44 Zeek Jobs

Description The SIEM Rule Engineer is responsible for designing, developing, testing, and tuning detection rules, signatures, and alerts for SIEM, IDS/IPS, and other monitoring platforms. This role focuses on enhancing threat detection capabilities by translating threat intelligence, use cases, and attack patterns into actionable and accurate detections . Responsibiliti es Rule Engineering & Detection Content Development Develop and maintain correlation rules, signatures, and detection logic in SIEM (e.g., Splunk, ELK, QRadar), IDS/IPS (e.g., Suricata, Snort), and EDR tools (Wazuh). Translate MITRE ATT&CK techniques into detection rules. Tune existing rules to reduce false positives/negative...

We are seeking a skilled OT Network Traffic Analyst with deep expertise in Operational Technology (OT) communication protocols to join our cross-functional security and ML team. The ideal candidate will be responsible for intercepting and analyzing OT network traffic, identifying potential anomalies, and contributing to the development of cutting-edge anomaly detection solutions — even across proprietary and undocumented protocols. This is a hands-on role requiring both technical proficiency in network traffic inspection and the ability to collaborate with machine learning engineers and cybersecurity experts. Responsibilities: Intercept, monitor, and analyze traffic from OT/ICS networks in r...

Location: New Delhi, India This position is required to be in office 5 days per week. About Us: At Sauce Labs, we empower the world's top enterprises - like Walmart, Bank of America, and Indeed - to deliver quality web and mobile applications at speed. Our industry-leading platform ensures continuous quality across the SDLC, using AI-powered analytics to identify key quality signals from development through production. With our unified solution, teams can release and innovate with confidence, knowing their apps will always look, function, and perform exactly as they should. Backed by TPG and Riverwood Capital, we are shaping the future of digital confidence - join us! The Role: We are seekin...

Own threat detection, response, and hardening across cloud and endpoint estates. Design/operate SIEM/XDR/SOAR with detection engineering mapped to MITRE ATT&CK, and automate triage using GenAI for alert summarisation, enrichment, and knowledge search. Build Sigma rules, integrate EDR/telemetry (CrowdStrike, Defender, Sentinel/Splunk/Chronicle), and run purple-team exercises to close gaps. Champion Zero Trust, secrets hygiene, and incident runbooks with AI-assisted updates. Measure MTTA/MTTR, detection coverage, and control efficacy. Keywords: SIEM/XDR/SOAR operations and rule tuning (Sentinel/Splunk/Chronicle + EDR)Detection engineering mapped to ATT&CK Sigma/YARA authoring GenAI for alert t...

Location: New Delhi, India This position is required to be in office 5 days per week. About Us At Sauce Labs, we empower the world's top enterprises - like Walmart, Bank of America, and Indeed - to deliver quality web and mobile applications at speed. Our industry-leading platform ensures continuous quality across the SDLC, using AI-powered analytics to identify key quality signals from development through production. With our unified solution, teams can release and innovate with confidence, knowing their apps will always look, function, and perform exactly as they should. Backed by TPG and Riverwood Capital, we are shaping the future of digital confidence - join us! The Role We are seeking ...

About Us As a Fortune 50 company with more than 400,000 team members worldwide, Target is an iconic brand and one of America's leading retailers. Joining Target means promoting a culture of mutual care and respect and striving to make the most meaningful and positive impact. Becoming a Target team member means joining a community that values different voices and lifts each other up. Here, we believe your unique perspective is important, and you'll build relationships by being authentic and respectful. Overview About TII At Target, we have a timeless purpose and a proven strategy. And that hasn't happened by accident. Some of the best minds from different backgrounds come together at Target t...

The Forensics Analyst will play a key role in conducting and supporting digital forensic investigations, cloud and memory analysis, and incident response activities as part of ongoing cybersecurity research, national security initiatives, and critical infrastructure protection projects under C3iHub, IIT Kanpur. The position involves both hands-on forensic analysis and research contribution to developing frameworks, methodologies, and tools for advanced forensic investigation and cyber threat attribution across on-premises, cloud, and hybrid environments. Responsibilities Conduct end-to-end digital and cloud forensic investigations for incidents involving system compromise, data breaches, or ...

About Us: VitalEdge is a leading organization in the technology industry, dedicated to delivering innovative solutions and exceptional service to our clients. We foster a culture of innovation, collaboration, and professional growth, making us a great place to work. Our company has been recognized for its excellence in technology and customer service, and we are committed to maintaining a diverse and inclusive workplace. Job Summary: We are seeking a Security Engineer to join our team. The ideal candidate will have a general security operations profile and be responsible for monitoring and responding to security incidents. Responsibilities: • Monitor security alerts and investigate potential...

Job description: Job Description Role Purpose The purpose of this role is to design, develop and troubleshoot solutions/ designs/ models/ simulations on various softwares as per client’s/ project requirements ͏ Mandatory Skills: - Hands-on experience with MERN stack (MongoDB, Express.js, React, Node.js) for building scalable full-stack applications. - Expert in Next.js (React fundamentals, SSR/SSG, routing, API routes). - Strong knowledge of JavaScript/TypeScript, HTML5, CSS3, and responsive design principles. - Proficiency in Python (FastAPI/Flask) for backend service development. - Experience with REST APIs, backend integration, and data processing pipelines. - Knowledge of data...

As an experienced Network Security Engineer, you will be responsible for deploying various Open-Source Network Security Solutions, integrating relevant components, and optimizing performance and rules set. Your role will involve event-driven process flow and actions customization of IPC and enrichments, as well as system engineering for reliability and system performance improvement. Additionally, you will conduct research on new approaches and contribute to IP creation. Key Responsibilities: - Work on Network Security Products such as IDS / IPS, Next Generation Firewall - Product Development / Solution Engineering - Handle IP networking, IP networking Protocols, Computer System internals, I...

Role Overview: We are looking for a Senior Python Developer with 6–8 years of experience to design and implement the integration between Zeek, Suricata, and downstream systems (Kafka/Logstash). The candidate will also play a key role in developing the correlation engine, routing/enrichment pipelines, and scaling the solution for high-throughput OT security monitoring. Mandatory Skills: Expert-level Python (3.7+), with proven experience in building scalable back-end services. Strong experience with streaming/data pipelines (, message queues, or similar). Familiarity with correlation engine development (rule-based, enrichment, anomaly detection). Experience in building microservices in Python ...

Key Responsibilities: Perform incident analysis and escalate when necessary. Document findings for seamless handover to L3 or other responders. Conduct threat research and data analysis. Coordinate with IT/Application/Infrastructure teams for issue resolution. Execute deep dives and threat hunts; propose corrective actions. Develop detection use cases based on threat intelligence. Analyze malware sandbox results and phishing campaigns. Tune detection rules and improve playbooks. Mandatory Skills & Tools: SIEM & EDR Tools: Azure Sentinel, Microsoft Defender Suite (E5 stack), Defender for Endpoint, Identity, O365, CloudApps, Defender for Cloud Query Languages: KQL, MS-KQL, SPL, ArcSight Networ...

Description The SIEM Rule Engineer is responsible for designing, developing, testing, and tuning detection rules, signatures, and alerts for SIEM, IDS/IPS, and other monitoring platforms. This role focuses on enhancing threat detection capabilities by translating threat intelligence, use cases, and attack patterns into actionable and accurate detections . Responsibiliti es Rule Engineering & Detection Content Development Develop and maintain correlation rules, signatures, and detection logic in SIEM (e.g., Splunk, ELK, QRadar), IDS/IPS (e.g., Suricata, Snort), and EDR tools (Wazuh). Translate MITRE ATT&CK techniques into detection rules. Tune existing rules to reduce false positives/negative...

Role Overview: We are looking for a Senior Python Developer with 6–8 years of experience to design and implement the integration between Zeek, Suricata, and downstream systems (Kafka/Logstash). The candidate will also play a key role in developing the correlation engine, routing/enrichment pipelines, and scaling the solution for high-throughput OT security monitoring. Mandatory Skills: Expert-level Python (3.7+), with proven experience in building scalable back-end services. Strong experience with streaming/data pipelines (, message queues, or similar). Familiarity with correlation engine development (rule-based, enrichment, anomaly detection). Experience in building microservices in Python ...

Location: Pune - Maharashtra, India - Rajiv Ganhi Infotec Park Job Family: Engineering Worker Type Reference: Regular - Permanent Pay Rate Type: Salary Career Level: T3(B) Job ID: R-48411-2025 Description & Requirements Role Overview: We are looking for a Senior Python Developer with 6–8 years of experience to design and implement the integration between Zeek, Suricata, and downstream systems (Kafka/Logstash). The candidate will also play a key role in developing the correlation engine, routing/enrichment pipelines, and scaling the solution for high-throughput OT security monitoring. Mandatory Skills: Expert-level Python (3.7+), with proven experience in building scalable back-end services. ...

Role Overview We are looking for a Network Security Engineer with experience in deploying and managing open-source network security platforms. The role involves setting up visibility sensors, handling network traffic capture, and building log pipelines that integrate into SIEM environments. The ideal candidate has worked with packet capture tools, IDS/IPS, and log management frameworks in production or lab setups. Key Responsibilities Deploy and configure open-source network security monitoring tools (e.g., Security Onion, Zeek, Suricata, Bro). Configure and maintain IDS/IPS signatures and tune for industrial/enterprise network traffic. Build and manage log pipelines using tools such as File...

Calix is hiring Security Researcher to join their Threat Intelligence team in Bangalore. The successful candidates will lead efforts in identifying, analyzing, and mitigating network threats. Develop and implement advanced threat detection and prevention strategies. Additionally, they will enhance threat detection capabilities through various research activities. In this role, you will collaborate with the security engineering and threat intelligence teams to support the development, validation, and research of network intrusion detection capabilities. Your contributions will directly impact the enhancement of threat detection signatures, research of emerging threats, and improvement of inte...

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role Gruve Technologies is looking for an experienced Threat Hunter Analyst to join our cybersecurity team. The ideal candidate will proactively search for advanced threats, identify stealthy ...

Location: New Delhi, India About Us: At Sauce Labs, we empower the world's top enterprises - like Walmart, Bank of America, and Indeed - to deliver quality web and mobile applications at speed. Our industry-leading platform ensures continuous quality across the SDLC, using AI-powered analytics to identify key quality signals from development through production. With our unified solution, teams can release and innovate with confidence, knowing their apps will always look, function, and perform exactly as they should. Backed by TPG and Riverwood Capital, we are shaping the future of digital confidence - join us! The Role: We are seeking a highly motivated and detail-oriented Security Engineer ...

Location: New Delhi, India About Us At Sauce Labs, we empower the world's top enterprises - like Walmart, Bank of America, and Indeed - to deliver quality web and mobile applications at speed. Our industry-leading platform ensures continuous quality across the SDLC, using AI-powered analytics to identify key quality signals from development through production. With our unified solution, teams can release and innovate with confidence, knowing their apps will always look, function, and perform exactly as they should. Backed by TPG and Riverwood Capital, we are shaping the future of digital confidence - join us! The Role We are seeking a highly motivated and detail-oriented Security Engineer to...

Own threat detection, response, and hardening across cloud and endpoint estates. Design/operate SIEM/XDR/SOAR with detection engineering mapped to MITRE ATT&CK, and automate triage using GenAI for alert summarisation, enrichment, and knowledge search. Build Sigma rules, integrate EDR/telemetry (CrowdStrike, Defender, Sentinel/Splunk/Chronicle), and run purple-team exercises to close gaps. Champion Zero Trust, secrets hygiene, and incident runbooks with AI-assisted updates. Measure MTTA/MTTR, detection coverage, and control efficacy. Keywords: SIEM/XDR/SOAR operations and rule tuning (Sentinel/Splunk/Chronicle + EDR)Detection engineering mapped to ATT&CK Sigma/YARA authoring GenAI for alert t...

Location: New Delhi, India About Us: At Sauce Labs, we empower the world's top enterprises - like Walmart, Bank of America, and Indeed - to deliver quality web and mobile applications at speed. Our industry-leading platform ensures continuous quality across the SDLC, using AI-powered analytics to identify key quality signals from development through production. With our unified solution, teams can release and innovate with confidence, knowing their apps will always look, function, and perform exactly as they should. Backed by TPG and Riverwood Capital, we are shaping the future of digital confidence - join us! The Role: We are seeking a highly motivated and detail-oriented Security Engineer ...

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you a tech-savvy problem-solver with a passion for ensuring optimal network performance? If so, look no further – Kyndryl is seeking a Network Support Specialist who will be the go-to expert for installing, maintaining, and troubleshooting computer networks Key Responsibilities Monitor and analyze network traffic using NDR tools (e.g., Vect...

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you a tech-savvy problem-solver with a passion for ensuring optimal network performance? If so, look no further – Kyndryl is seeking a Network Support Specialist who will be the go-to expert for installing, maintaining, and troubleshooting computer networks Key Responsibilities Monitor and analyze network traffic using NDR tools (e.g., Vect...

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you a tech-savvy problem-solver with a passion for ensuring optimal network performance? If so, look no further – Kyndryl is seeking a Network Support Specialist who will be the go-to expert for installing, maintaining, and troubleshooting computer networks Key Responsibilities Monitor and analyze network traffic using NDR tools (e.g., Vect...