3 Playbook Creation Jobs

We are seeking a highly experienced and technically proficient Lead to serve as a Subject Matter Expert (SME) on SOAR (Security Orchestration, Automation, and Response) for implementation, playbook creation, and platform management at Inspira Enterprise India. In this critical role, you will take end-to-end responsibility for managing and resolving L3 level incidents, addressing customer concerns, and overseeing SOC (Security Operations Center) operations for our clients, while also mentoring junior team members. Roles and Responsibilities: Serve as the Subject Matter Expert (SME) on SOAR for implementation, playbook creation, and platform management. Address any technical questions from clients and drive the implementation and operations BAUs (Business As Usual) for SOAR. Take end-to-end responsibility to manage/resolve L3 level incidents, customer concerns, and SOC operations for customers. Take full accountability for incidents related to SOAR and pertaining to SOC operations. Work on documentation of Standard Operating Procedures (SOPs) and Root Cause Analyses (RCAs). Act as a coach and mentor to junior Operations/Implementation Engineers and Technicians. Coordinate with Specialists/Sr. Specialists to resolve complex problems. Take ownership of at least two technologies according to domain or specialization. Support Specialists/Sr. Specialists in the effective execution of projects. Perform skills gap analysis and upskill team members wherever needed. Maintain strong relationships with all project stakeholders. Be the immediate contact person for the client. Create and maintain SOP documents. Deliver technical tasks of complex nature as per assigned timelines. Maintain activity logs, SLA details, and other critical information necessary for the smoother execution of projects. Resolve all technical issues/queries which are assigned/escalated. Partner with other cross-functional teams and client teams to provide effective resolution. Guide and share information with other analysts and teams. Develop use cases, content, playbooks, and automation with APIs. Drive automation of all L1 & L2 activities. Serve as the single point of contact to the client stakeholders. Improvise threat hunting capabilities of the technology using automation. Drive continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities of the technology to enhance threat detection and prediction, and implement advanced use cases. Conduct continuous fine-tuning of configuration, rules, and policies. Drive continuous innovation and automations in intuitive dashboards, reports, and queries. Optimize response time to fetch data and logs in advanced queries, reports, and dashboards. Provide on-the-job training to the client and the team. Participate in client meetings, discussions, etc. Interface with senior management. Establish communications with appropriate team members and business units, providing status updates. Manage reporting, tracking, monitoring, and closing out incident response issues with proper RCA. Interact with internal business units to address incidents and support investigations. Be the focal point for critical security events and incidents, serving as an SME while providing recommendations and guidance to the respective business units and to the SOC lead for escalation and remediation. Handle, respond to, and document all events or incidents that require escalation from Level 2 or Level 1 analysts. Lead efforts in monitoring, reporting, and responding to information security incidents. Recommend controls and process improvements based upon external threat indicators, industry trends, and lessons learned. Be responsible for facilitating incident management team exercises and events. Skills Requirement: Deep knowledge of SOAR (Security Orchestration, Automation, and Response) for implementation, playbook creation, and platform management. Proficiency in Python for SOAR-related tasks. Experience in managing/resolving L3 level incidents. Strong accountability for incidents related to SOAR and SOC operations. Good knowledge of IOAs, Incident Response processes, and Playbooks. Experience in scripting is a plus. Proven ability to coach and mentor junior Operations/Implementation Engineers and Technicians. Experience in coordinating with Specialists/Sr. Specialists to resolve complex problems. Ability to take ownership of at least two technologies according to domain or specialization. Strong relationship management skills with project stakeholders. Experience in creating and maintaining SOP documents. Ability to deliver complex technical tasks within timelines. Proficiency in maintaining activity logs, SLA details, and other critical project information. Experience in resolving technical issues/queries, assigned or escalated. Ability to partner with other cross-functional and client teams for effective resolution. Experience in guiding and sharing information with other analysts and teams. Strong skills in use case creation, content development, playbook creation, and automation with APIs. Experience in automating L1 & L2 activities. Ability to improvise threat hunting capabilities using automation. Experience in continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities for threat detection and prediction. Experience in continuous fine-tuning of configuration, rules, and policies. Proven ability to drive continuous innovation and automations in intuitive dashboards, reports, and queries. Experience in optimizing response time to fetch data and logs in advanced queries, reports, and dashboards. Ability to provide on-the-job training to clients and the team. Strong communication and interpersonal skills for client meetings and senior management interfacing. Experience in establishing communications with appropriate team members and business units, providing status updates, and reporting/tracking incident response issues with proper RCA. Proven ability to lead efforts in monitoring, reporting, and responding to information security incidents. Experience in facilitating incident management team exercises and events. QUALIFICATION: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

You will play a crucial role as a Security Engineer at Tekion, a company revolutionizing the automotive industry with cutting-edge technology. Your responsibilities will include managing security incidents, identifying vulnerabilities, and implementing strategies to enhance our organization's security posture. If you possess a proven track record in incident response, vulnerability management, and are eager to contribute to a dynamic team, we invite you to apply for this position. In this role, you will: - **Incident Response:** Monitor security event logs and alerts, lead investigations for containment, eradication, and recovery. - **Root Cause Analysis:** Conduct in-depth analysis of security incidents and targeted attacks to identify root causes and prevent recurrence. - **Security Automation:** Enhance detection and response capabilities through automation, fine-tuning alerts, and automating responses. - **Playbook Creation:** Develop incident response playbooks for different security incidents aligned with current threats. - **Security Event Enrichment:** Utilize IOCs, threat intelligence, and data sources to enrich security events, improving detection accuracy. - **Collaboration:** Coordinate with security stakeholders and cross-functional teams to improve security initiatives. - **Threat Hunting:** Proactively identify potential malicious activities and mitigate emerging risks. - **Vulnerability Management:** Identify, assess, and prioritize vulnerabilities across systems, applications, and networks for effective remediation. - **Vulnerability Scanning & Testing:** Conduct regular scans, penetration tests, and risk assessments to identify weaknesses. - **Patch Management:** Collaborate with IT and development teams to ensure timely patching and remediation. You should possess: - **Education:** Bachelors/Master's degree in computer science, Information Technology, Cybersecurity, or related field. - **Experience:** Minimum of 3 years in a Security Operations Center (SOC) environment. - **Certifications:** Relevant certifications such as GCIA, GCIH, AWS Security Specialist, or similar in Security Operations or Incident Response. - **Coding Skills:** Proficiency in coding languages like Python or Go. - **Technical Skills:** Hands-on experience with security tools like SIEMs, EDR, WAFs, IDS, and vulnerability scanners. - **Hands-on Experience:** Proficiency in incident response processes. - **Cloud Experience:** Experience with cloud security services, preferably in AWS or Azure environments. - **Analytical Skills:** Strong analytical and problem-solving skills with attention to detail. - **Soft Skills:** Excellent verbal and written communication skills to convey complex security concepts. If you are ready to be part of a team driving innovation in the automotive industry and have the required expertise in security operations, we look forward to receiving your application.,

Key Skills: SIEM, SOAR, Azure Sentinel, FortiSOAR, Python, PowerShell, Cyber Security, Automation, Security Frameworks, Compliance, Incident Response, Playbook Creation, Log Onboarding, Cyber Kill Chain. Roles & Responsibilities: Manage and oversee SIEM and SOAR solutions, including log onboarding and creation of automated playbooks. Provide hands-on technical expertise across Cyber Security and technology domains. Collaborate with internal teams to integrate and optimize security monitoring tools and automate workflows. Maintain and ensure the performance of SIEM and SOAR platforms, enhancing detection and response capabilities. Design and implement automation solutions using scripting languages (e.g., Python, PowerShell). Support and ensure compliance with security frameworks and industry regulations. Analyze and remediate security incidents, leveraging expertise in the Cyber Kill Chain and common attack methods. Work closely with cross-functional teams to define security requirements, processes, and practices. Communicate complex security concepts to non-technical stakeholders. Monitor and report on security events and incidents to ensure continuous improvement of security posture. Experience Required: 8-11 years of experience in IT Security, with at least 6 years managing SIEM and SOAR solutions. Strong hands-on experience with SIEM (e.g., Azure Sentinel) and SOAR platforms (e.g., FortiSOAR). Experience in log onboarding for SIEM solutions and creating automated playbooks on SOAR platforms. Solid understanding of security frameworks, compliance regulations, and industry standards. Technical experience in Cyber Security and technology domains, including threat analysis and remediation. Proven ability to work under pressure and manage time effectively. Familiarity with e-commerce, logistics, supply chain, and port operations applications is a plus. Education: A ny Graduation.