Siem Admin
3 months ago
Introduction
Your Role and Responsibilities
This is level 2 role and would be responsible to support SIEM Management & content management for SIEM detection use-cases for the program. They would be overlooking technical services delivery for SOC program for your enterprise.
If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here.
- Good knowledge of SIEM, SIEM Architecture, SIEM health check.
- SIEM Rule creation and fine tuning, Deployment of SIEM in customer environment.
- Define and design criticality of SIEM rules in line with customer ask and threat Intel advisory.
- SIEM integration with enterprise tools / systems (various log source integration)
- requisite for SLA monitoring, access & relevant client requirements
- Troubleshoot issues regarding SIEM and other SOC tools.
- Build of use case for the customer, Parser management and customer log sources.
- Data archiving and backup and data purging configuration as per need and compliance.
- Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc.
- Helping L2 and L1 with required knowledge base details and basic documentations.
- Co-ordination with L2 and SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation.
- Work in a 24x7 Security Operation Centre (SOC) environment
Required Technical and Professional Expertise
- Overall 4+ years of experience with minimum 3+ years’ relevant experience in SIEM.
- B.E./ B.Tech/ MCA/ M.Sc. in Computer Science or IT
- SIEM Rule creation and fine tuning, Deployment of SIEM in customer environment.
- SIEM integration with enterprise tools / systems - requisite for SLA monitoring, access & relevant client requirements
- Identify Problems from recurring Incidents, Communicating Emergency Alerts & Warnings to relevant/designated stakeholders.
- Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach.
- Expertise in threat modelling, parser creation.
- Good verbal/written communication skills.
Preferred Technical and Professional Expertise
- Preferably OEM Certified SIEM Specialist + CEH.
- Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work.
- Intuitive individual with an ability to manage change and proven time management.
- Proven interpersonal skills while contributing to team effort by accomplishing related results as needed.
- Up-to-date technical knowledge by attending educational workshops, reviewing publications.
- Any entrant or Professional skill on shell scripting, AIX, Linux.
About Business UnitIBM Consulting is IBM’s consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients’ businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.
Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.
Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.
Are you ready to be an IBMer?
-
Jr. Siem Admin
3 months ago
Navi Mumbai, Maharashtra, India Atos Full time**Jr. SIEM Admin**: - Publication Date: May 27, 2024- Ref. No: 514484- Location: Mahape, Navi Mumbai, Maharasht, IN, 400710Eviden, part of the Atos Group, with an annual revenue of circa € 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in...
-
Siem Admin
3 months ago
Mumbai, Maharashtra, India BNP Paribas Full timeSIEM ADMIN (JOB NUMBER: CIB008255) About BNP Paribas India Solutions: Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services...
-
Siem Admin
3 months ago
Mumbai, Maharashtra, India BNP Paribas Full timeAbout BNP Paribas India Solutions: Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and...
-
SOC Administrator
2 months ago
Mumbai, India NMS Consultant Full timePosition Overview : We are seeking a skilled and dedicated SOC Admin to join our CyberSOC team. Responsibilities :- Excellent understanding and proven hands-on experience in SIEM/SOAR concepts such as correlation, aggregation, normalization, parsing, playbooks, layouts- Experience with deploying and managing a large SIEM/SOAR environment- Develop, implement,...
-
Qradar Admin 4 to 6 Years Pan India
2 weeks ago
Navi Mumbai, Maharashtra, India Capgemini Full timeChoosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired by a collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. Join us and help the world’s leading organizations unlock the value of...
-
T&T-Cyber-D&R- SOC-SIEM
1 month ago
Mumbai, India Deloitte Full timeYour potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with...
-
Security Splunk Enterprise Admin
4 months ago
Mumbai, India NMS Consultant Full time_Need Experince SOC on multiple alerts for threat detection in SIEM, Splunk Enterprise to maintain various configurations and maintaining Splunk Compliance reports._ - Need Experince on Microsoft Sentinel & Defender for security analysis in an Enterprise._ - _Monitoring and analysis of cyber security events with the use of Splunk Enterprise and other...
-
RSA Archer Admin
1 month ago
Navi Mumbai, India Inspira Enterprise Full timeMinimum Job Experience: 3 Years on RSA Archer and in Cyber Security Domain / SOC Tool Admin Experience: RSA Archer Responsibilities:Worked on installation of RSA Archer on servers on basis of the server requirement.Understanding of architecture of GRC RSA Archer as per client requirement.Develop and implement processes for interfacing with operational teams...
-
RSA Archer Admin
1 month ago
Navi Mumbai, India Inspira Enterprise Full timeMinimum Job Experience: 3 Years on RSA Archer and in Cyber Security Domain / SOC Tool Admin Experience: RSA Archer Responsibilities:Worked on installation of RSA Archer on servers on basis of the server requirement.Understanding of architecture of GRC RSA Archer as per client requirement.Develop and implement processes for interfacing with operational teams...
-
SOC Cybersecurity Admin
2 weeks ago
Mumbai, Maharashtra, India Rapsys Technologies Full time**Years of experience: 3+ Years** **JD**: - Bachelor degree in Computer Science, Information Security, EXTC or related field. - Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirable. - Proven experience (3+ years) working within the Cybersecurity field, with a focus on developing and managing use-cases. - Excellent...
-
SOC Admin
24 hours ago
mumbai, India Saint-Gobain International IT Delivery Centre Full timeResponsabilités: Proven experience (3+ years) working within the Cybersecurity field, with a focus on developing and managing use-cases. Excellent understanding and proven hands-on experience in SIEM/SOAR concepts such as log collection, correlation, aggregation, normalization, parsing, playbooks, layouts. Experience SIEM platforms like Sentinel, Qradar,...
-
SOC Admin
2 days ago
Mumbai, India Saint-Gobain International IT Delivery Centre Full timeResponsabilités: Proven experience (3+ years) working within the Cybersecurity field, with a focus on developing and managing use-cases.Excellent understanding and proven hands-on experience in SIEM/SOAR concepts such as log collection, correlation, aggregation, normalization, parsing, playbooks, layouts.Experience SIEM platforms like Sentinel, Qradar,...
-
Securityconsultant-infrastructuresecurity
3 months ago
Pune, Maharashtra, India IBM Full timeIntroduction Your Role and Responsibilities - Lead and Guide the SIEM Admin Team to deliver all the below tasks - Install, upgrade, configure, administer, and maintain our distributed SIEM QRadar platform. - Monitor and troubleshoot QRadar health issues to ensure optimal performance. - Integrate different devices with SIEM, including API integration and...
-
Splunk Admin
3 months ago
Mumbai, India NMS Consultant Full time**Job description** Must Have Skills: - CEH, SIEM, **Splunk**, Security Operations - Role involving **Splunk** **Administration**. - Perform analysis on the reported incidents, determine the root cause, recommend the appropriate solution - Monitor and review the L1 activities - Should provide real time situational awareness to customer's stakeholders -...
-
Mumbai, India Deloitte Full timeOur potential, unleashed.India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our...
-
Mumbai, India Deloitte Full timeOur potential, unleashed.India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our...
-
Mumbai, India Deloitte Full timeOur potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with...
-
Mumbai, India Deloitte Full timeOur potential, unleashed.India’s impact on the global economy has increased at an exponential rate and Deloitte presentsan opportunity to unleash and realize your potential amongst cutting edge leaders, andorganizations shaping the future of the region, and indeed, the world beyond.At Deloitte, your whole self to work, every day. Combine that with our...
-
SOC Administrator
2 weeks ago
Mumbai, India Rapsys Technologies PTE LTD Full timeExperience : 3-4years in SOC Admin role, SIEM Administrator, SOAR Administrator.Location : Mumbai based onlyThe Use-Cases Factory worker is responsible for : - Develop and deploy use-cases to detect security threats into our SIEM from the log collection to the incident handling playbook. Fine-tune detection rules to minimize false positives and false...
-
SOC Infra
4 months ago
Mumbai, Maharashtra, India Sequretek Full timeSOC Infra**Job Location** - Mumbai, India**About Us and Vision** Sequretek is one of the very few cybersecurity companies in the world, to offer their own AI-based security products around endpoint security, user access governance, and security monitoring. Sequretek has its 5 offices across US (New Jersey, Arkansas) and India (Mumbai, Delhi, Bangalore)...
