26+ Security Information and Event Management (SIEM) Jobs in India

🔍 We’re Hiring: Solution Engineer (Observability)

📍 Location: ["Remote/Onsite"]

🏢 Company: Product-Based Client

🕒 Experience: 5+ Years

💼 Employment Type: Full-Time

About the Role:

We are hiring for a Solution Engineer – Observability role with one of our fast-scaling product-based clients. This position is ideal for someone with strong technical acumen and exceptional communication skills who enjoys working at the intersection of engineering and customer success.

As a Solution Engineer, you will lead technical conversations with a range of personas—from DevOps teams to C-suite executives—while delivering innovative observability solutions that showcase real value.

Key Responsibilities:

• 🤝 Collaborate closely with Account Executives on technical sales strategy and execution for complex deals.
• 🎤 Deliver engaging product demos and technical presentations tailored to various stakeholder levels.
• 🛠️ Manage technical sales activities including discovery, sizing, architecture planning, and Proof of Concepts (POCs).
• 🔧 Design and implement custom solutions to bridge product gaps and extend core functionality.
• 💡 Provide expert guidance on observability best practices, tools, and frameworks that align with customer needs.
• 📈 Stay current with industry trends, tools, and the evolving Observability ecosystem.

Requirements:

• ✅ 5+ years in a customer-facing technical role such as Pre-Sales Engineer, Solutions Architect, or Technical Consultant.
• ✅ Strong communication, interpersonal, and presentation skills—able to convey complex topics clearly and persuasively.
• ✅ Proven experience with technical integration, conducting POCs, and building tailored observability solutions.
• ✅ Proficiency in one or more programming languages: Java, Go, or Python.
• ✅ Solid understanding of Observability, Monitoring, Log Management, and SIEM tools and methodologies.
• ✅ Familiarity with observability-related platforms such as APM, RUM, and Log Analytics is desirable.
• ✅ Strong hands-on expertise in:
• Cloud platforms: AWS, Azure, GCP
• Containerization & Orchestration: Docker, Kubernetes
• Monitoring stacks: Prometheus, OpenTelemetry

Bonus Points For:

• 🧠 Previous experience in technical sales within APM, Logging, Monitoring, or SIEM platforms

Why Join?

• Work with a cutting-edge product solving complex observability challenges
• Be a key voice in the pre-sales and solutioning cycle
• Partner with cross-functional teams and engage directly with top-tier clients
• Enjoy a collaborative, high-growth environment focused on innovation and performance

🛡️ Job Opening: Security Operations Center (SOC) Analyst – Gurgaon (Sector 43)

📍 Location: Gurgaon, Sector 43

🕒 Experience: 3+ Years

💼 Employment Type: Full-Time

Who We’re Looking For:

We’re seeking a dynamic and experienced SOC Analyst to join our growing cybersecurity team. If you're passionate about threat detection, incident response, and working hands-on with cutting-edge security tools — this role is for you.

Key Responsibilities:

• Monitor, detect, investigate, and respond to cybersecurity threats in real-time.
• Work hands-on with tools such as SIEM, SOAR, WAF, IPS/IDS, etc.
• Collaborate with customers and internal teams to provide timely and clear communication around security events.
• Analyze threat scenarios and provide actionable intelligence and mitigation strategies.
• Create and refine detection rules, playbooks, and escalation workflows.
• Assist in continuous improvement of SOC procedures and threat detection capabilities.

Requirements:

• Minimum 3 years of experience in a SOC/MDR (Managed Detection and Response) environment, preferably in a customer-facing role.
• Strong technical skills in using security platforms like SIEM, SOAR, WAF, IPS, etc.
• Solid understanding of security principles, threat vectors, and incident response methodologies.
• Familiarity with cloud platforms such as AWS, Azure, or GCP.
• Excellent analytical, communication, and problem-solving skills.

Preferred Qualifications:

• Security certifications such as CEH, OSCP, CSA, or equivalent are a plus.
• Experience in scripting or automation (Python, PowerShell, etc.) is an added advantage.

Why Join Us?

• Be part of a fast-paced and innovative cybersecurity team.
• Work on real-world threats and cutting-edge technologies.
• Collaborative work environment with a focus on growth and learning.

Role: Information Security Analyst

Experience: 2–3 years

Location: Mumbai

Requirement Type: Immediate

Key Responsibilities:

1. RBI Compliance & Reporting:

• Prepare and submit quarterly InfoSec compliance reports to the RBI.
• Ensure accurate documentation aligned with RBI guidelines.
• Liaise with internal teams to collect data and supporting evidence.

1. ISO Audit Coordination:

• Act as the primary POC for external ISO 27001 auditors.
• Coordinate audit schedules and handle documentation and evidence.
• Track audit findings and manage follow-ups on corrective actions.

1. Information Security Reporting:

• Maintain InfoSec dashboards and internal/external reports.
• Analyze security metrics and trends to support risk decisions.
• Ensure data accuracy and consistency in reporting.

Must-Have Skills:

• Sound understanding of Information Security practices.
• 2 yrs exp in Cyber security
• Strong communication and coordination skills.
• Proficiency in Microsoft Excel 

Job Title : Security Operations Centre (SOC) Analyst (L2/L3)

Experience : 6.5 to 9 Years

Location : Gurgaon (Hybrid – 3 Days Office / 2 Days WFH)

Budget : Up to ₹22 LPA

Joining : Immediate to 15–20 Days (Buyout Available)

Drive Date : Virtual Drive on 19th June

Note : Preference for candidates from Delhi NCR. North India-based candidates must be open to relocate to Gurgaon. No remote option available.

About the Role :

We are hiring a skilled SOC Analyst to join our Security Operations Centre (SOC).

The role involves proactive threat monitoring, incident response, forensic investigations, SIEM management, and collaboration across IT security domains to strengthen our cyber defense posture.

Mandatory Skills : SOC/NOC operations, SIEM tools (e.g., Splunk/QRadar), network security, malware analysis, vulnerability assessment, log analysis, Windows/Linux OS, packet capture tools (Wireshark/Netmon), firewalls, EDR, IDS/IPS, DLP, AV solutions.

🎯 Key Responsibilities :

• Monitor and analyze security events to identify threats across networks and endpoints.
• Perform threat detection, triage, investigation, and escalation of cybersecurity incidents.
• Execute forensic analysis and malware containment processes.
• Manage SIEM (health checks, alerting rules, integrations, vendor coordination).
• Conduct vulnerability assessments, patch impact analysis, and ensure timely remediation.
• Collaborate with internal IT teams for secure implementation of new initiatives.
• Analyze logs from security tools like SIEM, DLP, AV, EDR, etc.
• Prepare and maintain security documentation, SOPs, and incident reports.

🛠 Required Skills :

• 3 to 5 Years’ hands-on experience in a SOC/NOC environment.
• Expertise in SIEM solutions, firewalls, EDR, IDS/IPS, AV, DLP, and vulnerability scanners.
• Strong knowledge of Linux/Windows OS, system logs, and hardening practices.
• Proficient in packet capture analysis tools like Wireshark or Netmon.
• Excellent problem-solving and communication skills.
• Experience in security impact analysis for patches and third-party advisories.

✅ Preferred Certifications :

• CEH – Certified Ethical Hacker
• GIAC – GCIH / GCIA / GCED (or equivalent)

Job title:  DLP Engineer 

Work Location: Delhi

Division/Department: Technical

Requirement Severity: Immediate

Job Description:.

• Deploy and configure DLP solutions such as Forcepoint, CoSoSys, or Netskope across endpoints, networks, and cloud environments.
• Customize DLP policies and rules to address organizational data security needs.
• Continuously monitor data flow and detect unauthorized access or data exfiltration attempts.
• Analyze DLP alerts and logs to identify potential threats and escalate as necessary.
• Develop, implement, and manage DLP policies to prevent data breaches and leaks.
• Integrate DLP solutions with other security tools, including SIEM.
• Provide technical support for DLP tools and resolve related issues promptly.
• Stay updated with the latest trends and advancements in DLP technologies, particularly Forcepoint, CoSoSys, and Netskope.

Skill Requirements:

• Good communication skills.

Mandatory Requirements:

• 2 years’ experience in the installation of Forcepoint Cososys or Netskope.
• Should have own conveyance.

Education and/or Work Experience Requirements: 

• 2 years’ experience in the installation of Forcepoint Cososys or Netskope.
• Must be able to work under pressure and meet deadlines, while maintaining a positive attitude and providing exemplary customer service.
• Ability to work independently and carry out assignments to completion within the instructions' parameters.

Job Requirements: 

Minimum Experience: 2 years

Working Days: 6 days working, Monday to Saturday (3rd Saturday off)

About SumoLogic

At Sumo Logic, we specialize in empowering the digital workforce through our advanced SaaS analytics platform, focusing on reliable and secure cloud-native applications. 

Step into the heart of innovation with our dynamic and collaborative support team! As a Technical Support Engineer at SUMO Logic, you will play a crucial role in empowering our customers to harness the full potential of our cutting-edge cloud technology. Your expertise in logging, SIEM, and cloud solutions will be vital in guiding our customers toward achieving unparalleled business success.

You will be at the forefront of solving complex challenges and driving technological advancements by providing exceptional technical support and insights. Join us and transform challenges into opportunities, enhancing customer satisfaction and shaping the future of technology.

At SUMO Logic, our technical support team is recognized as one of our crown jewels, featuring some of the most technically adept individuals in the industry. Work here is challenging and rewarding, propelling you forward in a fast-paced and dynamic environment.

What You Will Do

As a Technical Support Engineer, your role will involve:

- Working with customer support tickets in our Salesforce Service Cloud ticketing system

- Providing enterprise-level support to our customers and partners, focusing on technical issues related to logging, metrics, SIEM, and cloud technologies.

- Engaging directly with customers to quickly assess, troubleshoot, and resolve issues from simple to complex, ensuring effective communication and setting clear expectations.

- Document enhancements or defects in our products and advise on best practices for implementing and using the Sumo Logic service.

- Offering valuable feedback to our engineering, product management, and CS leadership teams based on customer interactions and experiences.

- Developing and refining processes, procedures, and tools for the support team to optimize customer interactions and stakeholder interactions.

- Producing Knowledge Base (KB) articles for common issues lacking a current KB or revising existing KB articles for the ticketing system KB and public community KB.

What You Will Bring With You

- Extensive SaaS Experience: Proven track record in a technical role managing multiple customer accounts, preferably with a background in DevOps Engineering, SOC analysis, or similar technical positions. 

- Customer-Centric Approach: Passion for customer satisfaction and problem-solving, with the ability to manage relationships across various levels, from technical practitioners to executives.

- Communication Excellence: Possesses professional and transparent communication skills. Able to deliver technical context to various stakeholder levels using remote (e.g., Zoom) or written media. 

- Strategic Problem-Solving: Ability to navigate ambiguity, proactively seek necessary support, and manage multiple accounts with attention to detail.

- Situation Management: Capable of assessing client scenarios, documenting issue timelines, and working with executive management and product engineering towards root cause analysis and final assessments.

- Desire to Learn: Thrive in a fast-paced, high-growth, rapidly changing environment with the ability to work with and deeply understand a new product or service. Utilize Sumo-offered LinkedIn learning and other resources to increase technical knowledge and sharpen soft skills. 

- Ability to support multiple international time zones

Desired Technical Qualifications

- Monitoring Platform Experience: Proficiency in Sumo Logic or similar platforms (e.g., Splunk, Data Dog, Elastic, New Relic, Appdynamics, VMWare Tanzu).

- In-depth Knowledge of Logging Systems: Proficiency in systems like Windows Event Viewer, Syslog, R Syslog, & Syslog-ng.

- Expertise in SIEM and Cloud Technologies: Strong understanding of cloud services (AWS, GCP, Azure) and security information and event management (SIEM) principles.

- Advanced Technical Skills: Experience with system administration, SSH management, and basic scripting and programming (Java, C++, Python, PowerShell, Bash, etc.). 

- Query Language Proficiency: SQL or similar query language skills.

- Kubernetes and Docker Proficiency: Extensive experience in setup, configuration, troubleshooting, tuning, and infrastructure management.

- Network Savvy: Solid knowledge of TCP/IP, ping, traceroute, Netcat, TCP dump, Wireshark, nslookup, etc.

- OSS skills in Otel, Prometheus, and Falco are a plus

- Sumo Logic experience is a big plus but not required 

Travel Requirements

Minimal, but generally once a quarter to once a year (1-5%) for corporate training and mandatory meetings.

Education

Bachelor's or Master's degree in Engineering, Computer Science, or a similar field, or equivalent work experience.

Join us at Sumo Logic and contribute to our mission of revolutionizing technical support in the digital business world, with a particular focus on logging, SIEM, and cloud technologies.

About Us

Sumo Logic, Inc. empowers the people who power modern, digital business. Sumo Logic enables customers to deliver reliable and secure cloud-native applications through its Sumo Logic SaaS Analytics Log Platform, which helps practitioners and developers ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. Customers worldwide rely on Sumo Logic to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit www.sumologic.com.

Sumo Logic Privacy Policy. Employees will be responsible for complying with applicable federal privacy laws and regulations, as well as organizational policies related to data protection.

Job Title: L2 SIEM Administrator - LogRhythm

Location:

Pune – Customer Site (Magarpatta)

Job Summary:

We are seeking an experienced and proactive L2 SIEM Administrator with expertise in LogRhythm to manage, maintain, and optimize our Security Information and Event Management (SIEM) infrastructure.

The ideal candidate will develop use case frameworks, implement SIEM rules, and ensure efficient log management and threat detection.

Key Responsibilities:

LogRhythm Administration:

Manage and maintain the LogRhythm SIEM platform for optimal performance.

Develop, implement, and fine-tune use case frameworks and detection rules to enhance threat detection.

Incident Analysis:

Investigate security alerts and logs to identify and respond to threats.

Escalate unresolved issues to higher-level teams or external stakeholders.

Log Management:

Onboard and configure log sources, ensuring accurate data ingestion and normalization.

Validate log integrity across network and endpoint sources.

Optimization and Troubleshooting:

Resolve technical issues and optimize system performance.

Monitor and maintain dashboards and reporting tools for actionable insights.

Qualifications:

Proven expertise with LogRhythm, including creating and managing use case frameworks and detection rules.

3+ years of experience in SIEM administration.

Strong understanding of security logs, event correlation, and incident analysis.

Familiarity with scripting (Python, PowerShell) and security frameworks (e.g., MITRE ATT&CK).

Relevant certifications (e.g., LogRhythm Certified Professional (LRCP)) are a plus.

Role: SOC Analyst

Job Type: Full Time, Permanent

Location: Onsite – Delhi

Experience Required: 1-3 Yrs

Skills Required:

1) Working knowledge across various security appliances (e.g., Firewall, WAF, Web Security Appliance, Email Security Appliance, Antivirus).

2) Experience with SOC Operations tools like SIEM, NDR, EDR, UEBA, SOAR, etc.

3) Strong analytical and problem-solving skills, with a deep understanding of cybersecurity principles, attack vectors, and threat intelligence.

4) Knowledge of network protocols, security technologies, and the ability to analyze and interpret security logs and events to identify potential threats.

5) Scripting skills (e.g., Python, Bash, PowerShell) for automation and analysis purposes.

6) Skilled in evaluating and integrating inputs from people, processes, and technologies to identify effective solutions.

7) Demonstrate a thorough understanding of the interdependencies between these elements and leverages this knowledge to develop comprehensive, efficient, and sustainable problem-solving strategies.

8) Excellent communication skills to articulate complex technical concepts to non-technical stakeholders and collaborate effectively with team members.

9) Ability to prioritize and manage multiple tasks in a dynamic environment.

10) Willingness to stay updated with the latest cybersecurity trends and technologies.

Job Responsibilities:

1) Continuously monitor and Analyze security alerts and logs to identify potential incidents. Analyze network traffic patterns to detect anomalies and identify potential security breaches.

2) Implement correlation rules and create playbooks as per requirements. Continuously update and suggest new rules and playbooks based on the latest attack vectors and insights from public articles and cybersecurity reports.

3) Use security compliance and scanning solutions to conduct assessments and validate the effectiveness of security controls and policies. Suggest improvements to enhance the overall security posture.

4) Utilize deception security solutions to deceive and detect potential attackers within the network.

5) Leverage deep expertise in networking, system architecture, operating systems, virtual machines (VMs), servers, and applications to enhance cybersecurity operations.

6) Work effectively with cross-functional teams to implement and maintain robust security measures. Conduct thorough forensic analysis of security incidents to determine root causes and impact.

7) Assist with all phases of incident response. Develop and refine incident response strategies and procedures to address emerging cyber threats.

8) Perform digital forensics to understand attack vectors and impact. Swiftly respond to and mitigate security threats, ensuring the integrity and security of organizational systems and data.

9) Professionally communicate and report technical findings, security incidents, and mitigation recommendations to clients.

About Company

Innspark is the fastest-growing Deep-tech Solutions company that provides next-generation products and services in Cybersecurity and Telematics. The Cybersecurity segment provides out-of-the-box solutions to detect and respond to sophisticated cyber incidents, threats, and attacks. The solutions are powered by advanced Threat Intelligence, Machine Learning, and Artificial Intelligence that provides deep visibility of the enterprise’s security.

We have developed and implemented solutions for a wide range of customers with highly complex environments including Government Organizations, Banks & Financial institutes, PSU, Healthcare Providers, Private Enterprises.

Website: https://innspark.in/

Summary:

● We are seeking a highly motivated and experienced Cyber security

● Expert to join our team. You will be responsible

for safeguarding our IT infrastructure, data, and applications from cyber threats.

● You will have a deep understanding of server, endpoint, mail, and infrastructure security and possess strong incident response skills.

● Additionally, you will be well-versed in relevant regulations and how to navigate them during data breaches.

Responsibilities:

● Implement and maintain comprehensive security controls for servers, endpoints, mail, and infrastructure.

● Conduct regular vulnerability assessments and penetration testing.

● Monitor security logs and SIEM systems for suspicious activity.

● Investigate and respond to security incidents, including data breaches.

● Develop and implement incident response plans and procedures.

● Stay up-to-date on the latest cyber threats and vulnerabilities.

● Provide security awareness training to employees.

● Advise on and implement security best practices throughout the organization.

● Understand and comply with relevant data privacy and security regulations (e.g., HIPAA, GDPR, PCI DSS).

● Work collaboratively with IT, business units, and legal teams.

As an Enterprise Security Architect you will join a growing organization to lead a modern enterprise security program. In this role the Architect will have responsibility for identifying, defining, developing, leading security technology strategy across a broad portfolio of IAM, Cloud, End Point, Network, Web security and related technology systems, and the assessment of new and emerging identity technologies at the very large enterprise scale.

As a senior member of the team you will engage and partner with senior leaders across the organization leveraging your extensive background in (managing / delivering / implementing / architecting) security technology combined with expertise in organizational and cross-functional communication to develop strategy, influence roadmaps, solution adoption, champion strategic opportunities / execution plans with the aim to improve security capabilities, reduce risk and position forward looking identity governance and security enhancements

• Responsible for defining an architectural vision and architecture for large complex solutions, which aligns with the enterprise architecture strategy, technology and platform choices

• Describes the solution intent and the associated operating environment, determining the primary systems/subsystems and their interfaces, defining non-functional requirements and architectural runway to support new epics/features and expand into new opportunities

• Ensures the solution is fit for purpose and use by working with stakeholders, vendors/service providers, and evaluating the impact of strategic design decisions

• Contributes to best practices, standard templates, and the architecture roadmap for defined domains.

• Creates endpoint/host, workplace productivity security reference architecture and design patterns for reusability.

• Contributes in the creation of the architecture roadmap of defined domains (Business, Application, Data and Technology) in support of the product roadmap

• Contributes to the development of best practices including standardized templates

• Works across business and technology to create the solution intent and architectural vision for large complex solutions and evolves it based on an emerging backlog

• Works with Product Manager/Owner to plan and prioritize technology focused backlog items for the architecture runway to enable business epics/features and expand into new opportunities

• Clarifies the architecture for the development teams to support implementation, and provides solution options to resolve any architectural impediments

• Performs design and code reviews to ensure all non-functional requirements for a solution are sufficiently met (e.g. security, performance, maintainability, scalability, usability, and reliability)

• The platform security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.

• Develop blueprints and procedures to effectively secure company data against accidental or unauthorized modification, destruction or disclosure.

• Create and define the security architectures and roadmaps encompassing cloud architecture, access management, and monitoring.

• Design and develop data security architectures for cloud and cloud/hybrid-based systems.

• Align architectural design technical controls and solutions to industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP)

What are we looking for?

We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.

Requirements:

• 10+ years of hands-on experience with scoping, sizing, designing, architecting & building IAM solutions across various technologies, or demonstrated ability to meet job requirements through comparable work experience.

• Expert level knowledge of authentication/authorization standards, protocols, and frameworks such as FIDO, OpenID, SAML, OAuth, JWT, CA, X.509, MTLS, etc.

• Technical expertise and experience with Microsoft MFA, SailPoint, CyberArk, ForgeRock, Okta, Ping, Active Directory, Azure Active Directory, AWS, Google Cloud Platform, Microsoft Azure, and IDM integration across domains

• Solid understanding of Cloud concepts and hands on knowledge on Azure/AD or other cloud identity environments.

• Experience designing and implementing security services and tools applied to GCP, Azure and AWS

• Expertise with Data Loss Prevention and CASB strategies and solutions supporting security of critical SaaS solutions such as Office 365, etc.

• Experience with Hybrid cloud architectures and designs

• Must have experience with Internet Application Hosting architectures, best practices and related technologies to effectively protect externally facing applications

• Experience with DevSecOps process, Container technologies (Docker, Kubernetes), API Gateways, and other common web application technologies is preferred

• Strong knowledge of enterprise security concepts/frameworks and products, secure design principles and best practices

• Strong verbal and writing skills to develop technical documentation and presentations

• Experience in leading technical architecture and security design discussions

• Experience managing multiple multi-level stakeholder relationships

• Bachelors in Computer Science, Computer Engineering or related field

“Such other task that Company may assign you time to time”.

Position Title: Manager – Security Operations Organization /Function: Manager is responsible for day to day operational and project delivery for a set of customers Relevant Experience: 10+ years of experience in security area and at least 2 years as Security manager Educational Qualification: BE/B.Tech/ME/M.Tech/Graduate/Master in any stream with excellent academic record

Must-have Skills: • Must know common security policy frameworks and possess knowledge of how security programs are run at mid to large scale companies • Must have managed a team to deliver “Managed Security Service” or “Security Operations Center” • Prior working Background in either SIEM tools (Splunk, ArcSight, QRadar, DNIF etc.) or Vulnerability assessment and Management tool (Qualys/Rapid7) and process • Has broader context and understanding of managed security services • Must have service mindset and empathy. Must deal with a level of ambiguity, chaos and apparent stubbornness from customers, and manage around it by thinking through the issue or request from the customer’s perspective to drive to a reasonable conclusion • Must have prior experience on Project Management • Must have prior experience of onsite-offshore delivery model and should have directly worked with US/European customers or colleagues • Must have ITIL process knowledge

1.Triage of security alerts that includes but not limited to malware, denial of service, unauthorized access, etc.

2. Conduct incident investigations on SIEM tools.

3. Perform threat hunting on networks to detect and isolate threats.

4. Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM and intrusion detection systems)

5. Continuous optimization, tuning and monitoring of SIEM solution

6. Hands on experience around administrating and threat hunting on EDR, XDR, DLP and SIEM tools.

7. Ability to analyze endpoint, network, and application logs

8. Identify false positives, analyse reported spam, phishing, and suspicious emails and understanding of email security concepts: SPF, DMARC, DKIM

9. Immediate Joiners

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.

Responsibilities:

• Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
• You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
• You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
• You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
• You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
• Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members

Minimum qualifications:

• BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
• Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
• Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
• Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
• Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
• Good understanding of complexities and security challenges in large-scale distributed systems
• Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
• Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
• Excellent written and verbal communication skills
• Strong interpersonal, team building, and mentoring skills

Job Description

Cyber Threat Intelligence & Threat Hunting - Subject Matter Expert (B3-2)

Responsibilities:

Perform threat research, create actionable threat advisories, and derive hunting queries based on the evolving threat vectors.

Understand APT groups, Conduct deep dive technical analysis of cyber-attack tools, tactics, and procedures. Create hypothesis and perform active threat hunting.

Minimum Requirements:

10+ years of overall experience, 7+ years of experience in cyber threat intelligence, malware analysis (Reverse engineering)

Hands-on experience with writing threat hunting hypothesis & active threat hunting

Experience with YARA rule and OpenIOC signature creation.

Experience with multi-tiered mission-critical systems.

Experience in opensource sandbox and honeypots.

Preferred Certification

GIAC Cyber Threat Intelligence (GCTI)

C| TIA (Certified Threat Intelligence Analyst)

CCTIA by the NICCS

Responsibilities:

The Senior Information Security Engineer is responsible for the implementation, execution and maintenance of technology solutions to mitigate risk, to protect the IT and Engineering environments by reducing the probability of, and to minimize the effects of, damage caused by malware, malicious activities and security events.

The individual will help protect the company by deploying, tuning, and managing security tools across the computing environment, as well as provide security incident response cycle support. They should have a passion and skills for identifying the latest cyber threats. The individual will:

Basic Qualifications

• Working knowledge of infrastructure-as-code and CI/CD pipelines tools (i.e. Jenkins, Teamcity, CircleCI etc..)
• Lead and participate in major day-to-day operational aspects of the security engineering team including improvement of current security controls while constantly identifying areas of needed improvement
• Deep hands-on security experience with cloud providers, such as AWS, GCP, Azure
• Understanding of automated security testing approaches and tools
• Experience with proactive integration of security into the development process
• Lead continuous improvement efforts of out security tools and systems (Concertation on SIEM, IDS, EDR Tools)
• Work with our customers (Security Operations, Incident Response, and Product teams) to incorporate high quality security alerting into their operational workflows
• Improve overall security practitioner efficiency through process automation
• Foster and promote collaboration among all members of the IT, Infrastructure, and Risk Management Departments.

Minimum Qualifications/Requirements

• BS or MS in Computer Science or related field
• Minimum 7+ years of cybersecurity experience
• Must have previous experience performing threat hunting and incident response duties using SIEM tools, cybersecurity management consoles, and ticketing systems
• Experience in deployment, development, and maintenance of SIEM
• Experience writing and using Ansible server administration scripts, and create simple Python, BASH, or Powershell scripts to automate cybersecurity functions
• Scripting experience to automate security operations, alerting, and compliance checks, CI/CD design, deployment, and management
• Experience with managing endpoint response and detection infrastructure and endpoints at the enterprise level, including performing upgrades to the back end application and deploying new agent versions to endpoints
• Understanding the investigative process and performing triage for cybersecurity incidents
• Experience maintaining industry leading security technologies or infrastructure systems in complex technical IT operations environment
• Must be detail-oriented and organized with ability to handle competing demands while meeting deadlines
• Experience in authentication protocols and frameworks to include OAuth, and AWS IAM
• Proactive and motivated; team player with a positive can-do attitude
• Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines
• Ability to communicate technical concepts to a broad range of technical and non-technical staff
• Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change

What you will be doing:

• Participate in network and security initiatives, network designs, project plans, and deployments as well as coordinating technical issues with vendors and internal teams
• Contribute to design, installation, maintenance, vulnerability remediation, and monitoring of network and security systems
• Responsible for expert-level troubleshooting of any problems relating to global issues - participation in security incident management and response.
• Providing support and guidance to Technology teams across network and security technologies.
• Adhere to IT access-management incident response and change control procedures (ITIL)
• Continuous documentation of the IT network infrastructure including technical specifications, design documents, roll-out, and disaster recovery plans

What we are looking for:

A Network Security engineer with a solid comprehensive background in:

• Ability to manage, supervise and delegate multiple tasks
• Strong experience with SIEM and log management
• EDR (Endpoint Detection and Response - especially in Microsoft ATP, Defender or SentinelOne) configuration and management.
• Vendor management; including SOC (Security Operations Centre) providers
• Global Security Incident management support
• Experience in SD-WAN (Meraki) management and troubleshooting
• Knowledge of network security, hardening network equipment, and vulnerability scans
• Experience in Microsoft security and endpoint management tooling such as MCAS and MEM
• Excellent troubleshooting skills. Ability to rapidly identify respond to and resolve issues
• Proven experience in remote access technologies (ZScaler an advantage)
• Excellent communication skills (written and verbal).
• An ability to work under pressure and take ownership of tasks and customer issues.
• Ability to work individually and as part of a global Infrastructure Technology team with regional teams in India, UK and North America.

Information Security Specialist

Notice Period: 45 days / Immediate Joining

Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA. 

We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.

It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges. 

Key Qualifications

· Design, deploy, and support Information Security Solutions provided by BDS

· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms

· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.

· Research and strategic analysis of existing, and evolving all IT and data security technologies

· Establish baselines to define required security controls for all infrastructure components and application stack

· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.

· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts

· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up

· Must be able to work a flexible schedule during off-hours

Key Skills & Qualification

· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance

· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)

· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk

· Exposure of the security audit tools on public cloud platforms

· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture

· Certified Ethical Hacker would be a plus

· Handling of Security audits is a must

· Proven interpersonal skills while contributing to team effort by accomplishing related results

· Passion for learning new technologies and the ability to do so quickly.

http://www.banyandata.com" target="_blank">www.banyandata.com 

We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.

Roles & Responsibilities:

• Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
• Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
• Managing penetration tests and security reviews for core applications and APIs.
• Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
• Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
• Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
• Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
• Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
• Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
• Investigate privacy breaches.
• Educate employees on data privacy & security.
• Prioritize security requirements based on their severity of impact and product roadmap.
• Maintain a balance of security and business values across the organisation.

 Required Skills:

• Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
• Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.

• Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.

• Experience in Log Management, Security Event Correlation, SIEM.
• Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.

Good to Have Skills:

• Online Fraud Prevention.
• Bug Bounty experience.
• Security Operations Center (SOC) management.
• Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
• Experience / Knowledge on tools like Fortify and Nessus.
• Experience in handling logging tools on docker container images (ex. Fluentd).

Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption 
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting