languages (e.g., Python, PowerShell) for automation and data manipulation is a plus. *Cloud SecurityUnderstanding of cloud environments and their unique security challenges if applicable.*Analytical Skills: *Critical ThinkingAbility to analyze complex data and identify subtle behavioral anomalies. *Problem-SolvingAptitude for troubleshooting and resolving issues related to UEBA systems and security incidents. *Attention to DetailMeticulous approach to configuring systems and investigating alerts.*Soft Skills: *CommunicationExcellent written and verbal communication skills to articulate technical concepts and findings to both technical and non-technical stakeholders. *TeamworkAbility to collaborate effectively with SOC analysts, incident response teams, and other IT departments. *Continuous LearningEagerness to stay abreast of evolving cybersecurity threats and technologies.*Qualifications:*Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Preferred technical and professional experience 3-5 yrs exp in managing Gurucul UEBA Platform Administration & Ops Relevant industry certifications (e.g., CompTIA Security+, Certified Ethical Hacker (CEH), GSEC, vendor-specific UEBA certifications) are highly advantageous. Proven experience in a security operations center (SOC) or a similar cybersecurity role.

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ YearsHands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Should have knowledge of it Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection):Should have knowledge of it Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Should have knowledge of it Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection):Should have knowledge of it Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

Position : L1 Location Jaipur Organisation : Novamesh Ltd (TATA Commununications Ltd) Shift : 24X7 Job Description: SIEM, SOAR, UEBA, and NBAD Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Primary Responsibilities Real-time monitoring of all security appliance(s) like Secure Web/ Email Gateways, Proxy, IPS/ IDS, NGFW, DLP, APT, WAF, Network Forensics, SIEM, NAC, SOAR, etc. in RSDC for security events. Endpoint Threat Detection Take SOAR action on identified malicious communications Monitor and alert any abnormalities identified Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to Tier-2 and other relevant/ designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders Secondary Responsibilities: SIEM (Security Information and Event Management): Configure, manage, and fine-tune SIEM tools for log ingestion, correlation rules, alerting, and reporting. Perform threat hunting, incident analysis, and security event investigations. Develop and maintain custom use cases to detect advanced threats. SOAR (Security Orchestration, Automation, and Response): Implement and maintain SOAR playbooks to automate security responses. Integrate SOAR with SIEM, threat intelligence, EDR, firewall, and email security solutions. Monitor SOAR workflows and fine-tune automation to optimize SOC operations. UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. General: Collaborate with incident response, threat intelligence, and risk management teams. Continuously review and enhance detection rules based on emerging threats. Document all procedures, incidents, and findings properly for audit and knowledge management. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certifications: Certified Ethical Hacker (CEH) mandatory.

About The Role Project Role : Solution Architect Project Role Description : Translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. Must have skills : Solution Architecture Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : Minimum BE BTech from a reputed university Summary :As a Solution Architect, you will translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. To design and deploy cyber security solutions in on-premises and public cloud infrastructure for large scale technology projects such as data lake, digital platform, and other core business and supporting applications Cyber Security Architect Roles & Responsibilities:-SPOC for cyber security design and deployment for any designated projects-Take full accountability of design of cyber security domain including network connectivity to various entities such as on-premises data centers and partner networks -Take ownership of design related issues and challenges and drive for solutions working with various internal teams and third-party solution providers such as OEMs and technology partners-Define and develop high level operating procedures for seamless operations of the project-Support transition of projects from deployment to operations-Anchor design and implementation of cyber security components-Be a SPOC for all cyber security initiatives in existing project and able to navigate through the clients landscape to upsell new initiatives in infrastructure space or able to pave ways for upselling value-driven initiatives for the client in other related domains such as application modernization, network transformation, and information security.-Lead the teams across various security solutions and thrive for upskilling and cross skilling to rationalize the resources across the towers and across the clients.-Introduce innovative solutions such as automation to increase productivity and improve service delivery quality -Participate in architecture and design review and approval forums to ensure the design principles are adhered to for any changes in the existing landscape or any new initiatives being rolled out in the existing landscape-Participate in client account planning and discussions to ensure security level initiatives are accounted for and issues are escalated to the right leaders for resolution-Build strong relationships with all client stakeholders and Accenture project teams for effective collaboration and outcomes Professional & Technical Skills: -Must have:-Hands-on Architecture and Design skills for SIEM, SOAR, UEBA, and cyber security-operations in on-premises data centers and public cloud-Strong experience working in Splunk, Palo Alto, and other leading OEMs in security domain-Strong Communication skills-Ability to drive discussions and ideas with clients senior leadership forums-Problem solving skills-Good to have-TOGAF or any equivalent certification in enterprise Security Architecture Additional Information:-Total IT experience of minimum 15 years; and-Minimum 4 years of experience in design and deployment of cyber security solutions in public cloud infrastructure (anyone from AWS, Azure, GCP, and OCI)-Minimum 10 years of experience in design and deployment of cyber security in on-premises infrastructure (SIEM, SOAR, UEBA, and cyber security operations)- This position is based at our Mumbai office.- A Minimum BE BTech from a reputed university is required. Qualification Minimum BE BTech from a reputed university

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Synax seeks an experienced SOC Leader (10+ years) to address global customers' cybersecurity needs and empower our partner network to achieve next-level service cyber-Security excellence. Why Join Synax Technologies Lead and pioneer a strategic cybersecurity initiative from inception. Thrive in a collaborative, innovative environment with ambitious growth objectives. Gain exposure and influence at a global, enterprise scale. Enjoy competitive compensation, career advancement, and executive visibility. What You&aposll Own: Design the Blueprint. Architect and scale a global SOC from the ground upset the strategy, define the roadmap, and own the outcome. Build the Dream Team. Recruit, lead, and inspire top-tier cybersecurity prosfrom threat hunters to incident responders. Set the Standard. Create world-class frameworks, playbooks, and metrics aligned with global best practices. Outsmart Threats. Lead the charge on cutting-edge detection and response using the full tech arsenal: SIEM, SOAR, EDR, XDR, UEBA, threat intel, and automation. Innovate Relentlessly. Drive a culture of continuous evolution, powered by AI, machine learning driven automation. You&aposre the Perfect Fit If You Have: Deep Roots in Cybersecurity: Minimum 10 years of experience navigating the world of security products and solutions, including 6 years in leading SOC/CSOC teams on a global scale. A Track Record of Building Greatness: You&aposve successfully built and rapidly scaled SOC/CSOC teams from scratch, turning vision into realityand you&aposre eager to do it again. Technical Mastery: Your expertise runs deep in cybersecurity operations, threat intelligence, incident response, and cutting-edge endpoint security technologies. Certifications That Count: Industry-recognized credentials like CISSP, CISM, or CISA showcase your professional commitment and credibility. Industry Savvy: Bonus points if you have experience working in highly regulated sectorslike BFSI, Healthcare, Government, or Telecomwhere cybersecurity truly matters. Solid Academic Grounding: You hold a Bachelors degree in Information Security, Cybersecurity, Computer Science Engineering, or related fields (a Masters degree makes you shine even brighter). Note: Preference will be given to candidates with current experience at Tier-1 SOC providers, who are locally available and can join immediately. This role requires international travel as and when needed. Show more Show less

You will be joining a leading Indian telecom company operating in 18 countries and serving over 300 million customers and 1 million+ businesses. The company values a customer-first mindset and a user-centric approach. Your role will require you to be experienced in SIEM platforms such as QRadar, Splunk, and ArcSight, with knowledge of UEBA, NBAD, and SOAR. You should be skilled in incident management, network troubleshooting, and comfortable working in 24x7 SOC environments. Your responsibilities will include having a technical understanding and working knowledge of SIEM platforms, along with exposure to UEBA, NBA, NBAD, and SOAR. It is essential to have experience with industry-standard SIEM platforms like QRadar, Splunk, RSA, Seceon, Arcsight, etc. You will need to adhere to processes and procedures, possess general network knowledge, and be proficient in TCP/IP troubleshooting. Additionally, you should be able to trace down an endpoint on the network based on ticket information. Good customer communication skills are essential, along with working knowledge of SIEM incident management and providing customer updates. Experience in Managed SOC Services is a must, and you should be prepared to work across 24x7 shifts. Hands-on experience in SIEM platforms and the mentioned technologies is required for this role. It would be beneficial to have industry certifications on SIEM Platform, CCNA, CEH, MCSE, and others as preferred skills.,

You will be responsible for performing deep-dive investigations on security incidents using Securonix SIEM. Your role will involve correlating alerts and utilizing UEBA to detect anomalies and insider threats. Additionally, you will be expected to fine-tune detection rules to reduce false positives in Securonix and conduct threat hunting to identify unknown threats using behavioral analytics. Moreover, you will investigate security events such as ransomware, APTs, data exfiltration, and privilege escalations. Collaborating with L3 analysts, you will help develop playbooks and automation through SOAR integration. You will also provide guidance to L1 analysts and support security awareness training initiatives. Furthermore, your responsibilities will include generating reports on security trends and SOC performance to ensure effective monitoring and response to potential threats.,

As a Manager, Information Security Incident Response at NTT DATA, you will be responsible for leading the Information Security Incident Response Management team. Your role will involve ensuring that your team is well-equipped to detect and monitor threats and suspicious activities affecting the organization's technology domain. You will serve as the escalation point for incident workflows and actively participate in delivering security measures through analytics and threat hunting processes. Your primary responsibilities will include managing a team of security professionals while fostering a collaborative and innovative team culture focused on operational excellence. You will be expected to have at least 10 years of experience in SOC, with a minimum of 4 years as a SOC Manager. Additionally, you should have 4+ years of experience in SIEM (Splunk) and hold a CISM/CISSP certification. Your role will also involve troubleshooting technical issues to ensure project success, implementing changes to align with client demands, and providing guidance to the team to achieve specific objectives. You will be responsible for developing and executing a timeline for the team to achieve its goals, monitoring incident detection and closure, and presenting regular metrics and reports. Furthermore, you will be required to conduct periodic DR drills, design SIEM solutions to enhance security value, and conduct root-cause analysis for security incidents. It will be vital for you to ensure that the SIEM system is optimized for efficient performance, align reports SIEM rules and alerts with security policies, and compliance reports requirements. You will also collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. To qualify for this role, you should have a Bachelor's degree or equivalent in Information Technology, Computer Science, or a related field, along with industry certifications such as CISSP or CISM. You should possess advanced experience in the Technology Information Security industry, prior experience working in a SOC/CSIR, and advanced knowledge of tools, techniques, and processes used by threat actors. Additionally, you should have practical knowledge of indicators of compromise (IOCs), end-point protection, enterprise detention, response software, SIEM, and IPS technologies. This is an on-site working position at NTT DATA, where diversity and inclusion are embraced, and you will have the opportunity to continue growing, belonging, and thriving in a collaborative environment. NTT DATA is an Equal Opportunity Employer, and your career progression here will involve seizing new opportunities, expanding your skills, and preparing for future advancements within the global team.,

Role: Regional Sales Manager Job Type : Full Time, Permanent Location: East India (Base location - Candidate's existing location) Number of Openings : 1 Experience Required: Minimum 5 years experience in cyber security Field Qualification: Bachelors degree in Business Administration, Marketing, Engineering, or a related field. MBA or equivalent postgraduate qualification is preferred. Brief Role Description We are seeking a highly experienced and driven Sales Professional having 7 to 12 years of experience in B2B sales with minimum 5 years experience in cyber security field. The ideal candidate will take ownership of the complete sales cycle - from lead generation to deal closure - while building strong relationships with clients and driving business growth. Responsibilities: Formulate and implement strategic sales plans to meet revenue targets and drive customer base expansion within the East Indian region. Proactively identify and pursue new business opportunities through market research, networking and cold callings. Coordinate with operations and technical teams and educate, empower the team to capture cybersecurity services opportunity at the end customer. Foster strong post-sales relationships to ensure customer satisfaction and identify opportunities for upselling and cross-selling. Deliver accurate sales forecasts and provide timely, detailed reports to Executive. Skills Required: Ability to handle complex sales cycles and decision-making units. Self-motivated with a high level of accountability and initiative. Extensive professional network and comprehensive market knowledge of East India Corporate sector. Thorough understanding of CRM systems with the ability to generate and analyze sales reports effectively. Engage with clients in strategic discussions to provide best in class cybersecurity. Proficiency in delivering impactful presentations to clients, showcasing cybersecurity solutions with clarity and compelling manner. Conduct market research and identify leads. Proven track record in the sales of cybersecurity technologies or enterprise software solutions. Experience in engaging and collaborating with government entities and PSU clients. About Company Innspark is the fastest-growing Deep-tech Solutions company that provides next-generation products and services in Cybersecurity and Telematics. The Cybersecurity segment provides out-of-the-box solutions to detect and respond to sophisticated cyber incidents, threats, and attacks. The solutions are powered by advanced Threat Intelligence, Machine Learning, and Artificial Intelligence that provides deep visibility of the enterprises security. We have developed and implemented solutions for a wide range of customers with highly complex environments including Government Organizations, Banks & Financial institutes, PSU, Healthcare Providers, Private Enterprises. Website: https://innspark.in/

As a Security Software Engineer at Versa SASE, you will play a crucial role in the architecture, design, and qualification of network security services including ATP, Secure Web Gateway (SWG), Forward and Reverse Proxy, CASB, DLP, Remote Browser Isolation (RBI), User and Entity Behavior Analysis (UEBA), and Sensitive Data Obfuscation. Your main responsibilities will revolve around automation and manual testing of the Versa SASE platform. To qualify for this role, you must hold a bachelor's degree in Computer Science or a related field. We are looking for a team player with a can-do attitude who can work both independently and collaboratively in a startup environment. Strong communication skills are essential as you will be liaising with cross-functional groups. Additionally, you should possess excellent skills in large-scale software design and development. The ideal candidate will have 1 to 5 years of hands-on experience in the field. Your day-to-day responsibilities will include participating in HLD/LLD reviews, assessing requirements from PLM, writing test plans for new and regression features, executing QA cycles, and automating assigned features. You will also be involved in scale and performance testing, collaborating with customers to address complex problems, and assisting in resolving customer issues to ensure high levels of customer satisfaction. Key skills for this role include proficiency in developing test automation frameworks and test suites using Python, validation experience across different networking stack layers (Layer3 through Layer7), working knowledge of data plane and control-plane operations, and familiarity with NGFW features such as IDS/IPS, URL Filtering, IP Filtering, DNS Filtering, and more. Experience with various security technologies like Identity Proxy, Application Reverse Proxy, CASB, DLP, Malware Sandbox, UEBA, and RBI is highly desirable. You should also have a solid understanding of ZTNA, SWG, and different application protocols like HTTP, HTTPS, SMTP, and TLS. Proficiency in protocol analysis using network traces (PCAPs), hands-on experience in a Linux environment, and familiarity with traffic generator tools like IxLoad, BPS, Spirent, and Trex for L2 to L7 traffic profiles will be beneficial for this role.,

Your Role and Responsibilities* * Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Professional and Technical Expertise* * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience Preferred Professional and Technical Expertise * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Role & responsibilities Investigate high complexity cyber security incidents (2nd Level) with minimal direction, determine the root cause and establish defense measures as part of the global Cyber Defense Center team. Analyze operational logs and event console activities to identify security related events; Develop targeted defense response measures for implementation Create Management communication for Major Incidents and drive and facilitate Communication bridges/briefs to upper management as necessary Improve and maintain cyber defense related processes and procedures . Provide strong technical expertise in using and customizing of cyber defense tools like SIEM, AEP, DLP or UEBA solutions for CIRT actions Participate in the "on-call" duty of the global incident response team, and provide the fallback insurance for IT and SOC Participate in international IT security projects Represent Bayer in external technical user groups. Prepare and design system security reports by framing data, insights, and trends to support the proposal of proactive cyber defense capabilities.

* Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Manage and monitor security events using tools like Securonix UEBA, Tripwire, and AWS GuardDuty. You will detect and respond to security incidents, ensuring network protection. Expertise in SIEM, UEBA, and AWS GuardDuty is required.

Job Description: SIEM, SOAR, UEBA, and NBAD Specialist Certifications: Certified Ethical Hacker (CEH) - mandatory. Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Roles and Responsibilities Incident Analysis, Incident co-ordination & Response ,Remote Incident Response, Forensics Artifact handling & Analysis, Malware Analysis, Insider Threat Case Support, Sensor Tuning & Maintenance, Custom Signature/ Rules Creation, Scripting & Automation, Audit Collection &Storage, Product Assessment & Deployment and Risk Assessment , Response Planning, Mitigation, Recovery Planning, Communicating Emergency Alerts &Warnings to relevant/designated stakeholders , Endpoint Threat Detection and remediation. Take SOAR action on identified malicious communications, Monitor and alert any abnormalities identified, Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to L3 and other relevant/designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders. Should have knowledge of below technologies UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. Required Qualifications:

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ YearsHands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ Years Hands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Project Role : Solution Architect Project Role Description : Translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. Must have skills : Solution Architecture Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : Minimum BE BTech from a reputed university Summary :As a Solution Architect, you will translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. To design and deploy cyber security solutions in on-premises and public cloud infrastructure for large scale technology projects such as data lake, digital platform, and other core business and supporting applications Cyber Security Architect Roles & Responsibilities:-SPOC for cyber security design and deployment for any designated projects-Take full accountability of design of cyber security domain including network connectivity to various entities such as on-premises data centers and partner networks -Take ownership of design related issues and challenges and drive for solutions working with various internal teams and third-party solution providers such as OEMs and technology partners-Define and develop high level operating procedures for seamless operations of the project-Support transition of projects from deployment to operations-Anchor design and implementation of cyber security components-Be a SPOC for all cyber security initiatives in existing project and able to navigate through the clients landscape to upsell new initiatives in infrastructure space or able to pave ways for upselling value-driven initiatives for the client in other related domains such as application modernization, network transformation, and information security.-Lead the teams across various security solutions and thrive for upskilling and cross skilling to rationalize the resources across the towers and across the clients.-Introduce innovative solutions such as automation to increase productivity and improve service delivery quality -Participate in architecture and design review and approval forums to ensure the design principles are adhered to for any changes in the existing landscape or any new initiatives being rolled out in the existing landscape-Participate in client account planning and discussions to ensure security level initiatives are accounted for and issues are escalated to the right leaders for resolution-Build strong relationships with all client stakeholders and Accenture project teams for effective collaboration and outcomes Professional & Technical Skills: -Must have:-Hands-on Architecture and Design skills for SIEM, SOAR, UEBA, and cyber security-operations in on-premises data centers and public cloud-Strong experience working in Splunk, Palo Alto, and other leading OEMs in security domain-Strong Communication skills-Ability to drive discussions and ideas with clients senior leadership forums-Problem solving skills-Good to have-TOGAF or any equivalent certification in enterprise Security Architecture Additional Information:-Total IT experience of minimum 15 years; and-Minimum 4 years of experience in design and deployment of cyber security solutions in public cloud infrastructure (anyone from AWS, Azure, GCP, and OCI)-Minimum 10 years of experience in design and deployment of cyber security in on-premises infrastructure (SIEM, SOAR, UEBA, and cyber security operations)- This position is based at our Mumbai office.- A Minimum BE BTech from a reputed university is required. Qualification Minimum BE BTech from a reputed university