7 Phantom Jobs

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accentures overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole DescriptionSupport SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information:- The candidate should have a minimum of 5 years of experience in Splunk- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Industry - Leading NBFC. Designation - Senior Manager / AVP. Role - SOAR Admin. Location - Mumbai. Required Candidate profile Role: Minimum 6 years experience in designing, implementing and managing Security Orchestration, Automation, and Response (SOAR) solutions. Interested can share their CV - bhumika@rightmatch.co.in

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM), Splunk Administration, Splunk Enterprise Security, Splunk Phantom Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Splunk Engineer, you will be working within the Security Engineering & Technology Services team, responsible for understanding, researching, designing, developing, operating, and enhancing security solutions with the products client has acquired for consumption as a service offering across all of client. You will collaborate with Security Operations (mainly Cyber) teams to support in implementation of new technical solutions, on-board new data into Splunk and develop use cases to meet the business requirements Roles & Responsibilities:Building, maintaining, and operating Splunk Enterprise and Splunk Enterprise Security SaaS SolutionBuilding Co-relation searches for Cyber Operation requirementsEvaluating and analysing business requirements and designing suitable solutions, challenging requirements where necessary Managing, co-ordinating and implementing technical project activities and enhancements to services Conducting Incident/ Problem/ Recovery activities Supporting the Joint Operations Centre and incident response teams for detected security events. Creating and maintaining accurate and high-quality documentation Supporting Operational effectiveness auditStructure phased deliverables to link long term vision with time-boxed activities.Support the project delivery phase including testing and training, to ensure the agreed business solutions are delivered successfully.Work closely with developers and testers, to ensure delivery of the functionality on time and with quality. Professional & Technical Skills: Knowledge of Splunk Enterprise architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment servers) , knowledge of Splunk Cloud & SOARKnowledge of Splunk Enterprise Security at administration and use case level Knowledge on on-boarding new data into Splunk, Splunk Forwarders - data ingestion, extraction.Knowledge of the Common Information Model, data models, enrichment, and automationGood experience on Splunk add-Ons installation / configuration to bring security logs into Splunk.Good understanding of the Security Domain.Documentation skills in order to provide high quality documentation for internal customers and technical teams. Additional Information:- The candidate should have a minimum of 8+ years of experience in Security Information and Event Management (SIEM) with 5+ yrs experience on Splunk SIEM.- The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with a proven track record of delivering impactful security solutions.- This position is based at our Pune office with flexible locations as banglore and Chennai. Qualification 15 years full time education

Phantom/SOAR & Python experience with Good Development skills Good in ITIS and Understanding and building playbooks with On-prem multi-site clustering Splunk environment Practical experience in monitoring and tuning Playbooks & Use cases Good knowledge of creating custom apps with dashboards / reports / alerts and demonstrate Understanding of Splunk apps Ownership of delivery for small to large Splunk onboarding projects Ability to automate repetitive tasks and reduce noise Implementing and supporting Phantom with good Python, Red Hat and Windows experience Location: Pan India

Job Information Job Opening ID ZR_1899_JOB Date Opened 29/04/2023 Industry Technology Job Type Work Experience 3-5 years Job Title Phantom/SOAR City Hyderabad Province Telangana Country India Postal Code 500081 Number of Positions 5 Phantom/SOAR & Python experience with Good Development skills Good in ITIS and Understanding and building playbooks with On-prem multi-site clustering Splunk environment Practical experience in monitoring and tuning Playbooks & Use cases Good knowledge of creating custom apps with dashboards / reports / alerts and demonstrate Understanding of Splunk apps Ownership of delivery for small to large Splunk onboarding projects Ability to automate repetitive tasks and reduce noise Implementing and supporting Phantom with good Python, Red Hat and Windows experience Location: Pan India check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk Management Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accenture's overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation – BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole Description: Support SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information: The candidate should have a minimum of 5 years of experience in Splunk This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities: SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization. Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows. Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools. Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization. Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations. Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: Proficiency in scripting and programming Python to develop custom playbooks and integrations. Strong understanding of security operations, incident response, and threat intelligence workflows. Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools. Ability to troubleshoot complex integration and automation issues effectively. Additional Information: Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent. Experience with cloud-native SOAR deployments and hybrid environments. Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001. A 15 year full-time education is required 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education