5+ Security Information and Event Management (SIEM) Jobs in Delhi, NCR and Gurgaon | Security Information and Event Management (SIEM) Job openings in Delhi, NCR and Gurgaon

As a Senior Security Operations Engineer, you will be an integral part of Qualys SOC (Security Operation Center) and CSIRT (Cyber Security Incident Response Team) contributing to the day-to-day activities aimed at governing entire incident management lifecycle from incident monitoring, triaging, analyzing, and responding to security incidents. This role requires a solid understanding of security technologies, incident triage/investigation & incident response, and a proactive approach to identifying and mitigating potential threats. You will leverage advanced cybersecurity tools and techniques to monitor and secure Qualys infrastructure/systems, Qualys Cloud Platforms, respond to alerts, investigate potential threats, and proactively work for mitigation of identified cyber threats/incidents. At the same time, you will be responsible for providing expert guidance to other SOC engineers in the team and working closely with SOC/CSIRT leadership to improve the organization’s security posture.

ROLE & RESPONSIBILITIES:

We are hiring a Senior DevSecOps / Security Engineer with 8+ years of experience securing AWS cloud, on-prem infrastructure, DevOps platforms, MLOps environments, CI/CD pipelines, container orchestration, and data/ML platforms. This role is responsible for creating and maintaining a unified security posture across all systems used by DevOps and MLOps teams — including AWS, Kubernetes, EMR, MWAA, Spark, Docker, GitOps, observability tools, and network infrastructure.

KEY RESPONSIBILITIES:

1.     Cloud Security (AWS)-

• Secure all AWS resources consumed by DevOps/MLOps/Data Science: EC2, EKS, ECS, EMR, MWAA, S3, RDS, Redshift, Lambda, CloudFront, Glue, Athena, Kinesis, Transit Gateway, VPC Peering.
• Implement IAM least privilege, SCPs, KMS, Secrets Manager, SSO & identity governance.
• Configure AWS-native security: WAF, Shield, GuardDuty, Inspector, Macie, CloudTrail, Config, Security Hub.
• Harden VPC architecture, subnets, routing, SG/NACLs, multi-account environments.
• Ensure encryption of data at rest/in transit across all cloud services.

2.     DevOps Security (IaC, CI/CD, Kubernetes, Linux)-

Infrastructure as Code & Automation Security:

• Secure Terraform, CloudFormation, Ansible with policy-as-code (OPA, Checkov, tfsec).
• Enforce misconfiguration scanning and automated remediation.

CI/CD Security:

• Secure Jenkins, GitHub, GitLab pipelines with SAST, DAST, SCA, secrets scanning, image scanning.
• Implement secure build, artifact signing, and deployment workflows.

Containers & Kubernetes:

• Harden Docker images, private registries, runtime policies.
• Enforce EKS security: RBAC, IRSA, PSP/PSS, network policies, runtime monitoring.
• Apply CIS Benchmarks for Kubernetes and Linux.

Monitoring & Reliability:

• Secure observability stack: Grafana, CloudWatch, logging, alerting, anomaly detection.
• Ensure audit logging across cloud/platform layers.

3.     MLOps Security (Airflow, EMR, Spark, Data Platforms, ML Pipelines)-

Pipeline & Workflow Security:

• Secure Airflow/MWAA connections, secrets, DAGs, execution environments.
• Harden EMR, Spark jobs, Glue jobs, IAM roles, S3 buckets, encryption, and access policies.

ML Platform Security:

• Secure Jupyter/JupyterHub environments, containerized ML workspaces, and experiment tracking systems.
• Control model access, artifact protection, model registry security, and ML metadata integrity.

Data Security:

• Secure ETL/ML data flows across S3, Redshift, RDS, Glue, Kinesis.
• Enforce data versioning security, lineage tracking, PII protection, and access governance.

ML Observability:

• Implement drift detection (data drift/model drift), feature monitoring, audit logging.
• Integrate ML monitoring with Grafana/Prometheus/CloudWatch.

4.     Network & Endpoint Security-

• Manage firewall policies, VPN, IDS/IPS, endpoint protection, secure LAN/WAN, Zero Trust principles.
• Conduct vulnerability assessments, penetration test coordination, and network segmentation.
• Secure remote workforce connectivity and internal office networks.

5.     Threat Detection, Incident Response & Compliance-

• Centralize log management (CloudWatch, OpenSearch/ELK, SIEM).
• Build security alerts, automated threat detection, and incident workflows.
• Lead incident containment, forensics, RCA, and remediation.
• Ensure compliance with ISO 27001, SOC 2, GDPR, HIPAA (as applicable).
• Maintain security policies, procedures, RRPs (Runbooks), and audits.

IDEAL CANDIDATE:

• 8+ years in DevSecOps, Cloud Security, Platform Security, or equivalent.
• Proven ability securing AWS cloud ecosystems (IAM, EKS, EMR, MWAA, VPC, WAF, GuardDuty, KMS, Inspector, Macie).
• Strong hands-on experience with Docker, Kubernetes (EKS), CI/CD tools, and Infrastructure-as-Code.
• Experience securing ML platforms, data pipelines, and MLOps systems (Airflow/MWAA, Spark/EMR).
• Strong Linux security (CIS hardening, auditing, intrusion detection).
• Proficiency in Python, Bash, and automation/scripting.
• Excellent knowledge of SIEM, observability, threat detection, monitoring systems.
• Understanding of microservices, API security, serverless security.
• Strong understanding of vulnerability management, penetration testing practices, and remediation plans.

EDUCATION:

• Master’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• Relevant certifications (AWS Security Specialty, CISSP, CEH, CKA/CKS) are a plus.

PERKS, BENEFITS AND WORK CULTURE:

• Competitive Salary Package
• Generous Leave Policy
• Flexible Working Hours
• Performance-Based Bonuses
• Health Care Benefits

Job title:  DLP Engineer 

Work Location: Delhi

Division/Department: Technical

Requirement Severity: Immediate

Job Description:.

• Deploy and configure DLP solutions such as Forcepoint, CoSoSys, or Netskope across endpoints, networks, and cloud environments.
• Customize DLP policies and rules to address organizational data security needs.
• Continuously monitor data flow and detect unauthorized access or data exfiltration attempts.
• Analyze DLP alerts and logs to identify potential threats and escalate as necessary.
• Develop, implement, and manage DLP policies to prevent data breaches and leaks.
• Integrate DLP solutions with other security tools, including SIEM.
• Provide technical support for DLP tools and resolve related issues promptly.
• Stay updated with the latest trends and advancements in DLP technologies, particularly Forcepoint, CoSoSys, and Netskope.

Skill Requirements:

• Good communication skills.

Mandatory Requirements:

• 2 years’ experience in the installation of Forcepoint Cososys or Netskope.
• Should have own conveyance.

Education and/or Work Experience Requirements: 

• 2 years’ experience in the installation of Forcepoint Cososys or Netskope.
• Must be able to work under pressure and meet deadlines, while maintaining a positive attitude and providing exemplary customer service.
• Ability to work independently and carry out assignments to completion within the instructions' parameters.

Job Requirements: 

Minimum Experience: 2 years

Working Days: 6 days working, Monday to Saturday (3rd Saturday off)

Role: SOC Analyst

Job Type: Full Time, Permanent

Location: Onsite – Delhi

Experience Required: 1-3 Yrs

Skills Required:

1) Working knowledge across various security appliances (e.g., Firewall, WAF, Web Security Appliance, Email Security Appliance, Antivirus).

2) Experience with SOC Operations tools like SIEM, NDR, EDR, UEBA, SOAR, etc.

3) Strong analytical and problem-solving skills, with a deep understanding of cybersecurity principles, attack vectors, and threat intelligence.

4) Knowledge of network protocols, security technologies, and the ability to analyze and interpret security logs and events to identify potential threats.

5) Scripting skills (e.g., Python, Bash, PowerShell) for automation and analysis purposes.

6) Skilled in evaluating and integrating inputs from people, processes, and technologies to identify effective solutions.

7) Demonstrate a thorough understanding of the interdependencies between these elements and leverages this knowledge to develop comprehensive, efficient, and sustainable problem-solving strategies.

8) Excellent communication skills to articulate complex technical concepts to non-technical stakeholders and collaborate effectively with team members.

9) Ability to prioritize and manage multiple tasks in a dynamic environment.

10) Willingness to stay updated with the latest cybersecurity trends and technologies.

Job Responsibilities:

1) Continuously monitor and Analyze security alerts and logs to identify potential incidents. Analyze network traffic patterns to detect anomalies and identify potential security breaches.

2) Implement correlation rules and create playbooks as per requirements. Continuously update and suggest new rules and playbooks based on the latest attack vectors and insights from public articles and cybersecurity reports.

3) Use security compliance and scanning solutions to conduct assessments and validate the effectiveness of security controls and policies. Suggest improvements to enhance the overall security posture.

4) Utilize deception security solutions to deceive and detect potential attackers within the network.

5) Leverage deep expertise in networking, system architecture, operating systems, virtual machines (VMs), servers, and applications to enhance cybersecurity operations.

6) Work effectively with cross-functional teams to implement and maintain robust security measures. Conduct thorough forensic analysis of security incidents to determine root causes and impact.

7) Assist with all phases of incident response. Develop and refine incident response strategies and procedures to address emerging cyber threats.

8) Perform digital forensics to understand attack vectors and impact. Swiftly respond to and mitigate security threats, ensuring the integrity and security of organizational systems and data.

9) Professionally communicate and report technical findings, security incidents, and mitigation recommendations to clients.

About Company

Innspark is the fastest-growing Deep-tech Solutions company that provides next-generation products and services in Cybersecurity and Telematics. The Cybersecurity segment provides out-of-the-box solutions to detect and respond to sophisticated cyber incidents, threats, and attacks. The solutions are powered by advanced Threat Intelligence, Machine Learning, and Artificial Intelligence that provides deep visibility of the enterprise’s security.

We have developed and implemented solutions for a wide range of customers with highly complex environments including Government Organizations, Banks & Financial institutes, PSU, Healthcare Providers, Private Enterprises.

Website: https://innspark.in/