
Manager - Soc Admin & Platform Engineer
4 weeks ago
Genpact NYSE G is a global professional services and solutions firm delivering outcomes that shape the future Our 125 000 people across 30 countries are driven by our innate curiosity entrepreneurial agility and desire to create lasting value for clients Powered by our purpose the relentless pursuit of a world that works better for people we serve and transform leading enterprises including the Fortune Global 500 with our deep business and industry knowledge digital operations services and expertise in data technology and AI Inviting applications for the role of Manager-SOC Admin Platform EngineerGenpact is seeking invitations for SOC Admin Engineering role to support implementation integration management of SIEM SOAR EDR other technologies within its environment The SOC Admin is an internal corporate role responsible for administration management configuration testing and integration of SIEM SOAR EDR other security platform solutions to improve the security value of the organization A working knowledge of SIEM other security solutions with relevant experience is required Should have deeper understanding with some hands-on experience on other enterprise IT infra components such as advanced firewalls IPS IDS WIPS HIPS routers switches TACACS VPN proxy AV domain controllers DNS DHCP multi factor authentication virtualization Email systems security DLP etc along with cloud environments AWS Azure etc ResponsibilitiesAlign with internal external needs threat trends and operational performance to identify opportunities for improvement enhancement of the security operations center technologies and integrations Perform system administration for SIEM SOAR EDR and ancillary devices Develop implement and execute standard procedures for the administration content management change management version patch management and lifecycle management of the SIEM SOAR platforms Develop information security and incident response workflows procedures and best practices and publish them as playbooks in SOAR platform On-board new log sources with log analysis and parsing to enable SIEM correlation Creates and develops correlation and detection rules within SIEM solution IBM QRadar reports and dashboards to detect emerging threats Manage develop and tune the scripts that integrate SIEM Collaborate with key stakeholders within technology application and cyber-Security to develop specific use cases to address specific business needs Collaborate with platform application owners to define and establish logging standards to address various governance security requirements Create technical documentation around the content deployed to the SIEM Provides technical support for forensics services to include evidence seizure computer forensic analysis and data recovery in support of computer crime investigation Researches and maintains proficiency in open and closed source computer exploitation tools attack techniques procedures and trends Performs research into emerging threat sources and develops threat profiles Keep updated on latest cyber security threats Demonstrates strong evidence of analytical ability Has a broad understanding of all stages of incident response Has a sound understanding of other technologies like PAM CASB EDR Email Security Secure Web gateway etc and other threat detection platforms that form part of the broader SOC program Creation of reports dashboards metrics for SOC administration KPIs and presentation to senior management other stakeholders Handling audit related activities with internal and external stakeholders to ensure compliance of policies adherence of procedures showcase evidence and align the observation reports for process improvisations to achieve operational objectives Be prepared to provide a Technical Escalation Point during security incidents establishing the extent of an attack the business impacts and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a re-occurrence Has a systematic disciplined and analytical approach to problem solving with leadership skills Has basic knowledge of audit requirements PCI HIPPA SOX ISMS etc Qualifications we seek in you Minimum qualifications Experience RequirementsRelevant years working within the information security field with emphasis on security platform implementation administration Bachelors Graduation or higher in Computer Science or equivalent Experience with QRadar preferred and or other platforms SIEM systems like SPLUNK ArcSight Experience with IBM Resilient preferred or equivalent SOAR technology like Demisto Splunk Service Now Technical Experience Skills Required Excellent understanding and proven hands-on experience in SIEM concepts such as correlation aggregation normalization and parsing Experience with deploying and managing a large SIEM deployment Excellent understanding of enterprise logging standards with a focus on application loggingAdvanced knowledge of content creation concepts and best practicesExcellent understanding of regular expressions development of custom flex ParsersStrong knowledge of frameworks such as Cyber Kill Chain and Adversary Tactics Techniques and Procedures Experience in Implementation and support of major SOAR platform preferred IBM Resilient and developing playbooks for automation Expertise in writing QRadar searches QRadar Infrastructure and content use case development well-versed with IBM QRadar architecture and designExperience in QRadar Resilient Administration and analytics development on Information Security Triage events Incident Analysis Hands on exp with information security tools such as SIEMs FW IDS IPS EDR Sandboxes Vulnerability Management etc Excellent Python and Unix Shell scripting skillsUnderstanding of events related fields in log records and alerts reported by various data sources such as Windows Unix systems IDS IPS AV HIDS HIPS WAFs firewalls and web proxies Excellent understanding of Cyber Security Operations Incident Response processes Experience in using scripting languages to automate tasks and manipulate data Programming experience is a plus Experience working in a large enterprise environment and integrating solutions in a multi-vendor environment Preferred qualificationsSecurity Certifications Preferred Including but not limited to the following certifications Security CEH OSCP CISSP CISM GIAC GCIH Preferred product specialization certifications on QRadar SIEM Resilient SOAR Crowdstrike EDR Mimecast Email Security Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race color religion or belief sex age national origin citizenship status marital status military veteran status genetic information sexual orientation gender identity physical or mental disability or any other characteristic protected by applicable laws Genpact is committed to creating a dynamic work environment that values respect and integrity customer focus and innovation Get to know us at and on and Furthermore please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way Examples of such scams include purchasing a starter kit paying to apply or purchasing equipment or training
-
SOC Manager
2 weeks ago
Bengaluru, Karnataka, India Kroll Full timeJob DescriptionJob Title: SOC Manager Client Engagement (India)Reports to: Engagement LeaderEngagement Model: Client-dedicated, 16x7Role OverviewAs the SOC Manager for one of our client engagements, you will lead a dedicated team of analysts supporting a 16x7 Security Operations Centre. You will be responsible for overseeing day-to-day operations, ensuring...
-
SOC Lead Engineer
2 weeks ago
Bengaluru, Karnataka, India Versa Networks Full timeSOC Lead EngineerLocation: BangaloreExperience: 8- 15 YRSJob SummaryThe SOC Lead Engineer is responsible for overseeing the Security Operations Center team, ensuring 24/7 monitoring, detection, analysis, and response to security threats.This role involves managing incident response processes, optimising security tools, and leading a team of security analysts...
-
Soc Engineer
2 weeks ago
Bengaluru, Karnataka, India Softtek Full time ₹ 9,00,000 - ₹ 12,00,000 per year3 yoe as L1 SOC Engineer, with working knowledge of ElasticSearchAct as a first responder, L1 SOC Engineer is responsible for monitoring security tool in the SIEM, validate that the tools are working properly and respond to security events according with the alerts priority and risk.Roles & ResponsibilitiesAsset discovery.Monitor security tools in search of...
-
SOC Lead Engineer
3 weeks ago
Bengaluru, Karnataka, India Versa Networks Full timeSOC Lead Engineer Location: Bangalore Experience: 8- 15 YRS Job Summary The SOC Lead Engineer is responsible for overseeing the Security Operations Center team, ensuring 24/7 monitoring, detection, analysis, and response to security threats. This role involves managing incident response processes, optimising security tools, and leading a team of security...
-
SoC Emulation Engineer
16 hours ago
Bengaluru, Karnataka, India Quest Global Full time ₹ 12,00,000 - ₹ 36,00,000 per yearJob Requirements At Quest Global, it's not just what we do but how and why we do it that makes us different. With over 25 years as an engineering services provider, we believe in the power of doing things differently to make the impossible possible. Our people are driven by the desire to make the world a better place—to make a positive difference that...
-
SoC Emulation Engineer
22 hours ago
Bengaluru, Karnataka, India Quest Global Full time ₹ 20,00,000 - ₹ 25,00,000 per yearJob Requirements At Quest Global, it's not just what we do but how and why we do it that makes us different. With over 25 years as an engineering services provider, we believe in the power of doing things differently to make the impossible possible. Our people are driven by the desire to make the world a better place—to make a positive difference that...
-
SoC Validation Lead Engineer
3 weeks ago
Bengaluru, Karnataka, India Advanced Micro Devices (AMD) Full timeJob DescriptionYou have a passion and proven track record of emulation domain. You are a team player who has excellent communication skills and experience collaborating in a corporate environment with other architects & engineers located in different sites/time-zones. You have strong analytical and problem-solving skills and are willing to learn and ready to...
-
SOC Engineer
4 weeks ago
Bengaluru, Karnataka, India Webologix Ltd INC Full timeJob Position: SOC Engineer Location: PAN. Experience: 5+ to 10+ Years Must have: Forensics - Others Roles Responsibilities Review daily operational activities and timely mentor junior analysts Conduct detailed analysis on escalated events and handover the call to the Incident Response team along with appropriate evidence Ensure 100 incidents...
-
SOC Engineer
4 weeks ago
Bengaluru, Karnataka, India Thakral One Full timeBachelor's degree in Computer Science, Information Security, or related field- 2+ years of experience in a SOC or cybersecurity role- Strong understanding of network protocols, operating systems, and security principles- Experience with SIEM platforms (e.g., Splunk, QRadar, Sentinel)- Familiarity with firewalls, IDS/IPS, endpoint protection, and threat...
-
SOC Engineer
2 weeks ago
Bengaluru, Karnataka, India Webologix Ltd INC Full timeJob Position: SOC Engineer Location: PAN. Experience: 5+ to 10+ Years Must have: Forensics - Others Roles Responsibilities Review daily operational activities and timely mentor junior analysts Conduct detailed analysis on escalated events and handover the call to the Incident Response team along with appropriate evidence Ensure 100...