7 Runbooks Jobs

As an L3 SOC Analyst at CyberProof, a UST Company, you will be a key member of our Security Operations Group, dedicated to helping enterprises react faster and smarter to security threats. With 5 to 7 years of experience under your belt, you will play a crucial role in maintaining secure digital ecosystems through automation, threat detection, and rapid incident response. Your must-have skills include expertise with SIEM vendors such as QRadar, Sentinel, and Splunk, incident response capabilities, and a strong understanding of attack patterns, Tools, Techniques, and Procedures (TTPs). You are experienced in writing procedures, runbooks, and playbooks, possess strong analytical and problem-solving skills, and have hands-on experience with system logs, network traffic analysis, and security tools. Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) is essential for this role. Additionally, good-to-have skills involve experience in setting up SIEM solutions, troubleshooting connectivity issues, familiarity with security frameworks and best practices, and the ability to collaborate effectively with IT and security teams. Your responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting in-depth investigations to assess impact and understand the extent of compromise, analyzing attack patterns, and providing recommendations for security improvements. You will be responsible for proactive threat hunting, log analysis, providing guidance on risk mitigation, improving security hygiene, identifying gaps in security processes, and suggesting enhancements. Ensuring end-to-end management of security incidents, documenting incident response processes, defining future outcomes, participating in discussions, meetings, and briefings, as well as training team members on security tools and incident resolution procedures are also part of your role.,

You will be an integral part of ASEC Engineers - A Verdantas Company, serving as a highly analytical and detail-oriented technical business analyst. Your primary focus will be on IT infrastructure within the Global Infrastructure & Cloud Operations team. Your responsibilities will include collaborating with project managers, architects, and engineering teams to gather requirements, create system diagrams, and define operational processes. You will play a key role in documenting the current and future state of the IT environment, translating business requirements into functional and technical specifications. Your role will involve creating and maintaining detailed documentation of the infrastructure, including network diagrams, system architecture diagrams, data flow diagrams, and process documentation. You will also develop standard operating procedures, runbooks, and knowledge base articles while ensuring that all documentation is version-controlled and aligned with organizational standards. As a technical business analyst, you will support infrastructure and cloud-related projects by providing clear documentation and analysis. Your collaboration skills will be essential as you act as a liaison between technical teams and business stakeholders, facilitating communication and ensuring alignment on infrastructure changes and documentation needs. Additionally, you will be responsible for ensuring that all documentation meets internal quality standards and compliance requirements. You will support audits and risk assessments by providing accurate and up-to-date documentation while identifying opportunities for process improvement. To excel in this role, you are required to have a Bachelor's degree in information technology, computer science, or a related field, along with at least 5 years of experience in a technical business analyst or infrastructure documentation role. You should have a strong understanding of IT infrastructure components, proficiency with diagramming tools, excellent communication skills, and strong analytical abilities. Preferred qualifications include experience with cloud platforms, familiarity with IT governance frameworks, experience in Agile project environments, and knowledge of enterprise architecture frameworks. Key competencies for success in this role include attention to detail, technical curiosity, stakeholder management, process orientation, adaptability, and initiative. If you are ready to build the future with us at ASEC Engineers, a Verdantas Company, and make a meaningful impact professionally and environmentally, we invite you to join our visionary team driving innovation, sustainability, and transformative solutions that shape the future.,

As an experienced Cloud Monitoring & SOC Specialist, you will be leading the optimization and integration of the monitoring ecosystem. Your passion for transforming data into actionable insights and reducing alert fatigue will be instrumental in this role. Your responsibilities will include consolidating and integrating various tools such as SolarWinds, Instana, Google Cloud Operations, VMware Log Insight, and Rapid7 into a unified monitoring ecosystem. You will architect clear and efficient monitoring and incident-response workflows, implementing centralized AI-driven alerting to minimize noise and accelerate detection. In addition, you will be responsible for developing methods for proactive monitoring and continuous improvement by learning from incidents and iterating on processes. Configuring and maintaining essential NOC/SOC dashboards and monthly capacity reports for leadership visibility will also be part of your role. To qualify for this position, you should have deep technical expertise with 8-10 years of experience in monitoring architecture, tool integration, and SOC operations. Hands-on experience with infrastructure monitoring, APM, cloud (GCP), centralized logging, and SIEM solutions is required. Familiarity with tools such as SolarWinds, Instana, Google Cloud Operations, VMware Log Insight, and Rapid7 is considered a strong advantage. A proven track record of designing effective alert rules, incident-response playbooks, and automated workflows is essential. Experience in writing and refining monitoring procedures, SLAs, runbooks, and regular capacity/performance reports is also required. Strong communication skills and the ability to collaborate with DevOps, SecOps, and IT teams to drive continuous improvement are key attributes for success in this role.,

As a Database Administrator (DBA) at Halodoc, you will play a crucial role in ensuring the smooth operation and optimization of our database systems. Your expertise in both relational databases like MySql and PostgreSQL, as well as NoSQL databases such as documentDB and MongoDB on AWS, will be essential for maintaining the integrity and security of our data. Your responsibilities will include implementing best practices for database access and security, handling database migration tasks using AWS services, and collaborating with the Site Reliability Engineering (SRE) team on database automation. You will be expected to monitor database performance metrics using tools like PMM, AWS RDS console, performance insights, and cloudwatch to proactively identify and resolve potential issues. With your hands-on experience in planning and executing database activities with minimal downtime, you will work closely with the development team to design effective database solutions. Proficiency in SQL, PL/SQL, and database scripting languages will be essential for your success in this role, along with a good understanding of different file formats like xml, yml, json, and parquet. Additionally, your role will involve engaging in service capacity planning, demand forecasting, performance analysis, and system tuning in AWS. You will be expected to write runbooks effectively and automate repeatable actions to enhance operational efficiency. Familiarity with tools like Jenkins, Gitlab, terraform, and other development tools will be advantageous. To qualify for this position, you should have 3 to 6 years of industry experience and exposure to AWS services like DynamoDB, DocumentDB, Redshift, DMS, and CloudWatch. An interest in learning DevOps on AWS will be a valuable asset as you contribute to our dynamic and innovative work environment. At Halodoc, you will have the opportunity to work with cutting-edge technologies, receive comprehensive medical insurance benefits, use MacBooks provided for work, and enjoy a hybrid work mode for flexibility. Join us in revolutionizing healthcare in Indonesia and beyond by becoming a part of our dedicated and forward-thinking team.,

Team Lead - IT DR would be responsible to ensure automation of all critical Business & Infra applications in CP tool. He would also be responsible for conducting and coordinating drills for all identified applications. He will have to own the CP tool and maintain it with any periodical changes and version upgrades. All documentations have to be maintained viz. Runbooks, Test reports, Annual DR drills etc Core Responsibilities: Operational Management: 1. Implement procedures for disaster recovery automation for on-prem and cloud solutions. 2. Good experience in engaging infrastructure and application teams to collaborate on discussions and requirements for disaster recovery including experience with recovery and system processes using CP tool. 4. Should have good understanding of IT infrastructure, application, and operations environment structure. 5. Able to work successfully as a member of a team through collaboration and support. 6. Review and update DR Automation plan and related docs. 7. Prepare and maintain annual DR calendar and ensure compliance towards execution of the drills. 8. Identifying areas of automation and automate the DR switchover, switchback & failover processes wherever possible. Experience & Knowledge: 6+ years of total experience, preferably 3+ years of experience in managing DR CP Tool. 1. Hands-on experience with IT DR tools.. 2. Basic knowledge on IT Infrastructure (Database, OS, VM, Storage, Middleware, and Network). 3. Good experience of DR operations and conducting DR drills. Education : Graduation in any stream or Diploma in Engineering from recognized university with relevant experience in DR operations and configuration of CP DR tool. Certification : Relevant DR related certification preferred but not mandatory.

Solid understanding of data pipeline architecture, cloud infrastructure, and best practices in data engineering. Excellent problem-solving skills and attention to detail. Ability to work independently and collaborate effectively in a team environment. Skilled in independently analyzing large datasets, identifying discrepancies and inconsistencies, and recommending corrective actions. Demonstrated expertise in working with SQL Server, Oracle, Azure SQL Databases, and APIs. Experience with at least one programming language (Python, Java, C#, etc.). Hands-on experience with Azure Data Factory (ADF), Logic Apps, and Runbooks. Familiarity with the Azure cloud platform and PowerShell scripting. Strong problem-solving and analytical skills. Excellent communication and teamwork abilities, with experience engaging stakeholders at all levels. Capable of managing and adjusting to evolving priorities from multiple projects. Mandatory Skills SQL, Python, Apache Spark,Data Bricks, Azure Data Factory, SQL Server, Azure SQL Database, ETL, Powershell Scripting Desirable Skills SQL, Python, Apache Spark,Data Bricks, Azure Data Factory, SQL Server, Azure SQL Database, ETL, Powershell Scripting Role & responsibilities Preferred candidate profile

Key Responsibilities: Advanced Threat Detection & Incident Response: Serve as the final escalation point for critical incidents and threat investigations. Lead deep-dive analysis on alerts, threats, and indicators across varied environments. Conduct malware analysis, reverse engineering, and threat hunting when needed. Perform forensic analysis using endpoint, network, and cloud telemetry. SOC Operations in MSSP Context: Operate in a multi-tenant SOC supporting enterprise, mid-market, and OT/ICS clients. Customize correlation rules, detection logic, and alert tuning for each client environment. Collaborate with client security teams during incident lifecycle and response activities. Ensure SOC processes, SLAs, and communications are aligned with client expectations. Technical Leadership & Mentoring: Guide and mentor L1 and L2 analysts in investigation techniques, use case analysis, and incident triage. Review escalations, ensure incident quality, and drive analyst capability building. Help design and maintain client-specific runbooks and detection use cases . Tooling & Engineering Support: Work closely with SIEM/SOAR engineers to enhance detection logic and automation. Validate detection efficacy using red team or threat simulation tools. Participate in tuning efforts for SIEM (e.g., Splunk, Sentinel, QRadar, LogRhythm, Seceon, etc.) and EDR tools. Reporting & Documentation: Create detailed incident reports, RCA documents, and threat summaries for clients. Provide technical input during client reviews and executive briefings. Maintain compliance with internal quality standards, frameworks (MITRE ATT&CK, NIST, ISO), and regulatory mandates. Required Skills & Experience: Proven experience in: SIEMs: Splunk, Sentinel, Exabeam, QRadar, or similar. EDR platforms: CrowdStrike, SentinelOne, Carbon Black, etc. SOAR and automation workflows. Scripting (Python, PowerShell, or Bash) for threat hunting or automation. Strong understanding of TCP/IP, threat vectors, and log analysis. Knowledge of frameworks such as MITRE ATT&CK, NIST 800-61, and ISO 27035. Ability to manage high-pressure incidents across multiple clients simultaneously. Preferred Certifications (Nice to Have): GIAC (GCIA, GCIH, GNFA), OSCP, CISSP, or equivalent certifications. Experience with OT/ICS threat detection and asset monitoring is a plus. Knowledge of cloud monitoring (Azure/AWS/GCP) and hybrid threat detection