48 Siem Tools Jobs

Job Role : Cyber Security Engineer--Work From Office Experience : 4 to 8 Yrs Key Skills: Security tools integration and management, Onboarding, Log ingestion, writing rules and polices in Cloud Security/SIEM/EDR/Antivirus/XDR/Firewall/MDR/SOAR tool Notice Period : 0 to 30 days Should be willing to work in Second shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Overview: They plan, implement, and maintain security measures, respond to security incidents, and identify vulnerabilities. Their roles vary depending on the specific area of security, such as network, application, or cloud security. Here's a more detailed breakdown of their responsibilities: Security Planning and Implementation: Designing and implementing security controls: This includes firewalls, intrusion detection systems, and access control mechanisms. Developing security policies and procedures: Establishing guidelines for secure operations and data handling. Performing risk assessments: Identifying potential vulnerabilities and threats. Implementing security tools and technologies: Integrating security software and hardware into the organization's infrastructure. Analyze and recommend improvements to network, system, and application architectures to enhance security. Research, design, and implement cybersecurity solutions that protect the organizations systems and products. Collaborate with DevOps, Platform Engineering, and Architecture teams to ensure security is embedded in the design and development of applications and systems. Actively participate in the change management process, ensuring security considerations are prioritized in system upgrades and modifications. Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments. Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies. Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents. Assess and review emerging technologies to identify potential security risks and implement mitigation strategies. Design and deploy innovative security technologies to address evolving security challenges. Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture. Work closely with security architects to develop and deploy security solutions that address cloud-specific risks. Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives. Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses. Qualifications & experience: Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling. Expertise in at least one of the following security domains: Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF) , CIS Controls, HIPAA, GDPR compliance Ability to assess compliance requirements and implement security controls to ensure adherence. Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies. Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders. Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team.

Why Join Siemens At Siemens, you will be part of a global leader committed to innovation, quality, and excellence. This role offers the opportunity to work on challenging projects, develop professionally, and make a significant impact in the electrical and instrumentation domain, particularly within power plant and renewable energy projects. If you are passionate about leading a talented team and driving technical excellence, we encourage you to apply. As Siemens Energy, "We energize society" by supporting our customers to make the transition to a more sustainable world, based on innovative technologies and our ability to turn ideas into reality. We do this by Expanding renewables Transforming conventional power Strengthening electrical grids Driving industrial decarbonization Securing the supply chain and necessary minerals Looking for challenging roleIf you really want to make a difference - make it with us Siemens Energy (SE) is a global pacesetter in energy, helping customers to meet the evolving demands of todays industries and societies. SE comprises broad competencies across the entire energy value chain and offers a uniquely comprehensive portfolio for utilities, independent power producers, transmission system operators and the oil and gas industry. Products, solutions and services address the extraction, processing and the transport of oil and gas as well as power generation in central and distributed thermal power plants and power transmission in grids. With global headquarters in Munich in Germany and more than 88,000 employees in over 80 countries, Siemens energy has a presence across the globe and is a leading innovator for the energy systems of today and tomorrow, as it has been for more than 150 years. Your new role- challenging and future-oriented You would be responsible for all system administration requirements like installation, upgrades, and updates of DCS Systems (SPPA T3000) before the delivery of components to customers as well as during the after-sales service phase. You would be part of remote service support center and would support customers in troubleshooting of problems faced by customer. As part of your profile there would be requirement of travelling to many project sites during installation as well as service phase of I&C Systems. You have great opportunity to work with global remote support centers and global teams We dont need superheroes, just super minds Youre a bachelors in engineering with 3 to 5 years of experience in system administration of Instrumentation & Control (I&C)/PLC systems. Youve great knowledge and experience of DCS & PLC Systems Youve great knowledge of SPPA T3000 control system and know-how on the system administration and troubleshooting would be an added advantage. Youve great knowledge of network implementation including switches, firewalls, router etc. Youve professional exposure in implementation of cyber solutions like NIDS, Application Whitelisting, Domain Controller, SIEM Solutions would be added advantage. Weve got quite a lot to offer. How about you This role is based in Gurgaon, where youll get the chance to work with teams impacting entire cities, countries- and the shape of things to come. Were Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow.

OT Cybersecurity Engineer for Digital Industries Customer Services, India About Siemens Accelerating transformation for industries For us, it all starts and ends with our customers. Maximizing value for them is what drives us! Combining the real world of automation with the digital world of information technology opens up completely new possibilities for our customers in all industries, empowering them to make better decisions and enable them to accelerate their transformation to become a Digital Enterprise. With our unique portfolio, we can make a decisive contribution to sustainable industrial innovation- transforming the everyday and creating a better tomorrow for societies and people around the world. Cybersecurity for Industry We give Cybersecurity for Industry the highest priority in successful digitalization, so we place it at the center of our development of innovative products, solutions, and services. We rely on the multilayer Defense in Depth concept strengthened by Zero Trust principles. This ensures reliable and always up-to-date protection on all levels, thanks to three pillars- plant security, network security, and system integrity- including Industrial Cybersecurity Services. At Digital Industries we create and implement digital manufacturing concepts for our vertical customer based on the Digital Enterprise software suite, TIA, MindSphere, Industrial Edge and Industrial cybersecurity offerings from Digital Industries. Are you passionate about safeguarding critical infrastructure and ensuring the security of industrial control systemsJoin our team as a Cybersecurity Engineer and play a pivotal role in protecting our ICS and SIS systems, networks, and information. Key Responsibilities: Security MeasuresEngineer, implement, and monitor robust security measures to protect ICS and SIS systems, related networks, and sensitive information. System Security Identify and define system security requirements to ensure comprehensive protection. Security ArchitectureDesign and develop detailed cybersecurity architectures and designs, adhering to industry-standard blueprints and best practices. Implementing Backup Solutions and ManagementImplement and manage system backup technologies like Acronis, Veritas, Veeam and other providers, overseeing installation and deployment. Threat Detection and Vulnerability monitoringImplement solution like Claroty or Nozomi at ICS for the customers. Installing remediation to risk score for the customer. Endpoint SecurityDeploy and manage endpoint security and application control solutions from providers like McAfee, as well as SIEM solutions such as McAfee, Splunk, and Q-radar etc. Network SecurityImplement and manage network-based firewalls (e.g., Siemens, Fortinet, Palo Alto, CISCO), network troubleshooting, and intrusion detection products. Network ManagementInstall and manage network management solutions like SiNEC NMS, SolarWinds, WhatsUp Gold etc. Firmware UpdatesConduct firmware updates for various automation control systems, switches, and firewalls. Domain Controller ConfigurationConfigure and deploy domain controller settings and policies to defined computer groups as per approved list for ICS. Host-Based SecurityImplement host-based security technologies, including antivirus, data leakage prevention, host IPS, whitelisting, and anomaly detection. Installation and TestingPerform installation, configuration, and testing activities at both factory and customer sites, with experience in Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT). DocumentationPrepare comprehensive system documentation, including functional design specifications, backup systems documentation, firewall configurations, network diagrams, system architectures, asset inventory, FAT and SAT procedures, and operation & maintenance manuals. Experience 5 to 6 years of experience in working for OT Security systems design, implementation and consulting with at least some experience in industrial automation systems design. Proven experience in cybersecurity, particularly in ICS. Strong understanding of cybersecurity principles and best practices. Proficiency in managing backup technologies, endpoint security, SIEM solutions, and network-based firewalls. Hands-on experience with network management solutions and firmware updates. Ability to configure domain controllers and implement host-based security technologies. Excellent documentation skills and experience with FAT and SAT procedures. Education o Bachelors degree in engineering (Electrical Engineering, Computer Engineering, or related field). A degree in Cybersecurity is preferred. o Valid certification in OT security (e.g., CISSP, GICSP, OSCP) would be additional advantage. Business Travel You will be in the delivery and implementation team and hence should be willing to travel and experience various manufacturing sites across India

Role Overview: Position: L3 SOC Analyst Location: Mumbai, India Experience: 5-8 years in SOC roles, with a strong focus on Incident Response and Threat Hunting. Key Responsibilities: Incident Response: Deep expertise in handling end-to-end incident response detection, investigation, containment, eradication, and recovery. Attack Vectors: Solid understanding of phishing, malware, ransomware , and how to respond effectively to these threats. Cyber Kill Chain: Strong knowledge of the cyber kill chain framework, including how adversaries progress through the stages of an attack. Adversary Tactics: Familiarity with adversary techniques and tactics, particularly using frameworks such as MITRE ATT&CK to mitigate threats. SIEM & EDR Tools: Extensive experience with SIEM tools like Splunk and ArcSight , and EDR solutions like CrowdStrike or Microsoft Defender . Scenario Handling: Capable of tackling complex, scenario-based challenges with a strategic mindset. Preferred Qualifications: 3-7 years of experience working in a SOC or handling Incident Response . Expertise in detecting and analyzing indicators of compromise (IOCs). Strong L2 or L3 analyst experience is a must A candidate who has worked on critical incidents and has an in-depth knowledge about the same

Azure Sentinel Security Engineer Responsibilities: Logging and Auditing: Monitor and audit cloud infrastructure using Azure Sentinel. Automated Workflows: Develop and maintain automated workflows for security operations. Threat Intelligence: Integrate threat intelligence feeds into Sentinel analytics and SOAR. Incident Response: Develop incident response use cases and remediation recommendations. Log Integration: Integrate security logs into Azure Log Analytics Workspace. Collaboration: Work collaboratively with team members and stakeholders to ensure effective communication and project success. Documentation: Maintain comprehensive documentation related to Azure Sentinel configurations and processes. Technical Knowledge: Expertise in Azure Sentinel, Defender, and other Microsoft security tools. Proficiency in scripting languages such as Python or PowerShell. Strong knowledge of Azure security services and governance. Creation of Sentinel Playbooks & dashboards for platform monitoring. Ingesting of various types of Syslog data, Network devices via Api's etc. along with appropriate DCRs. Experience with device onboarding, developing SIEM content and using KQL (Kusto Query Language). Develop and maintain relevant custom scripts/connectors for various device integration. Familiarity in working & Creation of new SOC Run Books. Experience in other SIEM tools like ArcSight/Qradar/Splunk. Certifications such as Microsoft Certified: Azure Security Engineer Associate or similar. Share your resume to : sowmya.v@acesoftlabs.com

Provide Level 2 support in Security Operations Centers (SOC), focusing on SIEM tools and threat detection. You will investigate and resolve security incidents, escalate critical issues, and ensure system integrity. Expertise in SIEM, threat detection, and incident response is essential.

Job Description Job Title : Security Analyst L1 Shift: Rotational Shift Job Description: The Area: The Information Security Team is a central function governing corporate and product security globally. We have built a strong team of high performing security experts and are creating a new team within Information Security here at Morningstar. As a member of our new Security Operations Center Team, you will get to be a part of a growing and well supported program protecting Morningstars Infrastructure, Data, and People. The Role: As an analyst on our Security Operations Center Team, you will monitor and analyze threats, provide security monitoring, and incident response services. Day to day you will work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting impact. You will analyze incidents to determine scope and impact and assist in recovery efforts. You will combine threat intelligence, event data, and assessments from recent events, to identify patterns to understand attackers' goals and stop them from succeeding. This position is based in our Mumbai office. Responsibilities: Provide 24x7 monitoring operations for security alerts Detect, analyze, report and respond to cyber security events and incidents using a combination of technology solutions and processes Review and escalate alerts Examine and operationalize new adversary detection methods to defend Morningstar Assess the security impact of security alerts and traffic anomalies to identify malicious actions. Generate reports for both technical and non-technical staff and stakeholders. Requirements + A bachelors degree and 2-3+ years’ experience in Information Security. + Excellent communication skills and an understanding of cyber security fundamentals. + Candidates should be interested in keeping up with the latest security trends. + Experience with security tools +Add-on Certification like Security+, CompTIA+, Splunk. Morningstar is an equal opportunity employer

JD: Work Location Mumbai (Aeroli) Experience – 3-4years Install, configure, and manage FleetDM and OSQuery across the bank's critical endpoints, ensuring continuous monitoring of core banking systems and financial infrastructure. Create and deploy custom queries, alerts, and rules to detect unauthorized activities, internal threats, and system anomalies. Leverage FleetDM and OSQuery to gather and analyze endpoint telemetry data (e.g., processes, network activity, financial transactions, file system changes) for signs of malicious activity targeting banking applications and infrastructure. Proactively hunt for advanced persistent threats (APTs), malware, and other security risks across Windows and Linux environments, with a focus on protecting critical banking systems. Utilize data from FleetDM and OSQuery to identify potential risks and detect fraudulent activities across financial systems and customer-facing services. Investigate malware to understand its impact on financial services, and develop detection rules to mitigate future incidents. Track and respond to threats involving online banking, mobile banking apps, payment systems, and other financial platforms. Knowledge on operating systems, networking, any query language etc

Administer and maintain ArcSight SIEM platform to ensure stability and performance. Onboard and configure log sources, including parser development and tuning. Monitor system health, troubleshoot issues, and apply updates/patches.

Position Overview: We are seeking a dynamic and highly skilled Senior Cyber Security & Splunk Engineer to join our team. This role demands a blend of hands-on technical expertise in incident response and security operations, as well as deep experience in managing and administering Splunk environments to support security intelligence, compliance, and operational efficiency. Key Responsibilities: Cyber Security Incident Response & Strategy: Lead and manage Security Response strategy, standards, and processes. Conduct risk assessments and implement mitigation strategies. Ensure alignment with compliancy frameworks including NIST, ISO, HIPAA, GDPR, SOX, CCPA, and CMMC. Splunk Administration & Engineering: Install, configure, and maintain Splunk Enterprise and Splunk Cloud platforms. Monitor Splunk performance, manage indexing, clustering, and data retention. Onboard data sources, create parsing configurations, and maintain data integrity. Design and develop dashboards, reports, and alerts using SPL (Search Processing Language). Implement role-based access control and ensure compliance with security standards. Troubleshoot and resolve Splunk-related issues efficiently. Technical Skills & Competencies: Cyber Security: • 8 - 10+ years of hands-on experience in cybersecurity and incident response. • Splunk: • 5+ years of Splunk administration experience.

Overview. ormation Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area, Responsibilities. Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage, Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc, L2/L3 level is added advantage, Should have knowledge in managing Vulnerability tools and various remediation efforts, Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed, Enforce incident response service level agreement, Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company. Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks. Vulnerability management assessment and remediation. Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks. Research the latest information technology (IT) security trends. Help plan and carry out an organization’s way of handling security. Develop security standards and best practices for the organization. Recommend security enhancements to management or senior IT staff. Document security breaches and assess the damage they cause, Performs other duties as assigned. Qualifications. Tech, B. 2-5 years’ Experience working in a Security Operations Center. 2 years minimum in the computer industry. Knowledge working with complex Windows environments. Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001. Knowledge in design and administration of security tools. Good written and verbal communication skills. Show more Show less

Security Engineer Hyderabad, Telangana IT Description Why youll want to work at nimble! This is a great opportunity to join a well-established and market-leading brand serving a high-growth end market while gaining valuable experience and visibility to Executive leadership. As an organization, we are in considerable growth mode through acquisition and with a laser focus on positive culture building. The Information Security Engineer is responsible for safeguarding the organization's systems and data assets. This critical role focuses on preventing and mitigating unauthorized access, modification, or destruction of sensitive information. The Engineer actively participates in the development and implementation of robust IT security policies and standards. Through close collaboration with end-users across various departments, this position ensures the alignment of security measures with individual business needs while maintaining strict adherence to company-wide security policies and procedures. The Information Security Engineer reports directly to the Director of Information Security and maintains an indirect reporting line to the Chief Information Technology Officer. Threat Detection & Response: Monitor the organization's servers and networks for security breaches using tools such as Windows Defender, Windows Purview, Crowdstrike, Rapid7 Investigate and respond to security incidents promptly. Utilize Windows Defender, Rapid7 and Wiz for vulnerability scanning and threat intelligence gathering. Implement and enforce security policies through Intune. Security Architecture & Engineering: Design, implement, and maintain security controls, including firewalls, intrusion detection/prevention systems (IDPS), and data encryption. Conduct security assessments and penetration testing. Develop and maintain security standards and best practices. Endpoint Security Management: Manage endpoint security solutions, including Windows Defender and Crowdstrike Vulnerability Management: Identify, assess, and prioritize vulnerabilities using Windows Defender, Wiz and Rapid7. Develop and implement remediation plans. Compliance & Reporting: Prepare reports that document security metrics, attempted attacks, and security breaches. Ensure compliance with relevant security standards and regulations. Security Awareness & Training: Educate and train employees on IT security best practices and awareness. Collaborate with IT teams, business units, and other stakeholders to ensure effective security implementation. Clearly communicate security risks and recommendations to management. Requirements 5+ years of experience in systems or network administration/engineering 1+ years of experience in information security roles Strong understanding of security principles and best practices (e.g., NIST) Proficient with Windows Server administration and management Proficient with network protocols and topologies Experience with security information and event management (SIEM) systems Experience with scripting languages (e.g., Python, PowerShell) Strong analytical and problem-solving skills Excellent written and verbal communication skills Ability to work independently and as part of a team Experience with cloud security (e.g. Azure, Defender) Experience with security orchestration and automation platforms (SOAR). Experience with container security and microservices. This job description is intended to provide a general overview of the position. Responsibilities and qualifications may vary depending on the specific needs of the organization. This revised job description incorporates the specified security software suites and provides a more comprehensive overview of the role. Contact details: Interested candidates drop your resumes to 8179814131 - Navya (Whats App only)

Were Hiring: System Administrator Location: Chennai (Onsite) Experience: 6+ Years Are you an infrastructure expert who thrives on solving complex challenges across networking, security, and systems managementWe're looking for a System Administrator who can hit the ground running and take charge of enterprise-level infrastructure and security operations, Key Responsibilities Infrastructure Management: Design, install, and manage servers, firewalls, virtual environments, and network systems, Security & Compliance: Monitor and secure M365 environments, ensure compliance with ISO 27001 and SOC 2 Type 2, and manage endpoint protection tools, Patch & Vulnerability Management: Keep systems up to date and secure with effective patching strategies, Risk & Project Management: Support hardware/software evaluations and implement risk-mitigated IT projects, Support & Maintenance: Provide after-hours support and handle scheduled weekend maintenance as needed, Collaboration & Training: Mentor peers, support cross-training, and deliver security awareness programs, Required Skills 6+ years of hands-on experience in System Administration, Expertise in LAN/WAN networking, VLANs, IP subnetting, and 802 1Q trunking, Solid experience with Azure & Local Active Directory administration, Proven ability in patch management, vulnerability remediation, and OS/application hardening, Deep knowledge of M365 security, Azure AD, Microsoft Defender, and SIEM tools, Familiarity with security compliance frameworks (ISO 27001, SOC 2), Excellent troubleshooting, analytical thinking, and documentation skills, Strong communication and ability to thrive in fast-paced environments, Why Join Us Work on impactful infrastructure and cybersecurity initiatives, Get hands-on with leading tools like Falcon, Endpoint Protector, SIEMs, and more, Collaborate with experienced professionals and build cross-functional expertise, Opportunity to work in a secure, compliance-driven, enterprise environment, InterestedApply below asap Apply now or message me directly to explore this opportunity, #Hiring #SystemAdministrator #C2C #OnsiteJobs #ChennaiJobs #Networking #InfrastructureJobs #Cybersecurity #M365Security #ISO27001 #SOC2 #ContractJobs #Azure #ActiveDirectory #ITAdmin

Role & responsibilities Responsibilities: • Escalate validated and confirmed incidents to designated SOC Lead/ Incidents response team. • Security Event Correlation as received from L2 SOC or Incident Response staff or relevant sources to determine increased risk to the business. • Indepth knowledge on multiple SIEM platforms like Securonix, IBM QRadar, LogRhythm, Arcsight, FortiSIEM , Microsoft Sentinel, and others • Support the SOC Manager in his duties (e.g. extension of SOC services) • Update Security Operations reporting • Triage security events and incidents, detect anomalies, and report/direct remediation actions. • Development and execution of SOC procedures • Should have indepth knowledge of Firewall, EDR, IDS/ IPS, VPN, Cloud Security • Should have hands on Experience in Threat Hunting. • Should have good hands-on experience in VAPT. • Should have good knowledge in integrating TI feeds and Third-Party tools. • Should have knowledge in Building SIEM platform with SOAR, NBAD, UEBA Integration. • Should have hands on experience in developing Use case and Parser Creation. • Should have knowledge in Breach simulation attack. • Sound knowledge in Unix, Linux, Windows, and security devices like firewall, etc. • Preparation of RCA, Preparation of runbook and Training to L2 and L1 team. Qualification: B.E./B.Tech/MCA Certification CEH, ECIH, CISSP, CISM, GCIH, GCFA, Certified Threat Hunter, SIEM certifications for platforms like (Qradar, LogRhythm etc) Work experience: 8 + Years NOTE : Work location will be Mumbai Andheri Seepz, and this is permanent Work from Office role NO HYBRID Option

Role Overview: The Cloud & Security Engineer ensures security, compliance, IAM (Identity and Access Management), and network stability within the Amazon Connect ecosystem. This role is critical for maintaining a robust security posture and ensuring regulatory compliance. Key Responsibilities: Implement and manage secure access controls for Amazon Connect and associated AWS services. Enforce compliance with security standards such as ISO 27001, SOC 2, GDPR, and NIST . Monitor and administer IAM policies, least-privilege access controls, and security groups . Support network configurations, VPN access, and firewall policies to maintain service integrity. Conduct security audits, risk assessments, and vulnerability mitigation strategies . Implement DDoS protection, data encryption, and identity verification mechanisms for Amazon Connect. Troubleshoot AWS security incidents, IAM misconfigurations, and network connectivity issues . Collaborate with NOC engineers and automation teams to enhance security and operational efficiency. Required Skills & Qualifications: 3+ years of experience in cloud security, network security, or AWS architecture . Strong expertise in AWS IAM, AWS Security Hub, AWS WAF, and network security principles . In-depth knowledge of security compliance frameworks (CIS, PCI-DSS, NIST, GDPR, etc.) . Experience with SIEM tools, intrusion detection/prevention systems (IDPS), and log analysis . AWS certifications in Security or Networking (e.g., AWS Certified Security Specialty) preferred. Ability to provide on-demand support as a shared or part-time resource . Client Service: • Provide outstanding client service, responding promptly and professionally across communication channels. Cultivate and maintain long-term client relationships, emphasizing exceptional service and understanding of client needs. Shift timing and working hours: • Night shifts /EST • Monday to Friday Fixed working days Benefits and compensation: Group Health insurance and other benefits. • The Best working culture and growth opportunities. • Learning opportunities in leading technologies • Compensation as per Market Standard

Role Overview: The Cloud & Security Engineer ensures security, compliance, IAM (Identity and Access Management), and network stability within the Amazon Connect ecosystem. This role is critical for maintaining a robust security posture and ensuring regulatory compliance. Key Responsibilities: Implement and manage secure access controls for Amazon Connect and associated AWS services. Enforce compliance with security standards such as ISO 27001, SOC 2, GDPR, and NIST . Monitor and administer IAM policies, least-privilege access controls, and security groups . Support network configurations, VPN access, and firewall policies to maintain service integrity. Conduct security audits, risk assessments, and vulnerability mitigation strategies . Implement DDoS protection, data encryption, and identity verification mechanisms for Amazon Connect. Troubleshoot AWS security incidents, IAM misconfigurations, and network connectivity issues . Collaborate with NOC engineers and automation teams to enhance security and operational efficiency. Required Skills & Qualifications: 3+ years of experience in cloud security, network security, or AWS architecture . Strong expertise in AWS IAM, AWS Security Hub, AWS WAF, and network security principles . In-depth knowledge of security compliance frameworks (CIS, PCI-DSS, NIST, GDPR, etc.) . Experience with SIEM tools, intrusion detection/prevention systems (IDPS), and log analysis . AWS certifications in Security or Networking (e.g., AWS Certified Security Specialty) preferred. Ability to provide on-demand support as a shared or part-time resource . Client Service: • Provide outstanding client service, responding promptly and professionally across communication channels. Cultivate and maintain long-term client relationships, emphasizing exceptional service and understanding of client needs. Shift timing and working hours: • Night shifts /EST • Monday to Friday Fixed working days Benefits and compensation: Group Health insurance and other benefits. • The Best working culture and growth opportunities. • Learning opportunities in leading technologies • Compensation as per Market Standard

Key Responsibilities: • Incident Response Leadership Lead and coordinate responses to security incidents, including triage, investigation, containment, and remediation. Act as the primary incident commander for high-severity security events. Manage post-incident reviews and ensure timely root cause analysis and lessons learned. • Team Management & Collaboration Lead a team of incident responders and analysts (internal or external SOC teams). Collaborate with stakeholders across IT, Legal, Risk, Compliance, and Executive teams during and after incidents. • Process Development & Improvement Maintain and improve the Security Incident Response Plan (SIRP). Ensure incident handling procedures are well-documented, tested, and regularly updated. Conduct table-top exercises and simulations. • Threat Intelligence & Detection Work with threat intelligence teams to correlate incidents with known threats and vulnerabilities. Partner with security engineering and SOC to enhance monitoring and alerting. • Compliance & Reporting Ensure incident documentation aligns with regulatory requirements (e.g., HIPAA, GDPR, NIST, ISO 27001). Prepare executive-level summaries and incident impact assessments. Support audit and compliance requests related to incident response. Required Qualifications: • Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). • 5+ years of experience in cybersecurity, with at least 2 years in a lead or senior incident response role. • Strong understanding of common attack vectors, malware behaviors, threat hunting, and forensic analysis. • Familiarity with frameworks such as NIST 800-61, MITRE ATT&CK, and SANS IR methodology. • Hands-on experience with SIEM, EDR, and SOAR tools (e.g., Splunk, CrowdStrike, Palo Alto Cortex). • Excellent communication and leadership skills under pressure. Preferred Qualifications: • Relevant certifications (e.g., GCIH, GCIA, CISSP, CISM, CEH). • Experience in regulated industries (finance, healthcare, energy). • Exposure to cloud-native environments (AWS, Azure) and container security. Key Competencies: • Strategic thinking during crisis • Strong analytical and problem-solving skills • Cross-team collaboration and influence • Commitment to continuous improvement and learning

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ YearsHands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ Years Hands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Job Summary: The SOC Monitoring and Incident Response Specialist is responsible for monitoring security events, identifying potential threats, investigating incidents, and initiating incident response actions. This role requires extensive experience in cybersecurity, threat intelligence, and incident response processes to support our security operations and safeguard our organization's IT environment. Key Responsibilities: Security Monitoring & Analysis - Monitor and analyze security alerts from various sources (SIEM, IDS/IPS, firewalls, endpoint protection, etc.). - Identify suspicious activity and investigate to understand the threat level and scope. - Perform triage of alerts to assess whether they represent legitimate threats or false positives. Act as the first responder to security incidents, containing and mitigating threats. - Document and track incidents, performing root-cause analysis to prevent recurrence. - Coordinate incident response efforts, collaborating with internal teams and external partners if needed. - Utilize threat intelligence to stay updated on emerging threats and attack vectors. - Correlate threat intelligence data with real-time monitoring to detect indicators of compromise (IOCs). - Proactively hunt for threats and vulnerabilities within the organizations network. - Conduct forensic investigations of compromised endpoints, servers, and networks to determine the nature and extent of attacks. - Collect, preserve, and analyze evidence for potential use in legal or disciplinary actions. - Provide detailed reports on findings and recommendations for improvements in security posture. Process Improvement & Documentation - Contribute to the development and improvement of SOC processes, playbooks, and runbooks. - Document security incidents and response activities in detail, ensuring accurate record-keeping. - Provide post-incident reports, insights, and recommendations to improve defenses and incident handling procedures. - Work with IT and cybersecurity teams to improve overall network and endpoint security. - Communicate with stakeholders, translating technical findings into business impacts. - Participate in cross-functional meetings and contribute to the overall risk management strategy. - Mentor junior SOC analysts and assist in their professional development. - Conduct training sessions and awareness programs to improve cybersecurity knowledge within the organization. Requirements: Education: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience). Experience: 6-8 years of experience in a SOC, incident response, or similar cybersecurity role. Certifications: Preferred certifications include CISSP, CISM, GIAC (GCIA, GCIH), or CEH. Technical Skills: - Proficiency with SIEM tools (e.g., Splunk, QRadar, ArcSight, Logrhythm), IDS/IPS systems, firewalls, and EDR and WAF solutions. - Familiarity with common operating systems (Windows, Linux) and networking protocols (TCP/IP, DNS, HTTP, etc.). - Strong understanding of cyber threats, vulnerabilities, malware, and attack methods. - Experience with scripting languages (Python, PowerShell) is an asset. - Knowledge of forensic tools and processes for data recovery and analysis. Soft Skills: - Strong analytical and problem-solving abilities. - Ability to work effectively under pressure and manage multiple tasks. - Excellent communication and interpersonal skills, with the ability to explain technical issues to non-technical audiences. - Team-oriented with a proactive and collaborative attitude.

Position: Third Party Risk Management (TPRM) Manager Location: Mumbai Reports to: CISO Key Responsibilities: Due Diligence & Risk Assessment: Perform thorough due diligence on third-party vendors, evaluating operational, security, compliance, and financial risks. Vendor Monitoring & Reporting: Continuously assess and monitor third-party risks, security postures, and contract compliance. Report risk status to senior management. Risk Mitigation & Incident Management: Implement risk mitigation strategies and lead incident management for third-party breaches or failures. Cross-Department Collaboration: Work with procurement, legal, IT, and other business units to ensure third-party contracts and security align with risk management strategies. Technical Skills & Tools: Risk Management Tools: Experience with RSA Archer, MetricStream, or LogicManager for risk assessments, vendor scoring, and compliance tracking. Security Monitoring: Proficiency in SIEM tools like Splunk, IBM QRadar, and ArcSight for detecting, analyzing, and managing third-party security events. Vulnerability Management: Hands-on experience with Tenable.io, Qualys, or Rapid7 Nexpose for vulnerability scanning and management. Third-Party Management Platforms: Familiarity with OneTrust, ProcessUnity, or Prevalent for ongoing third-party risk assessments and monitoring. Incident Response: Experience using tools like ServiceNow or PagerDuty for handling third-party security incidents and coordinating remediation actions. IAM Tools: Working knowledge of Okta, CyberArk for ensuring secure vendor access to bank systems. Qualifications: Education: Bachelor's degree ISO/IEC 27001 Lead Implementer PCI DSS Certified Information Systems Auditor (CISA) Strong analytical skills with the ability to assess and mitigate complex third-party risks. Excellent communication and stakeholder management skills. Ability to navigate regulatory environments and ensure compliance with third-party risk policies. Ability to drive strategic risk management initiatives while handling day-to-day operational challenges. Interested candidates can share CV at jeshant.katoch@paytmbank.com

Configure, review & manage firewall policies (Palo Alto, Fortinet, Checkpoint). Administer Web Application Firewall (WAF). Deploy, modify & troubleshoot security profiles, access rules, & VPN. Lead migration & implementation of new security controls. Required Candidate profile Exp with Firewall rule optimization & cleanup. Firmware & Patch Management for security devices. Exposure to Security Information & Event Management (SIEM) tools. Exp in Application Load Balancer.

TITLE- SOC ANALYST-L3 JOB DESCRIPTION: Responsible for responding to security incidents identified by internal controls or external SOC partners Strictly adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling security incidents and events. Hands-on experience with Security Information and Event Management (SIEM) tools such as Splunk, IBM Q-Radar, Microsoft Sentinel, LogRhythm, or ArcSight. Proficient in Incident Response and automation workflows as it relates to Security Operations. Detects, identifies, and responds to cyber events, and incidents in line with cyber security policies and procedures. Should be capable of independently leading and managing security event investigations with minimal guidance from SOC leadership, while effectively collaborating with other departments as needed Evaluate and update current SOC procedures and runbooks as required or directed. QUALIFICATION REQUIRED: Bachelors degree in computer science, Information Technology, Business or equivalent discipline Minimum 5 years of technical experience in Security Operations Center (SOC) and Information Security required. SIEM certification or Security technology related certification is a plus. Candidate should be willing to work in 24*7*365 shifts Candidate should be able to work from Ares Office located in Mumbai Experience- 5 to 7 years Location-Mumbai (In office) Shift- Rotational shifts Notice- Immediate joiners NOTE- Candidates are expected to attend inperson interview in Mumbai.

Greetings from Datamark!!! Postion : Information Security Analyst Experience : 5 Yrs in Experience Location: Ambattur Industrial Estate , Chennai Position Overview: The Information Security Analyst is responsible for the administration of the organizations information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelors degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals If you are interested please share your updated resume to jagadish.jayavel@datamark.net or contact us 9500681139

Role & responsibilities • Monitor and respond to real-time cyber threats using SIEM tools and threat intelligence platforms. Conduct regular vulnerability assessments and penetration testing. Analyze security incidents and provide detailed incident reports with remediation plans. Oversee firewall, antivirus, and intrusion detection/prevention systems (IDS/IPS). Perform security risk assessments for infrastructure, applications, and cloud environments. Ensure compliance with HIPAA, GDPR, ISO 27001, and other relevant regulations. Develop and enforce information security policies, procedures, and standards. Work closely with the DevOps, Network, and Infrastructure teams to enforce security protocols. • Lead incident response drills and disaster recovery planning. Prepare security metrics and dashboards for internal reviews and audit support. Stay current on evolving cyber threats and emerging security technologies Preferred candidate profile • Bachelor's degree in Computer Science, Information Security, or a related field. • Strong knowledge of threat intelligence, security monitoring tools (e.g., Splunk, IBM QRadar, or similar). Experience in cloud security (AWS/Azure/GCP) and endpoint security. Familiarity with frameworks such as NIST, MITRE ATT&CK, OWASP. Certifications preferred: CISSP, CISM, CEH, or CompTIA Security+. Strong analytical skills and ability to handle security incidents independently. Excellent communication skills and ability to work with cross-functional teams. Nice to Have • Experience working in healthcare or pharmaceutical industries. • Knowledge of data privacy regulations applicable to clinical or health data. • Exposure to machine learning applications in threat detection.