42 Siem Tools Jobs

Job Description Job Title : Security Analyst L1 Shift: Rotational Shift Job Description: The Area: The Information Security Team is a central function governing corporate and product security globally. We have built a strong team of high performing security experts and are creating a new team within Information Security here at Morningstar. As a member of our new Security Operations Center Team, you will get to be a part of a growing and well supported program protecting Morningstars Infrastructure, Data, and People. The Role: As an analyst on our Security Operations Center Team, you will monitor and analyze threats, provide security monitoring, and incident response services. Day to day you will work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting impact. You will analyze incidents to determine scope and impact and assist in recovery efforts. You will combine threat intelligence, event data, and assessments from recent events, to identify patterns to understand attackers' goals and stop them from succeeding. This position is based in our Mumbai office. Responsibilities: Provide 24x7 monitoring operations for security alerts Detect, analyze, report and respond to cyber security events and incidents using a combination of technology solutions and processes Review and escalate alerts Examine and operationalize new adversary detection methods to defend Morningstar Assess the security impact of security alerts and traffic anomalies to identify malicious actions. Generate reports for both technical and non-technical staff and stakeholders. Requirements + A bachelors degree and 2-3+ years’ experience in Information Security. + Excellent communication skills and an understanding of cyber security fundamentals. + Candidates should be interested in keeping up with the latest security trends. + Experience with security tools +Add-on Certification like Security+, CompTIA+, Splunk. Morningstar is an equal opportunity employer

JD: Work Location Mumbai (Aeroli) Experience – 3-4years Install, configure, and manage FleetDM and OSQuery across the bank's critical endpoints, ensuring continuous monitoring of core banking systems and financial infrastructure. Create and deploy custom queries, alerts, and rules to detect unauthorized activities, internal threats, and system anomalies. Leverage FleetDM and OSQuery to gather and analyze endpoint telemetry data (e.g., processes, network activity, financial transactions, file system changes) for signs of malicious activity targeting banking applications and infrastructure. Proactively hunt for advanced persistent threats (APTs), malware, and other security risks across Windows and Linux environments, with a focus on protecting critical banking systems. Utilize data from FleetDM and OSQuery to identify potential risks and detect fraudulent activities across financial systems and customer-facing services. Investigate malware to understand its impact on financial services, and develop detection rules to mitigate future incidents. Track and respond to threats involving online banking, mobile banking apps, payment systems, and other financial platforms. Knowledge on operating systems, networking, any query language etc

Administer and maintain ArcSight SIEM platform to ensure stability and performance. Onboard and configure log sources, including parser development and tuning. Monitor system health, troubleshoot issues, and apply updates/patches.

Position Overview: We are seeking a dynamic and highly skilled Senior Cyber Security & Splunk Engineer to join our team. This role demands a blend of hands-on technical expertise in incident response and security operations, as well as deep experience in managing and administering Splunk environments to support security intelligence, compliance, and operational efficiency. Key Responsibilities: Cyber Security Incident Response & Strategy: Lead and manage Security Response strategy, standards, and processes. Conduct risk assessments and implement mitigation strategies. Ensure alignment with compliancy frameworks including NIST, ISO, HIPAA, GDPR, SOX, CCPA, and CMMC. Splunk Administration & Engineering: Install, configure, and maintain Splunk Enterprise and Splunk Cloud platforms. Monitor Splunk performance, manage indexing, clustering, and data retention. Onboard data sources, create parsing configurations, and maintain data integrity. Design and develop dashboards, reports, and alerts using SPL (Search Processing Language). Implement role-based access control and ensure compliance with security standards. Troubleshoot and resolve Splunk-related issues efficiently. Technical Skills & Competencies: Cyber Security: • 8 - 10+ years of hands-on experience in cybersecurity and incident response. • Splunk: • 5+ years of Splunk administration experience.

Overview. ormation Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area, Responsibilities. Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage, Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc, L2/L3 level is added advantage, Should have knowledge in managing Vulnerability tools and various remediation efforts, Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed, Enforce incident response service level agreement, Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company. Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks. Vulnerability management assessment and remediation. Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks. Research the latest information technology (IT) security trends. Help plan and carry out an organization’s way of handling security. Develop security standards and best practices for the organization. Recommend security enhancements to management or senior IT staff. Document security breaches and assess the damage they cause, Performs other duties as assigned. Qualifications. Tech, B. 2-5 years’ Experience working in a Security Operations Center. 2 years minimum in the computer industry. Knowledge working with complex Windows environments. Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001. Knowledge in design and administration of security tools. Good written and verbal communication skills. Show more Show less

Security Engineer Hyderabad, Telangana IT Description Why youll want to work at nimble! This is a great opportunity to join a well-established and market-leading brand serving a high-growth end market while gaining valuable experience and visibility to Executive leadership. As an organization, we are in considerable growth mode through acquisition and with a laser focus on positive culture building. The Information Security Engineer is responsible for safeguarding the organization's systems and data assets. This critical role focuses on preventing and mitigating unauthorized access, modification, or destruction of sensitive information. The Engineer actively participates in the development and implementation of robust IT security policies and standards. Through close collaboration with end-users across various departments, this position ensures the alignment of security measures with individual business needs while maintaining strict adherence to company-wide security policies and procedures. The Information Security Engineer reports directly to the Director of Information Security and maintains an indirect reporting line to the Chief Information Technology Officer. Threat Detection & Response: Monitor the organization's servers and networks for security breaches using tools such as Windows Defender, Windows Purview, Crowdstrike, Rapid7 Investigate and respond to security incidents promptly. Utilize Windows Defender, Rapid7 and Wiz for vulnerability scanning and threat intelligence gathering. Implement and enforce security policies through Intune. Security Architecture & Engineering: Design, implement, and maintain security controls, including firewalls, intrusion detection/prevention systems (IDPS), and data encryption. Conduct security assessments and penetration testing. Develop and maintain security standards and best practices. Endpoint Security Management: Manage endpoint security solutions, including Windows Defender and Crowdstrike Vulnerability Management: Identify, assess, and prioritize vulnerabilities using Windows Defender, Wiz and Rapid7. Develop and implement remediation plans. Compliance & Reporting: Prepare reports that document security metrics, attempted attacks, and security breaches. Ensure compliance with relevant security standards and regulations. Security Awareness & Training: Educate and train employees on IT security best practices and awareness. Collaborate with IT teams, business units, and other stakeholders to ensure effective security implementation. Clearly communicate security risks and recommendations to management. Requirements 5+ years of experience in systems or network administration/engineering 1+ years of experience in information security roles Strong understanding of security principles and best practices (e.g., NIST) Proficient with Windows Server administration and management Proficient with network protocols and topologies Experience with security information and event management (SIEM) systems Experience with scripting languages (e.g., Python, PowerShell) Strong analytical and problem-solving skills Excellent written and verbal communication skills Ability to work independently and as part of a team Experience with cloud security (e.g. Azure, Defender) Experience with security orchestration and automation platforms (SOAR). Experience with container security and microservices. This job description is intended to provide a general overview of the position. Responsibilities and qualifications may vary depending on the specific needs of the organization. This revised job description incorporates the specified security software suites and provides a more comprehensive overview of the role. Contact details: Interested candidates drop your resumes to 8179814131 - Navya (Whats App only)

Were Hiring: System Administrator Location: Chennai (Onsite) Experience: 6+ Years Are you an infrastructure expert who thrives on solving complex challenges across networking, security, and systems managementWe're looking for a System Administrator who can hit the ground running and take charge of enterprise-level infrastructure and security operations, Key Responsibilities Infrastructure Management: Design, install, and manage servers, firewalls, virtual environments, and network systems, Security & Compliance: Monitor and secure M365 environments, ensure compliance with ISO 27001 and SOC 2 Type 2, and manage endpoint protection tools, Patch & Vulnerability Management: Keep systems up to date and secure with effective patching strategies, Risk & Project Management: Support hardware/software evaluations and implement risk-mitigated IT projects, Support & Maintenance: Provide after-hours support and handle scheduled weekend maintenance as needed, Collaboration & Training: Mentor peers, support cross-training, and deliver security awareness programs, Required Skills 6+ years of hands-on experience in System Administration, Expertise in LAN/WAN networking, VLANs, IP subnetting, and 802 1Q trunking, Solid experience with Azure & Local Active Directory administration, Proven ability in patch management, vulnerability remediation, and OS/application hardening, Deep knowledge of M365 security, Azure AD, Microsoft Defender, and SIEM tools, Familiarity with security compliance frameworks (ISO 27001, SOC 2), Excellent troubleshooting, analytical thinking, and documentation skills, Strong communication and ability to thrive in fast-paced environments, Why Join Us Work on impactful infrastructure and cybersecurity initiatives, Get hands-on with leading tools like Falcon, Endpoint Protector, SIEMs, and more, Collaborate with experienced professionals and build cross-functional expertise, Opportunity to work in a secure, compliance-driven, enterprise environment, InterestedApply below asap Apply now or message me directly to explore this opportunity, #Hiring #SystemAdministrator #C2C #OnsiteJobs #ChennaiJobs #Networking #InfrastructureJobs #Cybersecurity #M365Security #ISO27001 #SOC2 #ContractJobs #Azure #ActiveDirectory #ITAdmin

Role & responsibilities Responsibilities: • Escalate validated and confirmed incidents to designated SOC Lead/ Incidents response team. • Security Event Correlation as received from L2 SOC or Incident Response staff or relevant sources to determine increased risk to the business. • Indepth knowledge on multiple SIEM platforms like Securonix, IBM QRadar, LogRhythm, Arcsight, FortiSIEM , Microsoft Sentinel, and others • Support the SOC Manager in his duties (e.g. extension of SOC services) • Update Security Operations reporting • Triage security events and incidents, detect anomalies, and report/direct remediation actions. • Development and execution of SOC procedures • Should have indepth knowledge of Firewall, EDR, IDS/ IPS, VPN, Cloud Security • Should have hands on Experience in Threat Hunting. • Should have good hands-on experience in VAPT. • Should have good knowledge in integrating TI feeds and Third-Party tools. • Should have knowledge in Building SIEM platform with SOAR, NBAD, UEBA Integration. • Should have hands on experience in developing Use case and Parser Creation. • Should have knowledge in Breach simulation attack. • Sound knowledge in Unix, Linux, Windows, and security devices like firewall, etc. • Preparation of RCA, Preparation of runbook and Training to L2 and L1 team. Qualification: B.E./B.Tech/MCA Certification CEH, ECIH, CISSP, CISM, GCIH, GCFA, Certified Threat Hunter, SIEM certifications for platforms like (Qradar, LogRhythm etc) Work experience: 8 + Years NOTE : Work location will be Mumbai Andheri Seepz, and this is permanent Work from Office role NO HYBRID Option

Role Overview: The Cloud & Security Engineer ensures security, compliance, IAM (Identity and Access Management), and network stability within the Amazon Connect ecosystem. This role is critical for maintaining a robust security posture and ensuring regulatory compliance. Key Responsibilities: Implement and manage secure access controls for Amazon Connect and associated AWS services. Enforce compliance with security standards such as ISO 27001, SOC 2, GDPR, and NIST . Monitor and administer IAM policies, least-privilege access controls, and security groups . Support network configurations, VPN access, and firewall policies to maintain service integrity. Conduct security audits, risk assessments, and vulnerability mitigation strategies . Implement DDoS protection, data encryption, and identity verification mechanisms for Amazon Connect. Troubleshoot AWS security incidents, IAM misconfigurations, and network connectivity issues . Collaborate with NOC engineers and automation teams to enhance security and operational efficiency. Required Skills & Qualifications: 3+ years of experience in cloud security, network security, or AWS architecture . Strong expertise in AWS IAM, AWS Security Hub, AWS WAF, and network security principles . In-depth knowledge of security compliance frameworks (CIS, PCI-DSS, NIST, GDPR, etc.) . Experience with SIEM tools, intrusion detection/prevention systems (IDPS), and log analysis . AWS certifications in Security or Networking (e.g., AWS Certified Security Specialty) preferred. Ability to provide on-demand support as a shared or part-time resource . Client Service: • Provide outstanding client service, responding promptly and professionally across communication channels. Cultivate and maintain long-term client relationships, emphasizing exceptional service and understanding of client needs. Shift timing and working hours: • Night shifts /EST • Monday to Friday Fixed working days Benefits and compensation: Group Health insurance and other benefits. • The Best working culture and growth opportunities. • Learning opportunities in leading technologies • Compensation as per Market Standard

Role Overview: The Cloud & Security Engineer ensures security, compliance, IAM (Identity and Access Management), and network stability within the Amazon Connect ecosystem. This role is critical for maintaining a robust security posture and ensuring regulatory compliance. Key Responsibilities: Implement and manage secure access controls for Amazon Connect and associated AWS services. Enforce compliance with security standards such as ISO 27001, SOC 2, GDPR, and NIST . Monitor and administer IAM policies, least-privilege access controls, and security groups . Support network configurations, VPN access, and firewall policies to maintain service integrity. Conduct security audits, risk assessments, and vulnerability mitigation strategies . Implement DDoS protection, data encryption, and identity verification mechanisms for Amazon Connect. Troubleshoot AWS security incidents, IAM misconfigurations, and network connectivity issues . Collaborate with NOC engineers and automation teams to enhance security and operational efficiency. Required Skills & Qualifications: 3+ years of experience in cloud security, network security, or AWS architecture . Strong expertise in AWS IAM, AWS Security Hub, AWS WAF, and network security principles . In-depth knowledge of security compliance frameworks (CIS, PCI-DSS, NIST, GDPR, etc.) . Experience with SIEM tools, intrusion detection/prevention systems (IDPS), and log analysis . AWS certifications in Security or Networking (e.g., AWS Certified Security Specialty) preferred. Ability to provide on-demand support as a shared or part-time resource . Client Service: • Provide outstanding client service, responding promptly and professionally across communication channels. Cultivate and maintain long-term client relationships, emphasizing exceptional service and understanding of client needs. Shift timing and working hours: • Night shifts /EST • Monday to Friday Fixed working days Benefits and compensation: Group Health insurance and other benefits. • The Best working culture and growth opportunities. • Learning opportunities in leading technologies • Compensation as per Market Standard

Key Responsibilities: • Incident Response Leadership Lead and coordinate responses to security incidents, including triage, investigation, containment, and remediation. Act as the primary incident commander for high-severity security events. Manage post-incident reviews and ensure timely root cause analysis and lessons learned. • Team Management & Collaboration Lead a team of incident responders and analysts (internal or external SOC teams). Collaborate with stakeholders across IT, Legal, Risk, Compliance, and Executive teams during and after incidents. • Process Development & Improvement Maintain and improve the Security Incident Response Plan (SIRP). Ensure incident handling procedures are well-documented, tested, and regularly updated. Conduct table-top exercises and simulations. • Threat Intelligence & Detection Work with threat intelligence teams to correlate incidents with known threats and vulnerabilities. Partner with security engineering and SOC to enhance monitoring and alerting. • Compliance & Reporting Ensure incident documentation aligns with regulatory requirements (e.g., HIPAA, GDPR, NIST, ISO 27001). Prepare executive-level summaries and incident impact assessments. Support audit and compliance requests related to incident response. Required Qualifications: • Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). • 5+ years of experience in cybersecurity, with at least 2 years in a lead or senior incident response role. • Strong understanding of common attack vectors, malware behaviors, threat hunting, and forensic analysis. • Familiarity with frameworks such as NIST 800-61, MITRE ATT&CK, and SANS IR methodology. • Hands-on experience with SIEM, EDR, and SOAR tools (e.g., Splunk, CrowdStrike, Palo Alto Cortex). • Excellent communication and leadership skills under pressure. Preferred Qualifications: • Relevant certifications (e.g., GCIH, GCIA, CISSP, CISM, CEH). • Experience in regulated industries (finance, healthcare, energy). • Exposure to cloud-native environments (AWS, Azure) and container security. Key Competencies: • Strategic thinking during crisis • Strong analytical and problem-solving skills • Cross-team collaboration and influence • Commitment to continuous improvement and learning

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ YearsHands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ Years Hands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Job Summary: The SOC Monitoring and Incident Response Specialist is responsible for monitoring security events, identifying potential threats, investigating incidents, and initiating incident response actions. This role requires extensive experience in cybersecurity, threat intelligence, and incident response processes to support our security operations and safeguard our organization's IT environment. Key Responsibilities: Security Monitoring & Analysis - Monitor and analyze security alerts from various sources (SIEM, IDS/IPS, firewalls, endpoint protection, etc.). - Identify suspicious activity and investigate to understand the threat level and scope. - Perform triage of alerts to assess whether they represent legitimate threats or false positives. Act as the first responder to security incidents, containing and mitigating threats. - Document and track incidents, performing root-cause analysis to prevent recurrence. - Coordinate incident response efforts, collaborating with internal teams and external partners if needed. - Utilize threat intelligence to stay updated on emerging threats and attack vectors. - Correlate threat intelligence data with real-time monitoring to detect indicators of compromise (IOCs). - Proactively hunt for threats and vulnerabilities within the organizations network. - Conduct forensic investigations of compromised endpoints, servers, and networks to determine the nature and extent of attacks. - Collect, preserve, and analyze evidence for potential use in legal or disciplinary actions. - Provide detailed reports on findings and recommendations for improvements in security posture. Process Improvement & Documentation - Contribute to the development and improvement of SOC processes, playbooks, and runbooks. - Document security incidents and response activities in detail, ensuring accurate record-keeping. - Provide post-incident reports, insights, and recommendations to improve defenses and incident handling procedures. - Work with IT and cybersecurity teams to improve overall network and endpoint security. - Communicate with stakeholders, translating technical findings into business impacts. - Participate in cross-functional meetings and contribute to the overall risk management strategy. - Mentor junior SOC analysts and assist in their professional development. - Conduct training sessions and awareness programs to improve cybersecurity knowledge within the organization. Requirements: Education: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience). Experience: 6-8 years of experience in a SOC, incident response, or similar cybersecurity role. Certifications: Preferred certifications include CISSP, CISM, GIAC (GCIA, GCIH), or CEH. Technical Skills: - Proficiency with SIEM tools (e.g., Splunk, QRadar, ArcSight, Logrhythm), IDS/IPS systems, firewalls, and EDR and WAF solutions. - Familiarity with common operating systems (Windows, Linux) and networking protocols (TCP/IP, DNS, HTTP, etc.). - Strong understanding of cyber threats, vulnerabilities, malware, and attack methods. - Experience with scripting languages (Python, PowerShell) is an asset. - Knowledge of forensic tools and processes for data recovery and analysis. Soft Skills: - Strong analytical and problem-solving abilities. - Ability to work effectively under pressure and manage multiple tasks. - Excellent communication and interpersonal skills, with the ability to explain technical issues to non-technical audiences. - Team-oriented with a proactive and collaborative attitude.

Position: Third Party Risk Management (TPRM) Manager Location: Mumbai Reports to: CISO Key Responsibilities: Due Diligence & Risk Assessment: Perform thorough due diligence on third-party vendors, evaluating operational, security, compliance, and financial risks. Vendor Monitoring & Reporting: Continuously assess and monitor third-party risks, security postures, and contract compliance. Report risk status to senior management. Risk Mitigation & Incident Management: Implement risk mitigation strategies and lead incident management for third-party breaches or failures. Cross-Department Collaboration: Work with procurement, legal, IT, and other business units to ensure third-party contracts and security align with risk management strategies. Technical Skills & Tools: Risk Management Tools: Experience with RSA Archer, MetricStream, or LogicManager for risk assessments, vendor scoring, and compliance tracking. Security Monitoring: Proficiency in SIEM tools like Splunk, IBM QRadar, and ArcSight for detecting, analyzing, and managing third-party security events. Vulnerability Management: Hands-on experience with Tenable.io, Qualys, or Rapid7 Nexpose for vulnerability scanning and management. Third-Party Management Platforms: Familiarity with OneTrust, ProcessUnity, or Prevalent for ongoing third-party risk assessments and monitoring. Incident Response: Experience using tools like ServiceNow or PagerDuty for handling third-party security incidents and coordinating remediation actions. IAM Tools: Working knowledge of Okta, CyberArk for ensuring secure vendor access to bank systems. Qualifications: Education: Bachelor's degree ISO/IEC 27001 Lead Implementer PCI DSS Certified Information Systems Auditor (CISA) Strong analytical skills with the ability to assess and mitigate complex third-party risks. Excellent communication and stakeholder management skills. Ability to navigate regulatory environments and ensure compliance with third-party risk policies. Ability to drive strategic risk management initiatives while handling day-to-day operational challenges. Interested candidates can share CV at jeshant.katoch@paytmbank.com

Configure, review & manage firewall policies (Palo Alto, Fortinet, Checkpoint). Administer Web Application Firewall (WAF). Deploy, modify & troubleshoot security profiles, access rules, & VPN. Lead migration & implementation of new security controls. Required Candidate profile Exp with Firewall rule optimization & cleanup. Firmware & Patch Management for security devices. Exposure to Security Information & Event Management (SIEM) tools. Exp in Application Load Balancer.

TITLE- SOC ANALYST-L3 JOB DESCRIPTION: Responsible for responding to security incidents identified by internal controls or external SOC partners Strictly adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling security incidents and events. Hands-on experience with Security Information and Event Management (SIEM) tools such as Splunk, IBM Q-Radar, Microsoft Sentinel, LogRhythm, or ArcSight. Proficient in Incident Response and automation workflows as it relates to Security Operations. Detects, identifies, and responds to cyber events, and incidents in line with cyber security policies and procedures. Should be capable of independently leading and managing security event investigations with minimal guidance from SOC leadership, while effectively collaborating with other departments as needed Evaluate and update current SOC procedures and runbooks as required or directed. QUALIFICATION REQUIRED: Bachelors degree in computer science, Information Technology, Business or equivalent discipline Minimum 5 years of technical experience in Security Operations Center (SOC) and Information Security required. SIEM certification or Security technology related certification is a plus. Candidate should be willing to work in 24*7*365 shifts Candidate should be able to work from Ares Office located in Mumbai Experience- 5 to 7 years Location-Mumbai (In office) Shift- Rotational shifts Notice- Immediate joiners NOTE- Candidates are expected to attend inperson interview in Mumbai.

Greetings from Datamark!!! Postion : Information Security Analyst Experience : 5 Yrs in Experience Location: Ambattur Industrial Estate , Chennai Position Overview: The Information Security Analyst is responsible for the administration of the organizations information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelors degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals If you are interested please share your updated resume to jagadish.jayavel@datamark.net or contact us 9500681139

Role & responsibilities • Monitor and respond to real-time cyber threats using SIEM tools and threat intelligence platforms. Conduct regular vulnerability assessments and penetration testing. Analyze security incidents and provide detailed incident reports with remediation plans. Oversee firewall, antivirus, and intrusion detection/prevention systems (IDS/IPS). Perform security risk assessments for infrastructure, applications, and cloud environments. Ensure compliance with HIPAA, GDPR, ISO 27001, and other relevant regulations. Develop and enforce information security policies, procedures, and standards. Work closely with the DevOps, Network, and Infrastructure teams to enforce security protocols. • Lead incident response drills and disaster recovery planning. Prepare security metrics and dashboards for internal reviews and audit support. Stay current on evolving cyber threats and emerging security technologies Preferred candidate profile • Bachelor's degree in Computer Science, Information Security, or a related field. • Strong knowledge of threat intelligence, security monitoring tools (e.g., Splunk, IBM QRadar, or similar). Experience in cloud security (AWS/Azure/GCP) and endpoint security. Familiarity with frameworks such as NIST, MITRE ATT&CK, OWASP. Certifications preferred: CISSP, CISM, CEH, or CompTIA Security+. Strong analytical skills and ability to handle security incidents independently. Excellent communication skills and ability to work with cross-functional teams. Nice to Have • Experience working in healthcare or pharmaceutical industries. • Knowledge of data privacy regulations applicable to clinical or health data. • Exposure to machine learning applications in threat detection.

Preferred candidate profile Security Incident monitoring & Security Incidents analysis Good experience in using SIEM tools Knowledge on Threat analysis, evolving Threat landscape Knowledge on Event logging and event analysis Knowledge on Corporate security products like firewalls, IPS, Web/content Filtering tools, Compliance tools, ITIL process Knowledge on Vulnerabilities and threats Knowledge on Packet Analysis and Forensic Analysis React to attacks observed during incidence monitoring Good knowledge about common security attacks, targeted attacks Define and act to common security incidents and reporting to stakeholders Contributing to continue monitoring and improvement of security posture of the organization Skills/Exposure SIEM tools, SOC, Security Incident Management Firewall, IPS, Proxy (Web/content Filtering tools), AV, APT Tools, RSA Wireshark,

Job Title: Information Security Analyst (InfoSec Analyst) Location: Remote Job Type: Fulltime YoE: 12+ years relevant experience Shift: 2 to 11 pm IST Description: The Information Security Analyst is responsible for the defining, planning, and monitoring of security measures for the protection of computer networks and information. This individual will also be responsible for monitoring and analyzing network security hardware and software and assist in the development and enforcement of network security policies. This position will work within the legal department and report to the Director, Head of the Security, Compliance, & Risk (SCR) department. Duties and Responsibilities: The following duties are normal for this job. These are not to be construed as exclusive or all-inclusive. Other duties may be required and assigned. Defines, maintains, and reports on overall computer network security strategies (Best Practices/Common Practices) with all information assets connected to the Vaco network. Must have the ability to communicate security policies and strategies to people of varying technical ability both verbally and in written format. Monitors operation of, and provides reports on, perimeter security systems such as firewalls, routers, proxy servers, intrusion detection and protection systems. Monitors operation of, and provides reports on, end point security systems such as anti-virus, patch management and vulnerability assessment tools. Monitors operation of, and provides reports on, security information and event management (SIEM) systems. Must have the ability to examine a variety of data sources to correlate events and determine courses of action. Participates in the incident response process when network anomalies are discovered and drives the incident process to completion. Manages relationships and coordinates operational activities between Vaco and external security services providers (e.g., Managed Security Services Providers, Penetration Testers, Solution providers, etc.). Coordinates vulnerability remediation activities and works with the IT operations section to mature the patch management lifecycle based on vulnerability management Service Level Agreements (SLAs) defined by the SCR function. Creates and publishes daily/weekly/monthly/quarterly/annual incident management reports as requested/required. Desired Competencies and Skills: Knowledge of SIEM systems Knowledge of Intrusion Detection Systems/Intrusion Protection Systems Knowledge of networking and firewall appliances Knowledge of Information Security standards (International Organization for Standardization 27000 series, National Institute of Standards and Technology, HITRUST) Knowledge of a variety of vulnerability management solutions Strong verbal and written communication skills. Project management and organizational skills Educational Requirements: Bachelor’s degree in Computer Science, Information Technology, Information Security or Electrical Engineering preferred, with at least two (2) years of experience of Information Security experience. One of the following certifications is required: Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM); GIAC certifications and/or Certified Ethical Hacker (CEH); CompTIA Security+. Any equivalent combination of education, training, and experience which provides the requisite knowledge, skills, and abilities for this job may be considered. Travel Requirements: 10% -Occasional travel to onsite offices or vendor conferences may occur

Hi Everyone, I am on lookout for Infosec Analyst- GSOC for leading product based MNC in Yerwada, Pune. Kindly refer below JD:- Should have experience with Global Security Operation Center(SOC) Should have good experience with concepts of SIEM Should have strong experience in Incident Response Any SIEM tools experience: (Splunk, Azure Sentinel, EDR, MS Defender, Azure Sentinel, Any) Share your resume on nitika.sh@peoplefy.com NOTE: Immediate joiners to max 30 days are preferred.

As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources.

SOC Analyst 5+ Years of exp in SOC, and should have exp with Azure/AWS cloud. Exp in Remediation and "Defender for Cloud " is a must. About the role As a SOC Analyst L3, you will play a critical role in strengthening our organization's security posture through proactive threat detection and response. You will monitor system and network activity for any dangers or weaknesses and delve into the details of potential security incidents. Along the way, you will get to: Incident Analysis: Analyze security notifications to identify potential security issues and evaluate their impact and severity. Incident Response: Oversee the response to verified security incidents, including containment measures and investigation. Threat and Vulnerability Analysis: Investigate, document, and report on information security issues and emerging trends. Adjust Security Tools and Processes: Fine-tune security tools and processes to improve the organization's overall security posture. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. What were looking for Technical Proficiency: In-depth knowledge of security protocols, techniques, and technologies. Analytical Skills: Ability to analyze system performance and troubleshoot complex security issues. Communication: Effective communication skills to interact with team members and stakeholders. What you can expect Were legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another locationeven an international destination—for up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Today's talent leads tomorrow's success. Learn more about Insight: https://www.linkedin.com/company/insight/

Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune. We are looking for candidates with 3 + years of experience in : Security operations center Global SOC Experience Threat Monitoring/ Threat Detection/ Threat Prevention Any SIEM tools Interested candidates for above position kindly share your updated CV to asha.ch@peoplefy.com with below details : Notice Period : Experience: CTC : ECTC : Current Location :