412 Arcsight Jobs - Page 3

Software Testing Manager About the Team: ZTrust revolutionizes user onboarding with seamless Omnichannel Identity & Access Management, ensuring swift, effortless, and secure app access. It simplifies security across applications, while making password policy creation a breeze. Bid farewell to complexity and embrace efficiency with ZTrust. What you can look forward to as Software Testing Manager (m/f/d): Second-line support for Service Desk and OPS, special care first-line support for field test customers (FT engineers) & Thorough incident analysis Inter-departmental escalation of problems (R&D, hosting, customizing & integration) Evaluate functional analysis documents, create and maintain training documentation & Train Service Desk on new features before every major release Update and maintain knowledge base and service trees with known issues and guidelines Define customer acceptance criteria, create and update test scripts for new software features and validate new software and hardware in field test environment Report, follow up and escalate issues with R&D, hosting, customizing & integration & Plan and execute occasional field visits at field test customers for new software or hardware Approve or disapprove the release of new features, changes and hosting setup & Communicate and coordinate the extended field test rollout Your profile as Software Testing Manager (m/f/d): Communicative and customer-oriented & Team player, strong cooperation skills Highly analytical, precise, eye for details & Planning and coordination skills Experience with incident handling / problem resolution management & Experience with software and hardware development Experience with ICT and electronics & Good English speaking and writing skills Knowledge in Regression , smoke, integration, UI testing & Knowledge in automation testing is an added advantage Why should you choose ZF Group in India? Innovative Environment: ZF is at the forefront of technological advancements, offering a dynamic and innovative work environment that encourages creativity and growth. Diverse and Inclusive Culture: ZF fosters a diverse and inclusive workplace where all employees are valued and respected, promoting a culture of collaboration and mutual support. Career Development: ZF is committed to the professional growth of its employees, offering extensive training programs, career development opportunities, and a clear path for advancement. Global Presence: As a part of a global leader in driveline and chassis technology, ZF provides opportunities to work on international projects and collaborate with teams worldwide. Sustainability Focus: ZF is dedicated to sustainability and environmental responsibility, actively working towards creating eco-friendly solutions and reducing its carbon footprint. Employee Well-being: ZF prioritizes the well-being of its employees, providing comprehensive health and wellness programs, flexible work arrangements, and a supportive work-life balance. Be part of our ZF team as Software Testing Manager and apply now! Contact Sowmya Nagarathinam

Job Description: About Us At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Global Business Services Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations. Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence, and innovation. In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services. Job Description Development Build FinTech solutions for banking, trading, and finance across all segments of the global market. These include award winning web & mobile applications, data science and analytics, complex event processing, cloud solutions, low latency applications, and responsive experiences. Work with global development teams and business partners across USA, UK, Europe and Asia Pacific Capture and translate business / functional requirements for banking, trading, markets Good at problem solving and quantitative skills Design and architect solutions based on requirements or based on your innovative ideas Develop software in agile and iterative cycles using continuous improvement tools and techniques Test software using test driven development and embedded QA teams Identify, escalate, and resolve incidents and issues Participate in innovation programs, developer forums, Hackathons Good written and verbal communications skills with good positive attitude We work on cutting edge technologies like AI, Machine Learning, Hadoop, Python, Scala, Pega, .NET, Java, Angular, React, Cassandra, memSQL, Tableau, ETL and among several others Business Analysis Change enabler in an organizational context by defining needs and recommending solutions that delivers value to clients. Good at problem solving and quantitative skills Work closely with the business to capture requirements Analyze business and functional requirements provided from the business Document functional and operational impacts to associates and customers Assist in completion and documentation of designs (functional and technical) Provide expert knowledge on assigned application(s), functionality and associate/customer processes Develop expert knowledge on business processes, rules, and regulations Document the interaction of data, functions and business processes for selected functionality Prepare analysis schedule Conduct the feasibility study of the current system Track issues / reporting Good written and verbal communications skills with good positive attitude Opportunity to utilize tools like Microsoft Visio (Diagramming) & cutting-edge Change Management / Wireframingtools (Mockups) Testing Functional & Technical Specialist in discovering the unexpected & bring confidence in software Good at problem solving and quantitative skills Verify that the application meets all functional business requirements Ensure that all component changes are tested against areas impacted and that solutions work from an integration/operations perspective Include the scope, test cycles, risks, regression testing approach, environment requirements, data requirements, metrics, and work plan Develop test conditions and build test scripts based on functional design specifications and the test approach Confirm the architectural stability of the system with a focus on functional, load testing, fail-over/recoverability and operational testing. In some systems will also monitor, measure, and optimize individual and combined hardware and/or software components for optimal performance Perform unit testing and component integration testing Design and Develop Technical Test Approach, Load Tests, Fail-over and Recoverability Tests and Operational Tests Document and execute Test Scripts & report the execution progress Identify & escalate stoppers / concerns /issues to the project management team early. Ability to work as a team player in an agile way of working. Serve as a quality gatekeeper for the application releases. Opportunity to validate the applications using latest tools & technologies like Selenium, Appium, SpecFlow, Lettuce, Cucumber, UFT, qTest, LoadRunner, SOA Tester, TOSCA, Test Complete, Java , Python ,VBScript & JIRA Infrastructure Operations Infrastructure & Environment control specialists supporting all streams Support the efforts of development teams through development and testing environment creation, hardware and software configuration, build and migration coordination and technical support Handle escalated production support issues Configure software for supporting specific developer applications Coordinate the migration of configuration changes across environments Migrate code from component integration test to systems integration test Install and configure server applications Track issues Good written and verbal communications skills with good positive attitude Opportunity to handle SVN, Citrix, Informatica, Autosys, SQL servers, Coral 8, TeamCity, Jenkins, AS 400, Unix, Oracle Production Support Front face of IT department and an all-rounder in support Provide application support to the production environment Maintain detailed support processes and operations framework to make sure the application availability 24/7 Production control to ensure applications are available and running at peak efficiency All aspects required to process batch production within application services Proactively monitor application availability, performance, response time, exceptions, faults and failures using a range of proprietary as well as third party monitoring tools Provide usage trend analysis and status reports Be part of incident Triages, provide relevant information and proper communication to stakeholders Good written and verbal communications skills with good positive attitude Opportunity to monitor & control using Geneos, Citrix, Sybase Central, SQL server, Coral 8, Tibco, Quartz, BOB job monitor, Appwatch, PEGA Cyber Security Defense and Assessment Front face for Cyber Security events, incidents and an all-rounder in technical & operational support Regular analysis of Cyber Security information Replying to general Cyber Security queries Assist in Cyber Security investigation Supporting Identity and Access Management Identify vulnerability in Cyber Security which requires remediation Recording and responding to Cyber Security events and incidents in timely fashion Review, monitor and maintain Cyber Security controls and their implementation Auditing of systems, services and processes against policy, best practice and standards in a methodical and clearly documented fashion Opportunity to work on different Cyber Security tools, like DLP products, Data Classification tools, Splunk, SIEM tools eg. ArcSight etc Cyber Security Technology Responsible for defining, documenting, and publicizing strategic roadmap for various cyber security technology stacks for Bank of America Contributing to the development of innovative software capabilities to secure Bank products using DevSecOps pipelines and automation Participating in rapid prototyping and product security software research and development projects Innovating new software-based capabilities to secure software containers from internal and external cyber-attacks by being able to detect, respond, and recover without human intervention or mission degradation Participating in the development of algorithms, interfaces and designs for cyber-secure and resilient software systems Performing collaborative design & development with other engineers and suppliers Joining a team performing cyber risk assessments and developing risk mitigation plans Performing analysis of systems and components for risks, vulnerabilities, and threats Supporting incident response and mitigation Monitor networks for security breaches and investigate a violation when one occurs Develop security standards and best practices Assist with maintaining a strong cybersecurity posture Assist in developing new policies, design processes, and procedures, and develop technical designs to secure the development environment and trainer systems Assess system vulnerabilities, implement risk mitigation strategies, and validate secure systems, and test security products and systems to detect security weakness We work on cutting edge technologies like Machine Learning, Hadoop, Python, Scala, Pega, .NET, Java, Angular, React, Cassandra, Tableau, ETL and among several others with exposure to web application security and secure platform development Job Locations Mumbai, Chennai, Gurugram, Gandhinagar (GIFT), Hyderabad. Campus Hiring Eligibility for students is as listed below: ✓ Final year Graduates from the Class of 2025 ONLY ✓ Must Have Major Specialization in Computer Science & Information Technology ONLY ✓ Must have scored 60% in the last semester OR CGPA of 6 on a scale of 10 in the last semester ✓ No Active Backlogs in any of the current or prior semesters Campus Job Description - Tech ✓ Students should be willing to join any of the roles/skills/segment as per company requirement ✓ Students should be willing to work in any shifts/night shifts as per company requirement ✓ Students should be willing to work in any locations namely – Mumbai, Chennai, Gurugram, Gandhinagar (GIFT), Hyderabad as per company requirement

Role & responsibilities Preferred candidate profile This role is for you if you have the below Educational qualifications •Graduation degree in any stream or equivalent / post-graduation degree/diploma, Certification in any IAM product would be an added advantage. Work experience •We are looking for a of IAM resource with 5+ years of experience for one of our engagements. The resource must work from our Pune/Bangalore office and willing to work on shifts The ideal candidate will: •At least 60 months of Privileged Access Management domain experience with expertise in Conjur as the primary skill and CyberArk administration as the secondary skill •A quick learner and adaptable to changing environments •Have strong analytical skills and communication skills •Build strong professional working relationships with client personnel •Clear understanding of IAM solution design and configuration •Working in rotational shifts supporting client environment. •Deliver timely and high-quality work diligently •Identify issues and opportunities, and communicate them to appropriate senior member Technical Skills Required: •60 months of experience in Conjur and CyberArk administration 1. Conjur Administration: •Serve as the primary administrator for Conjur, overseeing deployment, configuration, and maintenance of the Conjur environment. •Manage secrets within Conjur, ensuring their protection and proper access control according to organizational policies and requirements. •Monitor system performance, conduct regular health checks, and ensure high availability and reliability of Conjur services. •Troubleshoot and resolve complex issues related to Conjur infrastructure and performance. •Implement and enforce best practices for secrets management, policy management, and integration with other systems. 2. CyberArk Privilege Cloud Administration: •Act as a secondary administrator for CyberArk Privilege Cloud, contributing to the deployment, configuration, and maintenance of the solution. •Assist in managing privileged accounts, credential rotation, session management, and audit trails as per organizational policies. •Support monitoring and troubleshooting of CyberArk Privilege Cloud performance and issues, ensuring reliable and secure operations.

Summary Position Summary Red Team — Senior Consultant 2 – Senior Solution Delivery Lead Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do Manages Cyber Threat Management projects, guides the team on a day-to-day basis and ensures that assigned tasks and responsibilities are fulfilled in a timely fashion Demonstrates understanding of complex business and information technology management processes Interacts with clients, managers and partners to build and nurture strong relationships Tailors firm tools and methodologies as per client requirements Assists in implementing standard operating procedures Adheres to Service Level Agreements Identified opportunities for service optimization Evaluates, counsels, mentors and provides feedback on performance of others Manages day-to-day client relationships with their direct client contacts at a minimum at appropriate management levels Participates in proposal development efforts to sell quot;add-on quot; work to clients Identifies opportunities to improve engagement economics Lead practice development initiatives The Team Deloitte’s Red Team is a standardized process, to help clients combat today’s growing array of system threats. We help organizations assess their infrastructure, networks and application environments to identify vulnerabilities and controlweaknesses.Wedevelopanddeploythetechnicalandarchitecturalimprovementsnecessarytoreduceattack exposure OurApplicationandVulnerabilityManagementserviceshelporganizationsidentifythetechnicalandarchitectural improvements needed to minimize exposure to attacks. With our customized methodology, we assess the many aspects of risk to support identification of both internal and external facing threats. Required: - Core Skills: Advanced communication skills (written and verbal) with experience delivering high-level technical presentations, detailed engagement reports, and executive briefings to stakeholders and leadership teams. Proven ability to design and execute complex red team operations, providing tactical and strategic guidance for enhancing organizational security posture through actionable insights. Comprehensive project management skills, with experience in leading large-scale offensive security engagements from inception to execution, including coordinating cross-functional teams. Expert-level understanding of threat analysis, enterprise-level defense mechanisms, and advanced mitigation strategies, with a focus on bridging offensive techniques with defensive improvements. Hands-on experience in bypassing complex security defenses such as firewalls, EDR, IDS/IPS, SIEM solutions (e.g., Splunk, QRadar, ArcSight), using cutting-edge evasion techniques. Extensive knowledge of cyber kill chains, advanced multi-stage attack scenarios, and the ability to execute sophisticated adversarial campaigns using real-world TTPs. Deep expertise in reverse engineering, malware analysis, and exploiting vulnerabilities to uncover security flaws within complex infrastructures. Strong knowledge of cloud security (AWS, Azure, GCP) and demonstrated ability to conduct adversarial simulations targeting cloud-based environments. Advanced knowledge of operating systems (Windows/Linux) and networking technologies critical to red team operations, with the ability to exploit system misconfigurations and weaknesses. Mastery of adversarial simulation tools like Cobalt Strike, Sliver, Metasploit, Empire, Nessus, nmap, Qualys, and Tenable, with the capability to customize attack vectors. Mandatory Certifications - OSCP, OSWP, GPEN, OSCE, CRTO, GXPN, CREST Certified Simulated Attack Specialist Preferred Certifications - OSCE3, OSWE, OSEP, OSED, CREST Certified Simulated Attack Specialist, SABSA, AWS Security Specialist Proven experience leading red teaming, purple teaming, and Breach Attack Simulations (BAS) at the enterprise level, simulating advanced persistent threats (APTs) to assess security defenses. Expertise in spear-phishing campaigns, HTML smuggling, payload delivery mechanisms, and opsec strategies to evade detection throughout engagements. Deep understanding of advanced attack frameworks like MITRE ATT&CK and SANS Top 25, using them to design tailored attack scenarios specific to client environments. In-depth knowledge of EDR/AV evasion techniques, privilege escalation, lateral movement, and persistence in both on-premise and hybrid cloud infrastructures. Ability to architect, deploy, and optimize custom Red Team/Offensive Security solutions, including managing command and control infrastructure, payload obfuscation, and real-time response actions. Ability to manage cross-functional teams across red, blue, and purple engagements, fostering collaboration and improving overall security resilience through continuous improvement cycles. High-level proficiency in strategic planning, engaging with leadership to define security objectives, risk prioritization, and translating technical findings into business-centric solutions. Strong knowledge of attack surface management and vulnerability management, with experience discovering and analyzing hidden or misconfigured assets, especially shadow IT. Advanced OpSec and tradecraft knowledge, ensuring red team engagements are conducted without exposing tools or tactics to detection, while continuously adapting methods to outpace blue team defenses. As a Senior Solutions Delivery Lead, you will lead the charge in adversarial simulation operations, pushing the boundaries of offensive security capabilities. You will: Architect and lead advanced red team engagements, simulating the tactics, tools, and techniques used by sophisticated threat actors to test client defenses. Conduct multi-phase, coordinated attack campaigns, including phishing simulations, exploitation of vulnerabilities, and covert lateral movement across complex environments. Develop and optimize adversarial simulation tactics, ensuring constant evolution of red team methodologies in response to emerging threats. Provide in-depth reports and post-engagement briefings with a focus on strategic remediation advice that aligns with organizational security goals. Oversee the red team infrastructure, ensuring all tools, C2 systems, and exploit frameworks are continually updated and configured for optimal effectiveness. Lead purple team exercises, working closely with blue teams to collaboratively improve detection, response, and mitigation strategies in real time. Remain at the forefront of offensive security innovations, guiding the team through new techniques, tools, and adversarial simulations to enhance effectiveness. Ensure OpSec best practices are strictly followed to avoid detection during engagements and protect the integrity of the red team toolkit. Collaborate with clients and stakeholders to review attack scenarios, findings, and deliver customized security enhancements tailored to their specific business risks. Preferred: B. E / B.Tech / M.S in any engineering discipline; 7-9 years of cyber risk services experience. Proven ability to emulate sophisticated adversary tactics, techniques, and procedures (TTPs) to identify and exploit weaknesses in organizational defenses. Familiarity with red teaming methodologies, offensive security tools, and frameworks such as MITRE ATT&CK. Experience with tools like Cobalt Strike, Metasploit, and Empire for command and control, exploitation, and lateral movement within environments. Proficiency in scripting languages like Python, PowerShell, or Bash for automation and custom tool creation. Knowledge of evasion techniques to bypass antivirus (AV), endpoint detection and response (EDR), and network monitoring tools. Strong understanding of privilege escalation, lateral movement, and persistence mechanisms in both Windows and Linux environments. Hands-on experience conducting phishing campaigns, social engineering attacks, and delivering payloads via HTML smuggling or other covert techniques. Ability to assess and manipulate Active Directory configurations, conduct password spraying, and exploit common misconfigurations. Strong knowledge of reverse engineering tools such as IDA Pro and Ghidra for analyzing malware or binaries. Excellent ability to create detailed post-engagement reports and recommendations for improving detection and response capabilities. Knowledge of operational security (OpSec) best practices to avoid detection during adversarial engagements. Ability to think creatively in developing offensive strategies and adapting to blue team defenses. Strong desire to continuously learn emerging attack vectors and defensive countermeasures. Outstanding communication skills, with the ability to explain offensive security techniques to both technical and non-technical stakeholders. Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin their own way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-based learning,and eLearning.Deloitte University(DU):The LeadershipCenter in India,our state-of-the-art, world-class learning centerin the Hyderabad office, is an extension of the DU in Westlake, Texas, and represents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best workeveryday. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandarecontinuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesourdiversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 306123

Your role This position is responsible for administering the Splunk platforms for enterprise Security Information and Event Management (SIEM). The role involves working with asset owners to ensure the timely and efficient collection of computer security events and logs for the purpose of detecting and responding to information security incidents. Maintain all components of a distributed SPLUNK infrastructure including indexer clusters, search head clusters, and deployment servers. Provide overall management of the SPLUNK platform. Standardize SPLUNK forwarder deployment, configuration, and maintenance across Unix and Windows platforms. Troubleshoot SPLUNK server and forwarder problems and issues. Assist internal users in designing and maintaining production-quality dashboards. Monitor the SPLUNK infrastructure for capacity planning. Implement change requests and engineering tasks. Lead technical discussions in customer governance calls. Participate in technical audits. Identify opportunities for automation, standardization, and stabilization. Prepare/update/review run books, SOPs, and knowledge articles. Plan, prepare, and execute change processes and implementations. Perform OS-level performance monitoring and troubleshooting. Monitor and troubleshoot application and database layers (e.g., Apache, Tomcat, MySQL). Administer and maintain a 24/7 highly available Splunk environment. Work closely with clients, technicians, and managerial staff. Experience with Databricks, Kafka, and NiFi is an added advantage. Your profile Splunk Administrator with 4 to 8 years experience Dashboards, reports creation and Monitoring Experience with Splunk Phantom as well, would be given preference Work location Bengaluru,Mumbai,Pune & Hyderabad What Youll Love About Working Here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Your role Monitor network security events and take action per security policy. Analyze incidents, raise tickets, and assign to resolver teams. Perform health checks of security tools and vulnerability assessments. Create and review daily/weekly/monthly dashboards and reports. Act as escalation point for L1/L2 analysts and backup for SOC Manager. Develop and fine-tune SIEM use cases. Participate in Change Control Board and infrastructure design reviews. Coordinate and implement security-related changes in line with policies. Identify and remediate rogue, unpatched, or unauthorized systems. Support incident response, maintain logs, and assist in investigations. Your profile SIEM ToolsIBM QRadar, ArcSight, RSA Envision, Nitro Security with 4 to 9 years of experience Vulnerability ManagementNessus, Qualys Guard Malware Protection & Anti-Spam Web Filtering, Content Filtering PKI, Forensic Analysis Work location Pan India and preferred location is Bengaluru What Youll Love About Working Here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

OPENTEXT - THE INFORMATION COMPANY OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation. AI-First. Future-Driven. Human-Centered. At OpenText, AI is at the heart of everything we do—powering innovation, transforming work, and empowering digital knowledge workers. We're hiring talent that AI can't replace to help us shape the future of information management. Join us. The Opportunity: OpenText (OT) is a leading provider of security and compliance solutions for the modern enterprise that wants to mitigate risk in its hybrid environment and defend against advanced threats with market leading products from ArcSight, Fortify and NetIQ. OT Fortify Software protects organizations from cyber-based threats to their digital assets by ensuring that the applications they use to run their business are secure. This is an opportunity to work with Fortify/NetIQ/ArcSight to help customers build, manage, and implement solutions. This domains are Application Security/ Identity and Access Management/SIEM/Data Security. The responsibilities of a Software Security Consultant are broad and may vary depending on your level of experience and skills. What You Are Good At: Implementation and configuring OT Fortify/NetIQ/ArcSight/Data Security products Onprem/cloud/SaaS for customers Experts with SIEM & data Security domain knowledge will be preferred Assessing and scoping of customer's Cybersecurity requirements application security needs Contributing to project planning and project deliverables Customizing the solutions during implementation phase Representing OT Fortify's/NetIQ/ArcSight technical, business, and professional values to customers, partners, and peers. Working at customer sites or offsite as needed What It Takes: A technical bachelor's degree Minimum 12+ year’s experience in implementing any of the solutions - Data Security IDAM, App Security, SIEM solutions Candidates with implementation experience on OT CyberSecurity solutions NetIQ / Fortify /ArcSight/ Voltage solutions will be preferred. Create and deliver written solution proposals and presentations to clients including responses to RFPs/RFIs/RFQs. Provide on-going technical support to well-qualified prospects conducting evaluations. This may include coaching, proof of concept support, live demonstrations, trouble-shooting, and best-practices consulting. Work closely with solutions sales and sales management to establish in depth account plans and strategies. Work with marketing and sales on competitive intelligence, sales collateral, and solution positioning. OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please contact us at hr@opentext.com.

Noida,Uttar Pradesh,India Job ID 763123 Join our Team Our Exciting Opportunity We are now looking for a Security Engineer professional. This job role is responsible for tracking, coordination, support, management, and execution of security related activities to ensure that services provided to customers are continuously available and performing to Service Level Agreement (SLA) performance levels. What you will do, Incident Management Respond after hours (on-call support) Coordinate and conduct event collection, log management, event management, and compliance automation Respond to day-to-day security change requests related to security operations Conduct security research and intelligence gathering on emerging threats and exploits Create new rules based on identified scenarios Perform postmortem analysis on logs, traffic flows, and other activities to identify malicious activity Security analysis (networking devices and operating systems, endpoint analysis, network attacks) Work with the various Technical Authority teams to respond to and resolve security incidents effectively and quickly Provide Root Cause Analysis for security incidents, and outages / impairments related to security tools Administer authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets Tools Integration Integration of nodes to security tools (SIEM, VA, IAM, etc.) Deploy content (policies, signatures, parsers or rules) for the security infrastructure Vendor Communications Work with SIEM, IPS/IDS, IAM vendors for application related issues Process Improvement Mentor level 1 analysts to improve detection capability within the SOC Prepare Use Cases & MOPs on identified scenarios Create, maintain and improve technical operational work instructions Drive continuous process improvements by providing inputs on the current processes and possible improvement opportunities Governance and Reporting Business intelligence reporting based on SOC and customer needs Identify and report risks related to security Perform periodic reporting and when applicable, present to management and/or the customer’s security team To be successful in this role, you must have: Strong knowledge of information security Working knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks, along with available security controls (technical & process controls) for respective layers Key Qualifications: Graduate in Computer Science or similar 5 to 11 years' experience with at least 2 years of experience in IT and 2 years in security ITIL certification, CCSP, OSCP, Security +, CCNA Security or similar will be an advantage

Functional Competencies 1. Security Monitoring (Threat Monitoring, Detection and Response). 2. Security and Vulnerability Assessments. 3. Security Incident Management. 4. Identity and Access Management. Job Duties & Responsibilities 1. Applying subject expertise in evaluating business operations and processes. 2. Identifying areas where technical solutions would improve business performance. 3. Consulting across business operations, providing mentorship, and contributing specialized knowledge. 4. Recommending technical solutions and determining software development requirements. 5. Providing subject expertise and guidance to Security Analysts, Leads. 6. Overseeing the development, testing, and implementation of technical solutions. 7. Determining whether technical solutions meet defined requirements. 8. Verifying technical reference information, including user guides, training manuals, and system requirements. 9. Ensuring accurate representation of expertise prior to the distribution of technical solutions to end-users. 10. Documenting processes and disseminating information to all relevant stakeholders. 11. Conducting thorough research to stay updated on changes in their field of expertise. 12. Contributing to the development of policies and procedures relevant to their area of expertise. Special and Other duties 1. Prepare various reports for management decision making. 2. Perform other functions as assigned by the Chief Information Security Officer or Management. 3. Manage Subordinates performance and conduct formal appraisal. Competency Requirement Education or Academic Qualification 1. Bachelors degree in computer science or related streams. 2. NFQ Level 7+ Work Exposure or Professional Experience 1. Minimum 7 years of relevant experience in Information Security with at least 5 years in Security Operations. 2. Professional certification like CISSP, CISM, ISO27001, CEH. 3. Advanced ability to recommend and implement technical solutions for cross-functional projects. 4. Knowledge of systems and software engineering to optimally integrate subject expertise in software solution designs. 5. Excellent recordkeeping, as well as written and verbal communication skills. 6. Thorough understanding of the latest security principles, techniques, and protocols. 7. Problem solving skills and ability to work under pressure. Skills required (Soft & Technical) 1. Security Operations, Security Architecture. 2. Knowledge of Security Portfolio and Operations.

Your Role and Responsibilities* * Responsible for implementation partner to see project on track along with providing required reports to management and client * Handle the project as well as BAU operations while ensuring high level of systems security compliance * Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. * Analyse data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents. * Ready to support for 24/7 environment. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Professional and Technical Expertise* * 7+ years of IT experience in security with at least 4+ Years in Security Operation Centre with SIEMs. * B.E./ B. Tech/ MCA/ M.Sc. * Maintaining SIEM/UEBA platform hygiene, Scripting, Automation SOAR Playbook Creation with Testing, with Change/Problem/Incident Management, with CP4S platform integration & dashboarding, Recovery Support. * Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. * Working knowledge of industry standard risk, governance and security standard methodologies * Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting. * Ability to multitask and work independently with minimal direction and maximum accountability. Preferred technical and professional experience Preferred Professional and Technical Expertise * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. * Responsible for security researcher to provide insight and understanding of new and existing information security threats * Responsible to participate in recommending improvements to SOC security process, procedures, policies, security incident management and vulnerability management processes * You will be involved in evaluating, recommending, implementing, and solving problems related to security solutions and evaluating IT security of the new IT Infrastructure systems * Keep yourself up-to-date with emerging security threats including applicable regulatory security requirements * Work in a 24x7 Security Operation Centre (SOC) environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * Minimum 2+ years’ experience in SIEM. * Proven expertise in handling the daily monitoring of Information Security events on the QRadar / ArcSight / Splunk console platform * Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists * Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Job description We are seeking a motivated and detail-oriented Cybersecurity Intern to join our security team. You will assist in monitoring, analyzing, and improving the security posture of our systems and networks. This internship is an excellent opportunity to gain real-world experience in threat detection, security tools, and incident response in a professional environment. Qualification Any Degree/Diploma/+2 Key Responsibilities Assist in monitoring network activity for suspicious behavior or unauthorized access.

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 6+ years of experience in a Security Operations Center (SOC) or similar security role. Relevant certifications preferred such as: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Strong understanding of networking protocols and technologies, vulnerability assessment, and incident response procedures. Experience with SIEM tools (e.g., Splunk, ArcSight, or similar). Familiarity with compliance frameworks (e.g., ISO 27001, NIST, GDPR). Strong analytical and problem-solving skills. Excellent verbal and written communication skills.

The Impact you will have in this role: Qualifications: Minimum of 6 years of related experience Bachelor's degree preferred or equivalent experience Talents Needed for Success:

DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (Onsite Tuesdays, Wednesdays and a third day of your choosing) The impact you will have in this role: We are seeking a dedicated and skilled Lead IT Security Engineer to join our team. The ideal candidate will have a strong background in network security, cloud technologies, and hands-on experience with Zscaler products. As a Lead Zscaler Security Engineer, you will be responsible for providing technical support and ensuring the smooth operation of Zscaler solutions. Your Primary Responsibilities: Provide technical support for Zscaler products (ZIA, ZPA, ZDX), including troubleshooting and resolving issues. Monitor and maintain the health and performance of Zscaler solutions. Collaborate with support teams to understand their technical needs and provide effective solutions. Assist in the deployment and configuration of Zscaler products. Conduct root cause analysis for recurring issues and implement preventive measures. Document technical issues and solutions for knowledge sharing and future reference. Stay up to date with the latest Zscaler features, updates, and industry trends. Work closely with the engineering and product teams to escalate and resolve complex issues. **NOTE: The Responsibilities of this role are not limited to the details above. ** Qualifications: Bachelor's degree and/or equivalent experience Minimum 5 years of Cybersecurity related experience Talents Needed for Success: Hands-on experience with Zscaler products (ZIA, ZPA, ZDX). Strong understanding of networking protocols and security best practices. Strong communication and interpersonal skills, including the ability to build relationships with key stakeholders. Strong critical thinking and problem-solving skills to resolve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity. Ability to work independently and manage multiple tasks simultaneously. Experience in managing Data Protection Technologies: Endpoint & Web DLP, CASB Network Security: Secure Web Gateways, Secure Access Secure Edge (SASE), Firewalls, IDS/IPS technologies

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Kyndryl’s Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested; we're committed. We're not just protecting data; we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills. When you walk through our doors, you're not only joining a team but you're also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn't just a job – it’s a passion; a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure. In this role, you won't just monitor; you'll actively engage in the relentless hunt for cyber adversaries. In a world where every click and keystroke could be a potential gateway for attackers, your role will be nothing short of critical as you seek out advanced threats, attackers, and Indicators of Compromise (IOCs). Your expertise in endpoint detection and response (EDR) will be the shield that safeguards individual workstations, laptops, servers, and other devices from cybercrime. Your responsibilities go beyond vigilance. When it comes to network security, you'll utilize Network Detection and Response (NDR) to monitor the ever-flowing currents of network traffic. The incident management process will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy – helping Kyndryl stay one step ahead of security breaches. In Cybersecurity Defense at Kyndryl, you’re not just protecting the present – you’re shaping the future of digital security. Join us on this cybersecurity venture where your expertise and creativity will have a lasting impact in the world of digital defense. Your Future at Kyndryl When you join Kyndryl, you're not just joining a company – you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles – we’re invested in your journey. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills and Experience 7 to 10 years of security analyst experience, preferably in a managed services environment Integrity Protection and central management solutions for protection of client workstations and servers against unauthorized changes (i. e. malicious code, viruses, worms, Trojans, exploits) and blocking of unauthorized programs including change control. Protection against unauthorized changes (i.e. malicious code, viruses, worms, trojans, exploits) and blocking of unauthorized programs including control of allowed changes Protection of Memory against unauthorized code Prevention of infection with known & unknown malware Patch-Process for emergency patches rated by CSO to be relevant for IC protected systems Protection Management: Malware Protection Management and central management solutions for protection of client workstations and servers against malicious code (viruses, worms, trojan horses, exploits ) and blocking of unwanted programs defined by CSO/APM. CrowdStrike cloud services for system process monitoring, behavioral analysis, machine learning and automated prevention of detected malicious actions of known and unknown threats. Operated by CrowdStrike Falcon Complete (SaaS). CrowdStrike Agent support of installation, maintenance and troubleshooting. Provide following support activities with ePO administrators Preferred Skills and Experience Bachelor’s degree in computer science, Cybersecurity, Information Technology, or other related fields Preferred Certifications in Cyber Security: ECTHP (Certified Threat Hunting Professional) orECMAP (Malware Analysis Professional); other specialized security analyst certifications Experience in Cloud Security monitoring and in advanced analytics (UEBA) vide following support activities with ePO administrators Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 6+ years of experience in a Security Operations Center (SOC) or similar security role. Relevant certifications preferred such as: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Strong understanding of networking protocols and technologies, vulnerability assessment, and incident response procedures. Experience with SIEM tools (e.g., Splunk, ArcSight, or similar). Familiarity with compliance frameworks (e.g., ISO 27001, NIST, GDPR). Strong analytical and problem-solving skills. Excellent verbal and written communication skills.

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 1 SOC analysts are incident responders, remediating serious attacks escalated, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 1 Years Experience as SOC Analyst (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 2 SOC analysts are incident responders, remediating serious attacks escalated from Tier 1, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 3 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 3 Years Experience as SOC Analyst (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting

Job brief The Security Operation Centre (SOC) Information Security Analyst are the first level responsible for ensuring the protection of digital assets from unauthorized access, identify security incidents and report to customers for both online and on-premises. The position monitors and responds to security events from managed customer security systems as part of a team on a rotating 24 x 7 x 365 basis. They are alert and aggressive to filter out suspicious activity and mitigate risks before any incident occur. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Main Responsibilities Tier 2 SOC analysts are incident responders, remediating serious attacks escalated from Tier 1, assessing the scope of the attack, and affected systems, and collecting data for further analysis. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity and suspicious activities, escalate to managed service support teams, tier 3 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Works as a Team lead for the SOC Analysts helping them to ensure that corporate data and technology platform components are safeguarded from known threats. Analyse the Events & incidents and identify the root cause. Assist in keeping the SIEM platform up to date and contribute to security strategies as an when new threats emerge. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Document and maintain customer build documents, security procedures and processes. Document incidents to contribute to incident response and disaster recovery plans. Review critical incident reports and scheduled weekly & monthly reports and make sure they are technically and grammatically accurate. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Other responsibilities and additional duties as assigned by the security management team or service delivery manager Requirements: Min 3 Years Experience as SOC Analyst (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows. Excellent written and verbal communication skills Skills: Excellent event or log analytical skills Proven experience as IT Security Monitoring or similar role Exceptional organizing and time-management skills Very good communication abilities ELK, Wazuh, Splunk, ArcSight SIEM management skills Reporting.

Job Responsibilities : Candidate must have 7-10 years of experience in security operations, incident response, or a related field. Strong understanding of security concepts, principles, and best practices. Proficiency in using SIEM tools (e.g., Splunk, Q Radar, ArcSight). Experience in developing and maintaining SOC rules, playbooks, and procedures. Knowledge of common security threats, vulnerabilities, and attack vectors. Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). Experience with scripting languages (e.g., Python, PowerShell). Experience with cloud security (e.g., AWS, Azure, GCP). Contact Person - Supraja Email - supraja@gojobs.biz

Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

About Client: Our Client is a global IT services company headquartered in Southborough, Massachusetts, USA. Founded in 1996, with a revenue of $1.8B, with 35,000+ associates worldwide, specializes in digital engineering, and IT services company helping clients modernize their technology infrastructure, adopt cloud and AI solutions, and accelerate innovation. It partners with major firms in banking, healthcare, telecom, and media. Our Client is known for combining deep industry expertise with agile development practices, enabling scalable and cost-effective digital transformation. The company operates in over 50 locations across more than 25 countries, has delivery centers in Asia, Europe, and North America and is backed by Baring Private Equity Asia. Job Title: Splunk SIEM Engineer Key Skills: SIEM (Security Information and Event Management), Splunk Enterprise Security (ES), Linux,SIEM platforms, QRadar, ArcSight, SOAR, Splunk ITSI, Search Processing Language (SPL) Job Locations: Hyderabad, Bangalore, Chennai, Pune Experience: 6 – 8 Years Budget: 12 - 15 LPA Education Qualification : Any Graduation Work Mode: Hybrid Employment Type: Contract Notice Period: Immediate - 15 Days Interview Mode: Online test followed by technical Evaluation 2 Rounds of Technical Interview + Including Client round Job Description: Interested Candidates please share your CV to pnomula@people-prime.com

Your role We are seeking a proactive and experienced Security Operations Center (SOC) professional to join our cybersecurity team with 4+ years of experience . Depending on the level (Analyst, Lead, or Manager), the role will involve monitoring, analyzing, and responding to security incidents, managing SOC operations, and leading threat detection and response initiatives. Monitor SIEM systems and security tools for suspicious activity. Analyze and respond to security incidents and threats. Stay updated on threat intelligence and attack trends. Review logs from firewalls, IDS/IPS, and antivirus tools. Escalate critical incidents and document findings. Support vulnerability management and remediation tracking. Configure and tune security tools like SIEM and EDR. Ensure compliance with security policies and audits. Collaborate with IT and network teams on investigations. Contribute to process improvements and incident playbooks. Lead and mentor junior analysts (for Lead/Manager roles). Your profile SIEM (e.g., Splunk, QRadar, ArcSight) Incident Response /Log Analysis Threat Intelligence Scripting (Python, PowerShell) for automation EDR tools (e.g., CrowdStrike, Carbon Black) What you''ll love about working here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges. Location - Bengaluru,Mumbai,,Pune

Role Purpose The purpose of the role is to support process delivery by ensuring daily performance of the Production Specialists, resolve technical escalations and develop technical capability within the Production Specialists. Do Oversee and support process by reviewing daily transactions on performance parameters Review performance dashboard and the scores for the team Support the team in improving performance parameters by providing technical support and process guidance Record, track, and document all queries received, problem-solving steps taken and total successful and unsuccessful resolutions Ensure standard processes and procedures are followed to resolve all client queries Resolve client queries as per the SLAs defined in the contract Develop understanding of process/ product for the team members to facilitate better client interaction and troubleshooting Document and analyze call logs to spot most occurring trends to prevent future problems Identify red flags and escalate serious client issues to Team leader in cases of untimely resolution Ensure all product information and disclosures are given to clients before and after the call/email requests Avoids legal challenges by monitoring compliance with service agreements Handle technical escalations through effective diagnosis and troubleshooting of client queries Manage and resolve technical roadblocks/ escalations as per SLA and quality requirements If unable to resolve the issues, timely escalate the issues to TA & SES Provide product support and resolution to clients by performing a question diagnosis while guiding users through step-by-step solutions Troubleshoot all client queries in a user-friendly, courteous and professional manner Offer alternative solutions to clients (where appropriate) with the objective of retaining customers and clients business Organize ideas and effectively communicate oral messages appropriate to listeners and situations Follow up and make scheduled call backs to customers to record feedback and ensure compliance to contract SLAs Build people capability to ensure operational excellence and maintain superior customer service levels of the existing account/client Mentor and guide Production Specialists on improving technical knowledge Collate trainings to be conducted as triage to bridge the skill gaps identified through interviews with the Production Specialist Develop and conduct trainings (Triages) within products for production specialist as per target Inform client about the triages being conducted Undertake product trainings to stay current with product features, changes and updates Enroll in product specific and any other trainings per client requirements/recommendations Identify and document most common problems and recommend appropriate resolutions to the team Update job knowledge by participating in self learning opportunities and maintaining personal networks Mandatory Skills: Security Incident Response. Experience: 5-8 Years.