Security Information and Event Management (SIEM) Jobs in Bangalore (Bengaluru)

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.

Responsibilities:

• Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
• You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
• You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
• You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
• You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
• Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members

Minimum qualifications:

• BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
• Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
• Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
• Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
• Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
• Good understanding of complexities and security challenges in large-scale distributed systems
• Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
• Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
• Excellent written and verbal communication skills
• Strong interpersonal, team building, and mentoring skills

• Candidate will be responsible for Security Operations Center alerting and monitoring.
• Candidate will be responsible for a vulnerability assessment, remediation, validation, and patching.
• Candidate will be responsible for 24/7 SOC monitoring and response.
• Candidate will be responsible remediation of identified vulnerabilities.
• Candidate will be responsible for threat hunting.
• Candidate will be responsible for AWS and GCP cloud security services.
• Candidate will be responsible for end point security and EDR monitoring.
• Candidate will be responsible for application security assessment and patching.

• 0-2 years of relevant work experience.
• Bachelor’s degree (or higher) in Computer Science or related discipline.
• Experience in Security operation center(SOC).
• Strong understanding of security Incident response.
• Experience with an Endpoint security tool, EDR and associated incident response.
• Experience in SIEM, log ingestion, log parsing, and correlating.
• Experience in malware analysis and investigation.
• Experience with vulnerability management tools, vulnerability assessment, remediation, validation, and patching
• Knowledge of threat hunting, and he/she should have the capability to detect IOC (Indicator of Compromise) and
• IOA (Indicator of Attack).
• Good knowledge of SOC, security event monitoring, management, and response.
• Good verbal and written communication skills.

• CEH / CompTIA security+ certification
• Proficiency in WAZUH, EDR, Firewall, Prisma Cloud.
• Knowledge of MITRE att&ck framework.
• Proficiency in digital forensics.
• Hands-on experience with AWS or GCP.
• Effective verbal and written communication skills.
• Candidate should know MITRE att&ck framework.
• SDLC and Devops
• Proficiency in understanding and implementing Security tools and services.

• You will be part of the early tribe that is changing the way business banking rolls.
• Every atom of your work will impact the way millions of businesses are run.
• You will work with some of the brightest minds who will celebrate your quirks.
• You will find growth & fun to be two-way streets - how you thrive and the way you jive, in turn drives Open

• The candidate will be responsible for Security Operations Center Day to day activity.
• The candidate will be responsible for a vulnerability management tool deployment, vulnerability assessment,
• remediation, validation, and patching.
• The candidate will be responsible for leading and conducting digital and cyber forensics.
• The candidate will be responsible for leading SOC 24/7.
• The candidate will be responsible for creating runbook and playbook.
• The candidate will be responsible for creating and presetting monthly reports.
• The candidate will be responsible for conducting internal VA and PT.
• The candidate will be responsible support ISO internal and external audits.
• The candidate will be responsible for performing dynamic and static application security testing.
• The candidate will be responsible for coordinating with vendors for a red team activity, VAPT and SCR.
• Candidate should know cyber kill chain process and MITRE att&ck framework.
• The candidate should have knowledge of AWS and GCP cloud security services.
• The candidate should have knowledge on OWASP Top Ten Web Application Security Risks.

• 4-6 years of relevant work experience.
• Bachelor’s degree (or higher) in Computer Science or related discipline.
• Experience in Security operation center(SOC).
• Strong understanding of security Incident response.
• Excellent verbal and written communication skills.
• Experience with an Endpoint security tool, EDR and associated incident response.
• Experience in SIEM, log ingestion, log parsing, correlating, use case creation, and regex.
• Experience in malware analysis incident response and incident investigation.
• Experience with vulnerability management tools, vulnerability assessment, remediation, validation, and patching
• knowledge on firewall, IDS and IPS.
• knowledge on threat hunting, and he/she should have the capability to detect IOC (Indicator of Compromise) and IOA (Indicator of Attack).
• Good knowledge of SOC, security event monitoring, management, and response.
• Experience with forensic tools FTK imager, volatility, Wireshark and CAINE.
• Experience in a containerized application security assessment.
• Proficiency in understanding and implementing Security tools and services.
• Coordination with stakeholders, build and maintain positive working relationships with them.
• Candidate should know software development lifecycle and DevOps

• CEH / CompTIA security+ certification/ OSCP/ CPENT/ any cloud certification
• Proficiency in WAZUH, EDR, Firewall, Prisma Cloud, Burp suite, JMeter and postman.
• Knowledge of cyber kill chain process and MITRE att&ck framework.
• Proficiency in digital forensics tools FTK imager, volatility, Wireshark and CAINE.
• Hands-on experience with AWS and GCP.
• Effective verbal and written communication skills.

• You will be part of the early tribe that is changing the way business banking rolls.
• Every atom of your work will impact the way millions of businesses are run.
• You will work with some of the brightest minds who will celebrate your quirks.
• You will find growth & fun to be two-way streets - how you thrive and the way you jive, in turn drives Open

What you will be doing:

• Participate in network and security initiatives, network designs, project plans, and deployments as well as coordinating technical issues with vendors and internal teams
• Contribute to design, installation, maintenance, vulnerability remediation, and monitoring of network and security systems
• Responsible for expert-level troubleshooting of any problems relating to global issues - participation in security incident management and response.
• Providing support and guidance to Technology teams across network and security technologies.
• Adhere to IT access-management incident response and change control procedures (ITIL)
• Continuous documentation of the IT network infrastructure including technical specifications, design documents, roll-out, and disaster recovery plans

What we are looking for:

A Network Security engineer with a solid comprehensive background in:

• Ability to manage, supervise and delegate multiple tasks
• Strong experience with SIEM and log management
• EDR (Endpoint Detection and Response - especially in Microsoft ATP, Defender or SentinelOne) configuration and management.
• Vendor management; including SOC (Security Operations Centre) providers
• Global Security Incident management support
• Experience in SD-WAN (Meraki) management and troubleshooting
• Knowledge of network security, hardening network equipment, and vulnerability scans
• Experience in Microsoft security and endpoint management tooling such as MCAS and MEM
• Excellent troubleshooting skills. Ability to rapidly identify respond to and resolve issues
• Proven experience in remote access technologies (ZScaler an advantage)
• Excellent communication skills (written and verbal).
• An ability to work under pressure and take ownership of tasks and customer issues.
• Ability to work individually and as part of a global Infrastructure Technology team with regional teams in India, UK and North America.

Information Security Specialist

Notice Period: 45 days / Immediate Joining

Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA. 

We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.

It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges. 

Key Qualifications

· Design, deploy, and support Information Security Solutions provided by BDS

· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms

· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.

· Research and strategic analysis of existing, and evolving all IT and data security technologies

· Establish baselines to define required security controls for all infrastructure components and application stack

· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.

· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts

· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up

· Must be able to work a flexible schedule during off-hours

Key Skills & Qualification

· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance

· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)

· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk

· Exposure of the security audit tools on public cloud platforms

· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture

· Certified Ethical Hacker would be a plus

· Handling of Security audits is a must

· Proven interpersonal skills while contributing to team effort by accomplishing related results

· Passion for learning new technologies and the ability to do so quickly.

http://www.banyandata.com" target="_blank">www.banyandata.com 

Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption 
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting