3+ Security Information and Event Management (SIEM) Jobs in Pune | Security Information and Event Management (SIEM) Job openings in Pune

Job Summary: We are seeking a proactive and technically skilled information security (SOC) Engineer/Analyst to monitor, detect, and respond to cybersecurity threats in real-time. The ideal candidate will have strong analytical skills, be detail-oriented, and possess a sound understanding of threat landscapes, SIEM tools, and incident response. The ideal candidate will possess a strong foundational understanding of cybersecurity governance, robust technical skills in security operations, and a commitment to staying abreast of the evolving threat landscape and internal security requirements.

Key Responsibilities

• Monitor security events and alerts from SIEM and other security tools.
• Perform initial triage and investigation of potential threats or anomalous behavior.
• Escalate incidents according to severity and defined procedures.
• Document incidents, provide root cause analysis, and maintain detailed logs.
• Analyze threat intelligence feeds and correlate with internal data.
• Assist in threat hunting and vulnerability management activities.
• Support continuous improvement of SOC processes and playbooks.
• Collaborate with other IT and Security teams for incident resolution.
• Assist in developing and tuning SIEM rules, queries, and dashboards for threat detection.
• Contribute to vulnerability management and secure configuration of internal systems and cloud environments.
• Support the testing and execution of recovery plans for security systems and data.
• Document incident findings, remediation steps, and contribute to post-incident reviews.

Required Skills & Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, or related field.
• 2–5 years of experience in a SOC environment or similar security operations role.
• Familiarity with SIEM tools (e.g., Splunk, QRadar, Sentinel).
• Understanding of TCP/IP, firewalls, IDS/IPS, and common attack vectors.
• Knowledge of malware, phishing, ransomware, and social engineering tactics.
• Hands-on experience with endpoint protection, network monitoring, and forensic tools.
• Excellent communication and documentation skills.
• Preferred Certifications:
• CompTIA Security+ or CySA+
• Vendor-specific SIEM certifications.

Job Title: L2 SIEM Administrator - LogRhythm

Location:

Pune – Customer Site (Magarpatta)

Job Summary:

We are seeking an experienced and proactive L2 SIEM Administrator with expertise in LogRhythm to manage, maintain, and optimize our Security Information and Event Management (SIEM) infrastructure.

The ideal candidate will develop use case frameworks, implement SIEM rules, and ensure efficient log management and threat detection.

Key Responsibilities:

LogRhythm Administration:

Manage and maintain the LogRhythm SIEM platform for optimal performance.

Develop, implement, and fine-tune use case frameworks and detection rules to enhance threat detection.

Incident Analysis:

Investigate security alerts and logs to identify and respond to threats.

Escalate unresolved issues to higher-level teams or external stakeholders.

Log Management:

Onboard and configure log sources, ensuring accurate data ingestion and normalization.

Validate log integrity across network and endpoint sources.

Optimization and Troubleshooting:

Resolve technical issues and optimize system performance.

Monitor and maintain dashboards and reporting tools for actionable insights.

Qualifications:

Proven expertise with LogRhythm, including creating and managing use case frameworks and detection rules.

3+ years of experience in SIEM administration.

Strong understanding of security logs, event correlation, and incident analysis.

Familiarity with scripting (Python, PowerShell) and security frameworks (e.g., MITRE ATT&CK).

Relevant certifications (e.g., LogRhythm Certified Professional (LRCP)) are a plus.