121 Soar Jobs - Page 2

Job Description: SIEM, SOAR, UEBA, and NBAD Specialist Certifications: Certified Ethical Hacker (CEH) - mandatory. Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 3+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Position Summary: We are looking for a skilled Security Operations Specialist with expertise in SIEM, SOAR, UEBA, and NBAD technologies to strengthen our security monitoring, automation, and threat detection capabilities. The ideal candidate should have a strong technical background, relevant experience in cyber security, and a proactive attitude toward threat hunting and incident response. Roles and Responsibilities Incident Analysis, Incident co-ordination & Response ,Remote Incident Response, Forensics Artifact handling & Analysis, Malware Analysis, Insider Threat Case Support, Sensor Tuning & Maintenance, Custom Signature/ Rules Creation, Scripting & Automation, Audit Collection &Storage, Product Assessment & Deployment and Risk Assessment , Response Planning, Mitigation, Recovery Planning, Communicating Emergency Alerts &Warnings to relevant/designated stakeholders , Endpoint Threat Detection and remediation. Take SOAR action on identified malicious communications, Monitor and alert any abnormalities identified, Work on ticket and ensure timely response and resolution of tickets as per SLA Reporting the security events/ incidents to L3 and other relevant/designated stakeholders Communicating Emergency Alerts & Warnings to relevant/designated stakeholders. Should have knowledge of below technologies UEBA (User and Entity Behavior Analytics): Monitor behavioral analytics to detect insider threats, compromised accounts, and anomalous activities. Configure and tune UEBA models to reduce false positives and enhance detection capabilities. NBAD (Network Behavior Anomaly Detection): Monitor and analyze network traffic to identify anomalies indicating potential threats or breaches. Work with network and SOC teams to investigate and respond to suspicious network behavior. Required Qualifications:

In this role, you will be triaging, analysing, and remediating security incidents. You will be writing and delivering detailed investigation and analysis reports while maintaining technical documentation. You will work as part of follow-the-sun 24/7 SOC. Monitor security events and alerts from various sources. Execute predefined incident response playbooks related to identified security incidents. Collect, correlate, and analyze additional data to perform incident analysis and response. Support incident reporting to internal and external stakeholders. Collaborate with senior analysts to improve security processes. Who you are: Basic Qualification: Education: Bachelors in information technology, Computer Science or similar Field. Experience: Minimum 1 year of experience in a Cyber Security Operations Center (SOC) or related cyber security experience. Strong analytical and interpersonal communication skills, including the ability to communicate effectively Excellent verbal and written communication skills Technical documentation and writing Excellent team player that demonstrates proactiveness Mandate Skills: Experience with SOAR, SIEM, and EDR solutions. knowledge of Windows and Linux operating systems Strong analytical skills in threat, vulnerability, and intrusion detection analysis. Have a understanding of threat vectors as well as attacker techniques and tactics. Being a highly motivated individual with the ability to self-start, prioritize, and multi-task. The candidate should be able to react quickly, decisively, and deliberately in high stress situations. Strong verbal/written communication and interpersonal skills. Preferred Skills One or more widely recognized security certifications from renowned institutions such as GIAC/SANS, EC-Council, etc. Service-related expert knowledge: Knowledge of incident handling, protection of systems, networks, applications and data Confident handling of artifacts, IoCs and threat intelligence Case management experience and tools Experience with EDR and SIEM tools Alert triage and investigation, applying knowledge of the environment, understanding of the attack chain, and initial impressions of alerts to prioritize, validate, and investigate alerts. Case management classification and initial validation, documenting relevant details and observables Cyber security and technical knowledge: Experience with operating system security (Linux and Windows), anti-virus technologies and network security. Working knowledge of common TCP/IP based services and protocols such as DNS, DHCP, HTTP, FTP, SSH, SMTP, etc. Knowledge about firewalls, proxies/reverse proxies, IDS/IPS Knowledge of operating systems Ability to read and understand network and endpoint logs Basic Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, cross-site scripting, etc.) Consideration of laws, regulations, policies, and ethics (GDPR, etc.) Skills in writing queries for security and investigative tools Skills in applying incident handling best practices

SOC SIEM MANAGEMENT Qradar Log source integration (ingestion & parser selection) XSIAM / XDR Custom DSM / parser development & maintenance MANAGE AWS AND GCP ,L3 Change Requests, XSOAR Air Liquide and MSP (e.g. TCS, Accenture) and L2, L3 support

Key Responsibilities: Monitor security events and alerts from SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel). Analyze logs, network traffic, and endpoint data to identify malicious activity ,

Dynamic Yield is looking for a Senior Software Engineer to join our Security Threat and Response Management (STRM) team. This team is responsible for security monitoring and response, covering both physical and cyber security events. In this role, you'll develop new software capabilities, support existing solutions, provide technical oversight, and contribute your expertise to the program. Roles and Responsibilities Detection & Automation Development: Develop and fine-tune detection content within our SIEM platform to enhance threat detection and response capabilities. Design and build automated playbooks in our SOAR platform for common incident response use cases. Integrate data sources into Splunk and ensure normalization using the Common Information Model (CIM). Write custom scripts (primarily in Python) for integrations, automation, and enrichment tasks. Team Leadership & Mentorship: Lead and mentor analysts on detection logic, search optimization, and investigation best practices. Documentation & Collaboration: Create and maintain documentation for detections, use cases, and automation processes. Collaborate with Threat Intelligence, Incident Response, and DevSecOps teams to align detection and response efforts. Continuous Improvement & Threat Awareness: Continuously assess and improve our security posture through automation and process refinement. Stay current on threat trends, emerging technologies, and advancements in detection and SOAR use cases. All About You Technical Proficiency: Strong proficiency in Python for scripting, development, and automation. Knowledge of REST APIs and experience building integrations with third-party tools. Security Operations Expertise: Solid understanding of security operations, SIEM, and incident response workflows . Experience in designing detection rules, risk-based alerting, and notable event tuning. Familiarity with the MITRE ATT&CK framework and its application to detection development. Experience integrating various security tools and data sources with Splunk . Leadership & Mentorship: Ability to mentor and guide junior team members on detection logic and investigation strategy. Preferred Qualifications (Plus points): Prior experience in Security Engineering, Security Operations Center (SOC), or Threat Detection roles. Deep expertise in Splunk Enterprise Security (ES) and Splunk SOAR (formerly Phantom) .

____________________________________________________________________________ - PLEASE SAVE WHATSAPP # 9315248639 - Nishant/Shreedevi is your POC from RexOreo Pvt Ltd. -Queries : All emails will come from id : team@rexoreo.com , so please keep an eye. _____________________________________________________________________________ Top Selection & Auto Elimination Criteria: Only Delhi NCR Candidates Need to apply as we need Only Immediate joiners (0-30 days) Rotational Shift Cab facility : Yes only late night pick or drop(1 side only for Gurgaon Employees) Location : Gurgaon Mode : 5 days work from Office only (NO Work from home) Relevant experience range 9+ Position : L3 SOC Analyst Experience : 9-14 years Only Current L2/L2+ (more than 2 years) or L3 candidates need to apply Experience in QRadar is mandatory Total Open Positions (as of 16-June 5.30pm) : 5 EMAIL @ team@rexoreo,com : A VOICE NOTE WHY YOU ARE FIT FOR THIS ROLE ___________________________________________________________________________ Position Description: The SOC Level 3 Analyst is a senior-level cybersecurity professional responsible for leading advanced threat detection, response, and mitigation activities within the Security Operations Center. This role acts as the final escalation point for complex security incidents and plays a crucial role in enhancing security monitoring, incident response procedures, and overall threat defense capabilities. The L3 Analyst collaborates with security engineers, incident response teams, threat intelligence analysts, and IT stakeholders to identify, investigate, and remediate security threats in real-time. Role and responsibilities: 1. Incident Response and Escalation Lead and coordinate end-to-end response for critical and high-severity security incidents. Perform advanced investigation and forensics on compromised systems, including log correlation, packet analysis, and endpoint review. Serve as a primary escalation point for SOC Tier 1 and Tier 2 analysts. Conduct root cause analysis and provide detailed incident reports with lessons learned and mitigation steps. 2. Threat Detection and Analysis Analyze and triage alerts generated by the SIEM and other security tools. Hunt for threats in the environment using threat intelligence and behavioral indicators (proactive threat hunting). Analyze and reverse-engineer malware, if required, to understand behavior and determine mitigation steps. Correlate threat intelligence feeds with internal data to identify indicators of compromise (IOCs) and advanced persistent threats (APTs). 3. Tooling and Automation Optimize and fine-tune detection rules and SIEM use cases to reduce false positives and enhance detection accuracy. Build automation scripts and workflows to improve efficiency in incident triage, correlation, and response. Collaborate with security engineers to integrate new data sources and tools into the SOC ecosystem. 4. Documentation and Reporting Maintain detailed and accurate documentation of incidents, investigations, and actions taken. Develop and update SOC standard operating procedures (SOPs) and playbooks. Prepare and present technical reports, dashboards, and metrics to senior management and stakeholders. 5. Mentorship and Leadership Mentor and guide SOC L1 and L2 analysts on technical skills and investigative processes. Provide training on new threats, tools, and techniques. Assist in evaluating and improving team workflows, processes, and overall SOC maturity. 6. Collaboration and Stakeholder Engagement Work closely with threat intelligence, vulnerability management, and risk teams to stay ahead of emerging threats. Communicate with IT, DevOps, and business units to coordinate responses and ensure secure configurations. Participate in red/blue team exercises and post-mortem reviews to enhance SOC readiness. Required Experience / Skills: Strong expertise with SIEM platforms (e.g., QRadar, Sentinel, LogRhythm , Splunk,). Proficient in EDR and XDR tools (e.g., CrowdStrike, SentinelOne, Carbon Black). Hands-on knowledge of packet capture analysis tools (e.g., Wireshark, tcpdump), forensic tools, and malware analysis tools. Familiarity with scripting or automation languages such as Python, PowerShell, or Bash. Deep understanding of networking protocols, OS internals (Windows/Linux), and security best practices. Familiar with frameworks such as MITRE ATT&CK, NIST, and the Cyber Kill Chain. Minimum of nine (9) years technical experience 7+ years of experience in SOC, security operations, cyber technical analysis, threat hunting, and threat attribution assessment with increasing responsibilities. 3+ years of rule development and tuning experience 2+ years of Incident response Experience supporting 24x7x365 SOC operations and willing to operate in Shifts including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents. Manage multiple tickets/alerts in parallel, including end-user coordination. Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response. Solid understanding and experience analyzing security events generated from security tools and devices not limited to QRadar, MS Sentinel, FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat Experience and solid understanding of Malware analysis Demonstrated proficiencies with one or more toolsets such as QRadar, MS Sentinel, Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs) In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development. Experience with bash, python, and Windows PowerShell scripting Demonstrated experience with triage and resolution of SOC tasks, including but not limited to vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis. Demonstrated experience and understanding of event timeline analysis and correlation of events between logs sources. Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools. Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk. Solid understanding and experience analyzing security events generated from security tools and devices not limited to: QRadar, MS Sentinel, Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC Expert in security incident response processes Required Certifications: Two of the following certifications are preferred: GIAC-GCIH Global Certified Incident Handler GIAC-GCFE - Global Information Assurance Certification Forensic Examiner GIAC-GCFA - Global Information Assurance Certification Forensic Analyst GIAC-GREM - GIAC Reverse Engineering Malware GIAC-GNFA - GIAC Network Forensic Analyst GIAC-GCTI - GIAC Cyber Threat Intelligence GIAC-GPen GIAC Certified Penetration Tester GIAC-GWAPT GIAC Certified Web Application Penetration Tester CEPT - Certified Expert Penetration Tester (CEPT) CASS - Certified Application Security Specialist (CASS) CWAPT - Certified Penetration Tester (CWAPT) CREA - Certified Reverse Engineering Analyst (CREA) Qualifications : Bachelors degree in computer science, Information Technology, or a related field. Experience of 5 years or 3 years relevant experience. Strong troubleshooting and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Strong organizational and time management skills. Willingness to work after hours and provide on-call support.

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. JD :- 1. Designing and deploying a SIEM system. 2. Managing the day-to-day operations of the SIEM system. 3. Perform detailed security event/incident analysis/RCA. 4. Create Correlation Rules in SIEM. Create, Modify and fine tune the SIEM rules to adjust the specifications of alerts and incidents. 5. Perform device integration with SIEM. 6. Develop reports from SIEM for compliance requirements. 7. Monitor Correlated Security Event/Incident and perform investigation along with respective team. 8. Troubleshoot with other support group on the systems that are not logging into the SIEM. Assist customers to fully optimize the SIEM system capabilities. 9. Integration of customized threat intelligence content feeds provided by the Threat Intelligence & Analytics service. 10. Good knowledge and experience of Security Monitoring tools 11. Good knowledge and experience of Cyber Incident Response 12. Good communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner. 13. Knowledge regarding the security solutions is must such as IPS/IDS, WAF, Proxy, Firewall, AV, EDR etc. 14. Understanding of common network services (Web, Mail, FTP, etc.), network vulnerabilities, and network attack patterns. 15. Experienced in working with both Windows and Unix based server environments. 16. Knowledge of Threat Intelligence platforms and should know about Threat hunting

Security Engineering & Cyber Defense Operations Architect, implement, and optimize SIEM, SOAR, XDR, and EDR solutions for effective threat detection and response. Develop and maintain security controls, logging, and monitoring strategies to ensure comprehensive threat visibility. Evaluate and integrate AI and Machine Learning-based cybersecurity tools for enhanced detection and automated response. Implement MITRE ATT&CK Framework to improve detection logic and adversary tactics coverage. Automation & AI-Driven Security Design and implement SOAR (Security Orchestration, Automation, and Response) workflows to automate threat response. Develop and fine-tune AI/ML models to enhance anomaly detection, alert correlation, and predictive threat analysis. Automate threat hunting processes using AI-based behavior analytics and security automation tools. Threat Hunting & Threat Intelligence Lead proactive threat-hunting activities using MITRE ATT&CK, TTP-based detection, and hypothesis-driven approaches. Utilize threat intelligence platforms (TIPs) to enrich SOC alerts, correlate IoCs, and enhance incident response. Establish hunting methodologies using behavioral analytics, network telemetry, and endpoint forensics. Collaborate with intelligence-sharing platforms and industry peers to stay updated on emerging threats. Use Case Development & Optimization Design and maintain SIEM use cases based on threat modeling, attack surface analysis, and business risk. Continuously refine detection logic, correlation rules, and alerting thresholds to reduce false positives. Leverage MITRE D3FEND and MITRE ATT&CK to develop advanced attack detection strategies. Incident Response & Forensic Analysis Provide engineering support for incident response teams, helping with log analysis, forensics, and root cause analysis. Develop custom threat detection scripts and automation workflows to accelerate IR capabilities. Assist in post-incident investigations by collecting and analyzing digital evidence. Security Architecture & Compliance Work closely with security architects to integrate cyber defense controls into enterprise security architecture. Ensure adherence to NIST, ISO 27001, and regulatory frameworks in cyber defense implementations. Conduct security tool assessments and evaluate new cybersecurity technologies for continuous improvement. Leadership & Stakeholder Collaboration Lead a team of security engineers and analysts, mentoring them in advanced detection and response techniques. Collaborate with IT, DevOps, and business units to align security engineering with enterprise objectives. Conduct cybersecurity awareness programs for cross-functional teams to strengthen cyber resilience. Candidates preferred from Mumbai location ONLY.

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ YearsHands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ Years Hands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Project Role : Solution Architect Project Role Description : Translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. Must have skills : Solution Architecture Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : Minimum BE BTech from a reputed university Summary :As a Solution Architect, you will translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. To design and deploy cyber security solutions in on-premises and public cloud infrastructure for large scale technology projects such as data lake, digital platform, and other core business and supporting applications Cyber Security Architect Roles & Responsibilities:-SPOC for cyber security design and deployment for any designated projects-Take full accountability of design of cyber security domain including network connectivity to various entities such as on-premises data centers and partner networks -Take ownership of design related issues and challenges and drive for solutions working with various internal teams and third-party solution providers such as OEMs and technology partners-Define and develop high level operating procedures for seamless operations of the project-Support transition of projects from deployment to operations-Anchor design and implementation of cyber security components-Be a SPOC for all cyber security initiatives in existing project and able to navigate through the clients landscape to upsell new initiatives in infrastructure space or able to pave ways for upselling value-driven initiatives for the client in other related domains such as application modernization, network transformation, and information security.-Lead the teams across various security solutions and thrive for upskilling and cross skilling to rationalize the resources across the towers and across the clients.-Introduce innovative solutions such as automation to increase productivity and improve service delivery quality -Participate in architecture and design review and approval forums to ensure the design principles are adhered to for any changes in the existing landscape or any new initiatives being rolled out in the existing landscape-Participate in client account planning and discussions to ensure security level initiatives are accounted for and issues are escalated to the right leaders for resolution-Build strong relationships with all client stakeholders and Accenture project teams for effective collaboration and outcomes Professional & Technical Skills: -Must have:-Hands-on Architecture and Design skills for SIEM, SOAR, UEBA, and cyber security-operations in on-premises data centers and public cloud-Strong experience working in Splunk, Palo Alto, and other leading OEMs in security domain-Strong Communication skills-Ability to drive discussions and ideas with clients senior leadership forums-Problem solving skills-Good to have-TOGAF or any equivalent certification in enterprise Security Architecture Additional Information:-Total IT experience of minimum 15 years; and-Minimum 4 years of experience in design and deployment of cyber security solutions in public cloud infrastructure (anyone from AWS, Azure, GCP, and OCI)-Minimum 10 years of experience in design and deployment of cyber security in on-premises infrastructure (SIEM, SOAR, UEBA, and cyber security operations)- This position is based at our Mumbai office.- A Minimum BE BTech from a reputed university is required. Qualification Minimum BE BTech from a reputed university

Key Responsibilities: Design, install, monitor, integrate, and fine-tune cybersecurity tools and systems, including but not limited to, SIEM, SOAR, EDR, E-mail Security Gateways, and network Proactively monitor the environment to detect and implement steps to mitigate cyber-attacks before they occur. Provides technical expertise regarding security-related concepts to operational teams within the Information Technology Department and the business. Review, investigate, and respond to real-time alerts within the environment. Review real-time and historical reports for security and/or compliance violations. Monitor online security-related resources for new and emerging cyber threats. Assesses new security technologies to determine potential value for the enterprise. Conducts vulnerability assessments of firm systems and networks. Manage systems owned by the Information Security Team. Required Skills and Qualifications: Technical Skills & Experience: At least 5-7 years of experience in Cybersecurity with an emphasis on data and security event correlation, incident response, and the installation, configuration, administration, and management of cybersecurity tools such as SIEM, SOAR, firewalls, and hardening of IT infrastructure in compliance with cybersecurity frameworks. Works in a highly collaborative and fast-paced work environment with other SOC and Network Operations Center (NOC), Technical Support, Telecom, Project Management and Product Development staff. Strong writing skills, as well as the ability to articulate security-related concepts to a broad range of technical and non-technical staff. Working experience with creating, implementing, and managing a threat-hunting program within a corporate environment. Education Bachelors degree in computer science, information systems, Cybersecurity or Cloud Computing UG: B.Sc in Any Specialization, B.Tech/B.E. in Any Specialization

Dear Candidate, We are seeking a Security Operations Engineer to monitor, detect, investigate, and respond to security incidents and threats across systems and networks. Key Responsibilities: Monitor alerts and logs using SIEM tools (Splunk, QRadar, Sentinel). Analyze security incidents, conduct root cause analysis, and coordinate response. Support threat hunting and vulnerability assessments. Maintain and tune security tools (IDS/IPS, endpoint protection, firewalls). Document incident reports and provide remediation recommendations. Required Skills & Qualifications: Experience in a Security Operations Center (SOC) or similar role. Strong knowledge of cybersecurity concepts and incident response. Familiarity with EDR tools (CrowdStrike, Carbon Black) and log analysis. Scripting and automation skills for detection and response tasks. Security certifications such as CEH, CompTIA Security+, or GCIA are beneficial. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Position: Cyber Security Engineer Location: Remote Experience Level: 5+ Years Job Type: Full-time Job Summary: We are looking for a highly skilled Cyber Security Engineer with strong expertise in Splunk and a solid understanding of data engineering principles . The ideal candidate will have experience in designing and implementing Splunk dashboards, managing large-scale data ingestion, performing data integrity checks, and transforming raw data into actionable insights to support cyber defense initiatives. Key Responsibilities: Design, implement, and maintain Splunk dashboards, alerts, and reports for monitoring and incident response. Develop and optimize Splunk SPL (Search Processing Language) queries to support detection use cases. Lead and manage data ingestion pipelines , ensuring reliable and secure data flow from multiple sources into Splunk. Perform data transformation, normalization, and enrichment to enable efficient security analytics. Conduct regular data integrity and quality checks , and troubleshoot ingestion issues. Collaborate with security analysts, incident responders, and threat intelligence teams to improve detection and response capabilities. Implement and maintain security monitoring tools and integrations across hybrid cloud environments. Ensure data governance and compliance with internal policies and regulatory requirements. Required Skills & Experience: Strong hands-on experience with Splunk Core and Splunk Enterprise Security . Proficiency in SPL (Search Processing Language) for developing complex queries and use cases. Experience with dashboard creation, reporting, and visualization in Splunk. Background in data engineering understanding of data pipelines, ETL processes, and big data frameworks is preferred. Expertise in data ingestion methodologies , including onboarding logs and event data from various systems. Knowledge of data transformation techniques , such as field extractions, lookups, and macros. Familiarity with security concepts such as SIEM, threat detection, incident response, and compliance. Working knowledge of scripting languages like Python or Shell for automation and integration.

SUMMARY Our client is IT MNC part of one of the major insurance groups based out of Germany and Europe. The Group is represented in around 30 countries worldwide, with Over 40,000 people worldwide, focusing mainly on Europe and Asia. Our client offers a comprehensive range of insurances, pensions, investments and services by focusing on all cutting edge technologies majorly on Could, Digital, Robotics Automation, IoT, Voice Recognition, Big Data science, advanced mobile solutions and much more to accommodate the customers future needs around the globe thru supporting millions of internal and external customers with state of-the-art IT solutions to everyday problems & dedicated to bringing digital innovations to every aspect of the landscape of insurance. Job Location: Hiranandani Gardens, Powai, Mumbai Mode: Work from Office Requirements Key Responsibilities: : Business-Cybersecurity Alignment: o Work closely with business stakeholders, IT security teams, and cross-functional teams to ensure cybersecurity initiatives align with the organization’s broader business goals. o Translate business needs into technical security requirements that can be effectively executed by the security and IT teams. Risk Analysis & Security Assessments: o Conduct risk assessments in the context of hybrid IT environments (cloud, on-premises, and edge) to identify security gaps and vulnerabilities. o Collaborate with security teams to evaluate existing security controls and recommend solutions to mitigate identified risks, balancing business needs with security requirements. Cybersecurity Frameworks & Compliance: o Ensure that all business and technical security requirements comply with relevant regulatory compliance frameworks (e.g., NIST CSF, ISO 27001, GDPR, HIPAA). o Support audits and compliance assessments, identifying any gaps between current practices and regulatory standards. (must have) Security Process Improvement: o Identify opportunities for process improvements within the cybersecurity function, including streamlining security incident response, access management processes, and threat detection workflows. o Develop business cases for proposed security improvements, including cost-benefit analyses and risk assessments. The Business Analyst will have comprehensive responsibilities spanning multiple cybersecurity domains, and should have expertise in at least 5 of the following areas o SIEM Sentinel & Security Operations: Manage and optimize SIEM solutions, particularly Sentinel, for effective monitoring, incident detection, and security event correlation across hybrid environments. Collaborate with security operations teams to ensure proper configuration, tuning, and reporting within SIEM platforms to support proactive threat management. o Security Tools & Technology Integration: Work with security teams to implement and optimize security tools such as SIEM (e.g., Splunk, Microsoft Sentinel), EDR (e.g., CrowdStrike, MS Purview/Defender), SOAR platforms, CASB (Cloud Access Security Broker), and Threat Intelligence systems. Help define and document requirements for the integration of cybersecurity tools into the broader security ecosystem. o User Access Management (UAM) & RBAC: Work closely with identity and access management teams to ensure the implementation of UAM and RBACsystems that align with the organization's security policy and business requirements. Support the development of processes for managing user roles, privileges, and access rights across enterprise systems. o Cloud & Encryption Security: Ensure that security policies and controls are applied across both on-premises and cloud environments(AWS, Azure, Google Cloud), addressing challenges related to cloud security, data encryption, and access management. Collaborate with technical teams to implement strong encryption methods for data - in - transit, data-at-rest, and data-in-use in line with organizational security policies. o AI & ML in Cybersecurity: (Good to have) Contribute to the use of AI/ML technologies to enhance threat detection, anomaly identification, and predictive analytics within the organization’s security operations. Collaborate with data scientists and security teams to define requirements for AI/ML-based security models and incident response automation. o SOAR Integration & Incident Response: Assist with the integration of Security Orchestration, Automation, and Response (SOAR) solutions into the incident response lifecycle to streamline response times and automate repetitive tasks. Support the continuous improvement of incident response procedures and playbooks, ensuring a consistent, rapid, and efficient approach to security incidents. Benefits

The Level 3 Security Operations Center (SOC) Resource is a highly skilled and experienced security professional who is responsible for the advanced detection, analysis, and response to security incidents. Roles and Responsibilities of SOC Analyst L3 Lead and mentor junior SOC analysts Conduct in-depth investigations into complex security incidents Identify and analyse emerging threats and vulnerabilities Develop and implement security incident response plans Drive end-to-end implementation of the SIEM and SOAR Solutions. Expertise in SOC team building. Qualifications and Skills for SOC analyst L3 Bachelor's(BE/B.Tech) degree in Computer Science, Information Security, or a related field 8+ years of experience in security operations or a related field. He shall be currently serving as Soc Analyst L3 and has minimum served on L3 position for atleast 2 years. Experience with security information and event management (SIEM) systems and SOAR Certifications for Soc Analyst L3 CISSP (Certified Information Systems Security Professional) GCIH (GIAC Certified Incident Handler) GCFA (GIAC Certified Forensic Analyst) Other relevant security certifications PS. Exp in L1, L2 and L3 mandatory. Looking for a candidate who can join company ASAP. For more details feel free to call Jyoti Tiwari 9819589998

Enable a world-class cyber defense program by working closely with other technical, incident management, and forensic personnel to develop a fuller understanding of the intent, objectives, and activity of cyber threat actors Work at the forefront of designing an innovative threat and security incident management solution Develop and optimize SOAR playbooks, integrating various security tools and platforms to automate threat detection, incident response, and remediation processes. Work closely with cross-functional teams, including SOC, IT, DevOps, and Risk Management, to align SOAR capabilities with organizational security objectives. Customize SOAR workflows, scripts, and connectors to meet the specific needs of the organization, ensuring seamless interoperability between systems. Participate in a 24x7 coverage model to prevent and remediate security threats against Goldman Sachs global business network Basic Qualifications: Strong verbal and written communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders. Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing security challenges. In-depth understanding of security frameworks (MITRE ATTCK, NIST), threat intelligence, and automation strategies. Strong sense of ownership and driven to manage tasks to completion Proficient scripting skills utilizing both Python and PowerShell Preferred qualifications: 1+ years of experience in cybersecurity, with SOAR technologies and incident response. Proficiency in SOAR platforms (eg, Splunk Phantom, Demisto, Siemplify), scripting languages (Python, PowerShell), and integration with security tools (SIEM, EDR, etc). Knowledge conducting incident response within a major public cloud (ie AWS, Google, Azure) Any of following certifications: GNFA, GCFE, GCFA, CCFP, CFCE, ACE, OSCP, GCFR

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Accenture MxDR Ops Security Threat Analysis Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Be a crucial part of ensuring the security of the organization's digital assets and operations. Roles & Responsibilities:Perform security monitoring by analyzing logs, traffic and alerts generated by variety of device technologiesTimely response to customer requests like detection capabilities, tuning, etc.Research new threats and provide recommendations to enhance detection capabilitiesStrong desire for continuous learning on vulnerabilities, attacks and countermeasures Identify opportunities for process improvement Professional & Technical Skills: Experience in SOC operations with customer-facing responsibilitiesDeep understanding on cyber security fundamentals, security devices, network defense concepts and threat landscapeHands-on experience in SIEM and threat hunting tools Added advantage in working with any SOAR platformDesirable knowledge in any scripting language and EDR productsStrong customer service and interpersonal skillsStrong problem-solving skillsAbility to communicate clearly at all levels, demonstrating strong verbal and written communication skills.Adaptability to accept change Additional Information:Work as part of analysis team that works 24x7 on a rotational shift Minimum a bachelors or a masters degree in addition to regular 15- year full time educationThe candidate should have minimum 2 years of experience This position is based at our Chennai office. Qualification 15 years full time education

Deployment and maintenance of PA/CHECKPOINT/CISCO ASA/FORTINET firewall solutions Experience in working with Windows, Linux, Unix environments and integrating management tools Automate processes using scripting and SOAR tools Required Candidate profile Experience with PA/CHECKPOINT/CISCO ASA/FORTINET firewall solutions Scripting and Automation skills Strong in packet Capture, Analysis, and Troubleshooting Tools

Key Responsibilities: Develop and execute strategic sales plans to meet quarterly and annual targets Identify, qualify, and pursue new enterprise sales opportunities Deliver compelling product presentations and solution demos to potential clients Understand client security pain points and align appropriate solutions (MDR, SIEM, SOAR) Lead contract negotiations, pricing, and deal closures Build and maintain long-term relationships with key stakeholders and channel partners Stay current with evolving cybersecurity threats, tools, and market trends Collaborate with internal technical, product, and marketing teams to shape go-to-market strategy Required Skills & Experience: Bachelor's degree in Business, Computer Science, Information Security, or related field 5+ years of experience in cybersecurity solution sales or enterprise B2B technology sales Strong understanding of SIEM tools (e.g., Splunk, QRadar, Securonix), SOAR , and MDR offerings Excellent communication, presentation, and negotiation skills Proven ability to build strong client relationships and consistently close deals Self-motivated and results-driven with a strategic sales mindset Ability to work both independently and cross-functionally in fast-paced environments Preferred Skills: Experience with cybersecurity operations , threat detection, and incident response Familiarity with cloud security , SaaS-based platforms, or XDR/MDR tools Exposure to channel sales , partner engagement, and GTM planning Understanding of cybersecurity compliance standards (e.g., ISO 27001, SOC2, NIST)

Responsibilities Work in a 24x7 Security Operation Centre (SOC) environment. Provide analysis and trending of security log data from various security devices. Coordinate incident response on a daily basis. Perform threat analysis to improve detection capabilities. Conduct forensic investigations and develop recovery plans. Develop and implement advanced defensive strategies and countermeasures. Engage in threat hunting to identify potential threats that may have bypassed defenses. Communicate effectively through written and visual documents for diverse audiences. Requirements Minimum of 8 - 10 years of experience in Cybersecurity. At least 6 years of working in a Security Operations Center (SOC). Proficient in Incident Management and Response, handling escalations. In-depth knowledge of security concepts such as cyber-attacks, threat vectors, and risk management. Knowledge of various operating system flavors including Windows, Linux, and Unix. Knowledge of TCP/IP protocols and network analysis. Experience with SIEM, SSL, Packet Analysis, HIPS/NIPS, and network monitoring tools. Nice-to-haves Hands-on experience with Splunk. Experience with Proofpoint and Azure security. Ability to suggest fine-tuning of existing security use cases.

- Design, develop & maintain playbooks within Cortex XSOAR - Integrate security tools & threat intelligence sources with XSOAR - Implement & manage security alerts using XSIAM, SIEM & SOAR platforms - Fine-tune & optimize securty automation processes Required Candidate profile Exp. : 6+ yrs CTC : Upto 30 Lacs Location : Remote WFH (1 Opening) / Central Mumbai WFO (2 Open) Comm. Skills - Excellent Strong in Cortex XSOAR along with automation and XSIAM, SOAR, and SIEM tools.

What You'll Do Reports to: Manager - Security Engineering Avalara is seeking a Security Automation Engineer to join our Security Automation & Platform Enhancement Team (SAPET). You will be at the intersection of cybersecurity, automation, and AI, focusing on designing and implementing scalable security solutions that enhance Avalara's security posture. You will have expertise in programming, cloud technologies, security automation, and modern software engineering practices, with experience with using Generative AI to improve security processes. What Makes This Role Unique at Avalara? Cutting-Edge Security Automation: You will work on advanced cybersecurity automation projects, including fraud detection, AI-based security document analysis, and IT security process automation. AI-Powered Innovation: We integrate Generative AI to identify risks, analyze security documents, and automate compliance tasks. Impact Across Multiple Security Domains: Your work will support AML, fraud detection, IT security, and vendor risk management. What Your Responsibilities Will Be As a Security Automation Engineer, your primary focus will be to develop automation solutions that improve efficiency across several security teams. Develop and maintain security automation solutions to streamline security operations and reduce manual efforts. Work on automation projects that augment security teams, enabling them to work more efficiently. Design and implement scalable security frameworks for Security Teams. What You'll Need to be Successful 5+ years experience Programming & Scripting: Python, GoLang, Bash Infrastructure as Code & Orchestration: Terraform, Kubernetes, Docker Security & CI/CD Pipelines: Jenkins, GitHub Actions, CI/CD tools Database & Data Analysis: SQL, security data analytics tools Experience with RDBMS and SQL, including database design, normalization, query optimization Experience. Hands-on experience with security automation tools, SIEM, SOAR, or threat intelligence platforms.

Role: Regional Sales Manager Job Type: Full Time, Permanent Location: Kolkata (East Region), Chennai (South Region), Delhi (North Region) Number of Openings : 3 Experience Required: Minimum 5 years experience in cyber security Field Qualification: Bachelor’s degree in Business Administration, Marketing, Engineering, or a related field. MBA or equivalent postgraduate qualification is preferred. Brief Role Description We are seeking a highly experienced and driven Sales Professional having 7–12 years of experience in B2B sales with minimum 5 years’ experience in cyber security field. The ideal candidate will take ownership of the complete sales cycle - from lead generation to deal closure - while building strong relationships with clients and driving business growth. Responsibilities: Formulate and implement strategic sales plans to meet revenue targets and drive customer base expansion within the East / South / North Indian region. Proactively identify and pursue new business opportunities through market research, networking and cold callings. Coordinate with operations and technical teams and educate, empower the team to capture cybersecurity services opportunity at the end customer. Foster strong post-sales relationships to ensure customer satisfaction and identify opportunities for upselling and cross-selling. Deliver accurate sales forecasts and provide timely, detailed reports to Executive. Skills Required: Ability to handle complex sales cycles and decision-making units. Self-motivated with a high level of accountability and initiative. Extensive professional network and comprehensive market knowledge of East / South / North India Corporate sector. Thorough understanding of CRM systems with the ability to generate and analyze sales reports effectively. Engage with clients in strategic discussions to provide best in class cybersecurity. Proficiency in delivering impactful presentations to clients, showcasing cybersecurity solutions with clarity and compelling manner. Conduct market research and identify leads. Proven track record in the sales of cybersecurity technologies or enterprise software solutions. Experience in engaging and collaborating with government entities and PSU clients. About Company Innspark is the fastest-growing Deep-tech Solutions company that provides next-generation products and services in Cybersecurity and Telematics. The Cybersecurity segment provides out-of-the-box solutions to detect and respond to sophisticated cyber incidents, threats, and attacks. The solutions are powered by advanced Threat Intelligence, Machine Learning, and Artificial Intelligence that provides deep visibility of the enterprise’s security. We have developed and implemented solutions for a wide range of customers with highly complex environments including Government Organizations, Banks & Financial institutes, PSU, Healthcare Providers, Private Enterprises. Website : https://innspark.in/