SOC Admin

3 weeks ago

Delhi, India NMS Consultant Full time
Job Description:-
The Use-Cases Factory worker is responsible for designing, implementing, and managing use-cases within the CyberSOC Detect from the log integration to the incident handling playbook. This role involves creating detection and response mechanisms to identify and mitigate cybersecurity threats, ensuring the organization & digital environment remains secure.
He will interact with various stakeholders who may request compliance, business, or threat use-cases, among others.
The Use-Cases Admin is responsible for:
 Develop and deploy use-cases to detect security threats into our SIEM from the log collection to the incident handling playbook. Fine-tune detection rules to minimize false positives and false negatives.
 Maintain detailed documentation of use-cases, ensuring transparency and accountability.
 Manage execution of standard procedures for the content management, change management and lifecycle management of the use-cases.
 Work closely with other IT and security teams to develop specific use cases and to enhance the overall security posture of the organization. Share insights and recommendations to improve overall cybersecurity posture.
 Regularly review and update use-cases to adapt to the evolving threat landscape and incorporate new threat intelligence.
 Manage reports, dashboards, metrics for CyberSOC KPIs and presentation to senior management & other stakeholders.
Skills
 Bachelor's degree in Computer Science, Information Security, EXTC or related field.
 Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirable.
 Proven experience (3+ years) working within the Cybersecurity field, with a focus on developing and managing use-cases.
 Excellent understanding and proven hands-on experience in SIEM/SOAR concepts such as log collection, correlation, aggregation, normalization, parsing, playbooks, layouts.
 Experience with Palo Alto XDR and/or other SIEM platforms like Sentinel, Qradar, Splunk, ArcSight, etc.
 Experience with Palo Alto XSOAR and/or equivalent SOAR Platforms like Resilient, Phantom, etc.
 Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is highly desirable.
 Deep understanding of various cyber threats, attack vectors, and defense mechanisms.

  • Splunk Admin/SOC

    3 days ago

    New Delhi, India Tata Consultancy Services Full time

    Dear Candidates,Tata Consultancy Services is hiring for SIEM Admin/SOCExperience: 10+ YearsLocation : ChennaiRole and Responsibilities:- Expertise working with Splunk and able to identify tuning recommendations for improved detection and accuracy - Expert Splunk use-case/rules writing skills - Expert Security Incident investigation and migration skills -...

  • Security Operations Center Analyst

    3 days ago

    delhi, India Tata Consultancy Services Full time

    SIEM Admin**:I. Deploy, configure, and maintain SIEM solutions (e.g., Splunk, IBM QRadar, ArcSight). II. Monitor and analyze security events and alerts from the SIEM system.III. Tune SIEM rules, filters, and use cases to reduce false positives and improve detection accuracy. IV. Integrate log sources and data feeds into the SIEM system. V. Develop and...

  • IT Admin

    23 hours ago

    Pitampura, Delhi, Delhi, India Surepass Technologies Full time

    **Location**: Netaji Subhash Place, Delhi **Type**: Internship (with PPO opportunity based on performance) **Duration**: 3-6 months **Stipend**: 15,000-20,000 **About Surepass Technologies** Surepass Technologies is a fast-growing tech company offering cutting-edge identity verification solutions. We’re committed to security, reliability, and...

  • Security Operations Center Analyst

    4 days ago

    Delhi Division, India Tata Consultancy Services Full time

    SIEM Admin**:I. Deploy, configure, and maintain SIEM solutions (e.G., Splunk, IBM QRadar, ArcSight). II. Monitor and analyze security events and alerts from the SIEM system.III. Tune SIEM rules, filters, and use cases to reduce false positives and improve detection accuracy. IV. Integrate log sources and data feeds into the SIEM system. V. Develop and...

  • It / computer security analyst as admin executive

    2 weeks ago

    Delhi, India KMM Infotech Solutions Private Limited Full time

    Job Title: IT / Computer Security Analyst as Admin ExecutiveLocation: Remote (India)About the RoleWe are seeking a proactive, detail-oriented Security Analyst to work closely with our Security Consultant in driving key security initiatives across the organization. This role is ideal for someone with a foundational understanding of cybersecurity , paired with...

  • It / computer security analyst as admin executive

    1 week ago

    Delhi, India KMM Infotech Solutions Private Limited Full time

    Job Title: IT / Computer Security Analyst as Admin ExecutiveLocation: Remote (India)About the RoleWe are seeking a proactive, detail-oriented Security Analyst to work closely with our Security Consultant in driving key security initiatives across the organization. This role is ideal for someone with a foundational understanding of cybersecurity , paired with...

  • IT / Computer security Analyst as Admin Executive

    2 days ago

    Delhi, India KMM Infotech Solutions Private Limited Full time

    Job Title: IT / Computer Security Analyst as Admin ExecutiveLocation: Remote (India)About the RoleWe are seeking a proactive, detail-oriented Security Analyst to work closely with our Security Consultant in driving key security initiatives across the organization. This role is ideal for someone with a foundational understanding of cybersecurity , paired with...

  • Security Operations Center Analyst

    3 days ago

    Greater Delhi Area, India Tata Consultancy Services Full time

    SIEM Admin**: I. Deploy, configure, and maintain SIEM solutions (e.g., Splunk, IBM QRadar, ArcSight). II. Monitor and analyze security events and alerts from the SIEM system. III. Tune SIEM rules, filters, and use cases to reduce false positives and improve detection accuracy. IV. Integrate log sources and data feeds into the SIEM system. V. Develop and...

  • Security Operations Center Analyst

    4 days ago

    Greater Delhi Area, India Tata Consultancy Services Full time

    SIEM Admin**:I. Deploy, configure, and maintain SIEM solutions (e.g., Splunk, IBM QRadar, ArcSight). II. Monitor and analyze security events and alerts from the SIEM system.III. Tune SIEM rules, filters, and use cases to reduce false positives and improve detection accuracy. IV. Integrate log sources and data feeds into the SIEM system. V. Develop and...

  • Security Operations Center Analyst

    1 day ago

    Greater Delhi Area, India Tata Consultancy Services Full time

    SIEM Admin**: I. Deploy, configure, and maintain SIEM solutions (e.g., Splunk, IBM QRadar, ArcSight). II. Monitor and analyze security events and alerts from the SIEM system. III. Tune SIEM rules, filters, and use cases to reduce false positives and improve detection accuracy. IV. Integrate log sources and data feeds into the SIEM system. V. Develop and...