4 Siem Platforms Jobs

Position: Senior Systems Engineer Experience: 3-5 yrs Category: IT Infrastructure Main location: Bangalore, Hyderabad Primary skill- SIEM tools, Incident response, Network Security. Qualification: Bachelor's degree in Computer Science or related field or higher. Position Description Key Responsibilities: Monitor and analyze security events using SIEM tools (e.g., Splunk, QRadar, Azure Sentinel). Detect, investigate, and respond to real-time security incidents and alerts. Triage incidents based on severity and impact; escalate to L3/IR team as required. Perform root cause analysis and document findings in incident tracking tools. Create and update use cases, detection rules, and dashboards within SIEM. Analyze endpoint, firewall, and proxy logs for malicious activity. Conduct log correlation across multiple data sources to identify patterns and anomalies. Collaborate with threat intelligence and vulnerability management teams. Prepare detailed incident reports and threat intelligence summaries. Assist in playbook development and improve response workflows. Participate in regular threat hunting and tabletop exercises. Ensure security controls and monitoring are in place for cloud environments (AWS/Azure). Support compliance and audit requests with log and incident data. Provide mentorship and guidance to junior SOC analysts. Required Skills & Qualifications: Bachelors degree in Computer Science, Information Security, or related field. 35 years of hands-on experience in a SOC or cybersecurity role. Proficiency in SIEM platforms (e.g., Splunk, QRadar, Sentinel, ArcSight). Strong understanding of TCP/IP, DNS, HTTP, VPN, firewall rules, and IDS/IPS. Experience handling phishing, malware, lateral movement, and brute-force attacks. Familiarity with the MITRE ATT&CK framework and cyber kill chain. Knowledge of endpoint detection tools (e.g., CrowdStrike, Defender ATP). Working experience with ticketing tools like ServiceNow or Jira. Good communication skills and ability to work in a high-pressure environment. Flexible to work in 24/7 rotational shifts, including weekends (if required). Preferred / Good-to-Have: Scripting skills (Python, PowerShell, Bash) for automating SOC tasks. Cloud security experience (AWS, Azure, GCP). Certifications: SC-200, CompTIA CySA+, CEH, GSEC, or equivalent. Exposure to SOAR platforms and automated response tools. Skills: English Security Operations Center Security Architecture Security Assessment Security Monitoring AI

Key Responsibilities Design, develop, and deploy SIEM workflows that automate and streamline the detection, analysis, and response to security events Customize workflows to meet specific SIEM requirements and improve operational efficiency Develop and maintain SIEM connectors to integrate various data sources, including network devices, servers, applications, and cloud environments Ensure reliable data ingestion and normalization across diverse sources to provide comprehensive security monitoring Work with ELT (Extract, Load, Transform) frameworks to integrate and process security data from multiple sources Leverage technologies such as Kafka, AWS Data Catalog, AWS Glue, and Athena to manage and query large datasets efficiently Utilize scripting languages like Python, Bash, JavaScript, or PowerShell to automate tasks, develop custom connectors, and enhance SIEM functionality Contribute to the design and architecture of secure, scalable SIEM solutions aligned with the organization's security strategy Identify and recommend improvements to system design to enhance performance, reliability, and scalability Provide strategic recommendations for optimizing security operations, improving system design, and adopting new technologies that align with long-term security goals Job Qualifications Technical Expertise Strong experience with SIEM platforms and best practices in security operations, threat detection, and incident response Proficiency in scripting languages (Python, Bash, JavaScript, PowerShell) for automation and custom development Experience with data management tools such as ELT frameworks, Kafka, AWS Data Catalog, AWS Glue, and Athena Solid understanding of cloud services, particularly AWS, and experience automating tasks with Boto3 Experience in building FedRAMP-compliant systems is a plus Strategic and Analytical Skills Ability to think strategically and recommend system design improvements to enhance security operations Strong analytical skills to assess security threats and optimize SIEM configurations and workflows Communication and Collaboration Excellent communication skills with the ability to work closely with cross-functional teams

Job Qualifications Technical Expertise Strong experience with SIEM platforms and best practices in security operations, threat detection, and incident response Proficiency in scripting languages (Python, Bash, JavaScript, PowerShell) for automation and custom development Experience with data management tools such as ELT frameworks, Kafka, AWS Data Catalog, AWS Glue, and Athena Solid understanding of cloud services, particularly AWS, and experience automating tasks with Boto3 Experience in building FedRAMP-compliant systems is a plus Strategic and Analytical Skills Ability to think strategically and recommend system design improvements to enhance security operations Strong analytical skills to assess security threats and optimize SIEM configurations and workflows Communication and Collaboration Excellent communication skills with the ability to work closely with cross-functional teams

Job Requisition ID # 25WD88680 Position Overview In the role of Triage Manager, you will be responsible for overseeing the full spectrum of security alert triage across Autodesk's global infrastructure. Your primary objective is to ensure that all Tier 1 alerts are promptly actioned and resolved while efficiently routing more complex issues to seasoned security analysts. You will manage a team that includes both internal staff and vendor personnel, and you'll work collaboratively with our Detections and Monitoring groups to fine-tune alert configurations and drive automation initiatives. Your expertise in managing alerts across on-premises systems and cloud platforms (Azure, AWS, and GCP) will be vital in maintaining a robust, responsive security posture. Key Responsibilities Alert Management & Triage: Oversee and streamline the alert triage process, ensuring all Tier 1 alerts are promptly acknowledged, investigated, and resolved. Ensure that higher complexity alerts are escalated to more seasoned analysts for in-depth investigation Team Coordination: Lead a mixed team of full-time employees and vendor staff, ensuring optimal coverage and efficient operations within the alert queues Provide mentorship, operational guidance, and continuous training to team members Process Optimization: Collaborate with Detections and Monitoring teams to tune alert thresholds, reduce false positives, and eliminate noise. Identify which alerts are suitable for automation and partner with engineering teams to develop and deploy automated solutions Multi-Cloud Alert Management: Manage and maintain situational awareness of alerts coming from diverse environments including on-premises, Azure, AWS, and GCP infrastructures. Ensure consistent triage standards are applied across all platforms Operational Reporting & Improvement: Develop and maintain metrics to evaluate alert handling performance. Produce regular status reports to drive continuous improvement in triage processes Collaboration & Communication: Serve as a critical communication bridge between frontline security operations and higher-level incident response teams. Ensure clear, timely, and accurate documentation and communication of triage activities and incident escalations Minimum Qualifications Experience: Minimum of 5+ years in security operations or incident response, with at least 2 years in a supervisory or management role overseeing alert triage or a similar SOC function Technical Skills: Strong command of SIEM platforms, especially Splunk, with proven experience in configuring and optimizing alerting mechanisms Solid understanding of telemetry integration and alert correlation across varied data sources in both on-prem and cloud environments Operational Expertise: Demonstrated experience managing high-volume security alert environments, with the ability to make swift, informed decisions under pressure Expertise in developing and refining alert triage processes, reducing noise, and automating routine tasks Soft Skills: Exceptional leadership and communication skills capable of effectively managing a mixed team of internal and vendor staff Strong analytical and problem-solving abilities to quickly assess and escalate security incidents Cloud Agnostic: Proven knowledge of and experience with managing security alerts across multiple cloud platforms, including Azure, AWS, and GCP #LI-PJ1 Learn More About Autodesk Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made. We take great pride in our culture here at Autodesk - our Culture Code is at the core of everything we do. Our values and ways of working help our people thrive and realize their potential, which leads to even better outcomes for our customers. When you're an Autodesker, you can be your whole, authentic self and do meaningful work that helps build a better future for all. Ready to shape the world and your future Join us! Salary transparency Salary is one part of Autodesk's competitive compensation package. Offers are based on the candidate's experience and geographic location. In addition to base salaries, we also have a significant emphasis on discretionary annual cash bonuses, commissions for sales roles, stock or long-term incentive cash grants, and a comprehensive benefits package. Diversity & Belonging We take pride in cultivating a culture of belonging and an equitable workplace where everyone can thrive. Learn more here: Are you an existing contractor or consultant with Autodesk Please search for open jobs and apply internally (not on this external site).