Csa Siem Admin

2 days ago


Bengaluru, Karnataka, India Deutsche Bank Full time

Job Title CSA SIEM Admin Sentinel Corporate Title Assistant Vice PresidentLocation Bangalore IndiaRole DescriptionThe COO Chief Information Security Office CISO is responsible for addressing information security risks to the Deutsche Bank global IT as a Security Engineer-AVP you will play a key technical role in our SIEM Operations team within the Global Cyber Security Engineering Architecture organization You will serve as a technical expert for the platform engineering and provide 24x7x365 support for critical security technologies The role primarily entails hands on technical product design build support of multi SIEM platforms Microsoft Sentinel Chronicle Splunk You will be part of a global SIEM Operations Team What well offer youAs part of our flexible scheme here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100 reimbursement under childcare assistance benefit gender neutral Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs and above Your key responsibilities Configure manage and optimize Microsoft Sentinel for efficient threat detection and response Ensure SIEM infrastructure is running optimally including performance monitoring and issue resolution Regularly update and optimize SIEM policies rules and configurations based on evolving threats Onboard configure and manage data connectors from various log sources including cloud on-premises and hybrid environments Ensure log ingestion health and troubleshoot data collection issues Develop implement and fine-tune analytics rules detection logic and playbooks in Sentinel Assist SOC and incident response teams with log analysis threat correlation and incident investigation Reduce false positives by refining detection rules and optimizing event filtering Implements and maintains Splunk platform infrastructure and configuration Designs and optimizes Splunk platform architecture for large-scale and distributed deployments Good understanding of security frameworks vulnerability management and incident response Implement and enhance automation using Kusto Query Language KQL Logic Apps and Microsoft Defender XDR integrations Maintain SIEM compliance with security policies industry regulations e g GDPR NIST ISO 27001 and best practices Generate reports and dashboards to provide visibility into security posture and SIEM performance Experience managing Linux and Windows agents in a Splunk environment Strong understanding of Splunk system architecture and best practices Work with SOC IT and Cloud Security teams to enhance Sentinel capabilities Document SIEM configurations detection use cases and operational procedures Incident Problem Management Change Release Management Vendor Management Capacity Management functions for the platform Maintain up-to-date knowledge of technology standards industry trends emerging technologies and cyber security best practices Ensure technical issues are quickly resolved and help implement strategies and solutions to reduce the likelihood of recurrence Passionate about data to drive information-based security analytics Value add - Person in having experience in Cloud Management Splunk and Chronicle Your skills and experienceThe candidate must have Engineering Background in Computer Science Information Technology Cybersecurity or related field and a minimum of 8 years of experience with recent experience in Security engineering system administration network engineering software engineering development with a focus on Cybersecurity 8 years of IT engineering experience with recent experience in building and managing infrastructure and security platforms 3 years of Experience implementing architecting and administering SIEM platforms like Sentinel Chronicle Splunk for a large global organization Knowledge of Azure services and data ingestion from those services into SIEM Familiarity with MITRE ATT CK cyber threat intelligence and SOC Workflows Understanding of SOAR Principles Hands on Experience with Microsoft Azure platform managing various configurations to enable manage Sentinel Experience developing in XML Bash Python and PowerShell scripts DevOps Engineering experience Terraform SDLC Actions Independent self-motivated proactive approach to problem solving and prevention Excellent written and verbal communication skills Passionate about cyber security and the aptitude to identify and solve security problems How well support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teamsPlease visit our company website for further information We strive for a in which we are empowered to excel together every day This includes acting responsibly thinking commercially taking initiative and working collaboratively Together we share and celebrate the successes of our people Together we are Deutsche Bank Group We welcome applications from all people and promote a positive fair and inclusive work environment


  • SIEM Administrator

    4 weeks ago


    Bengaluru, Karnataka, India ColorTokens Inc. Full time

    Job Title: Platform Administrator – NextGen SIEM Location: Bangalore (on site) Experience Level: 3+ years About ColorTokens At ColorTokens , we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen—but with our cutting-edge ColorTokens Xshield platform , companies can minimize the...

  • SIEM Administrator

    3 weeks ago


    Bengaluru, Karnataka, India ColorTokens Inc. Full time

    Job Title: Platform Administrator – NextGen SIEMLocation: Bangalore (on site)Experience Level: 3+ yearsAbout ColorTokensAt ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen—but with our cutting-edge ColorTokens Xshield platform, companies can minimize the impact of...


  • Bengaluru, Karnataka, India Colortokens Full time

    Job Title : Platform EngineerAbout ColorTokensAt ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happenbut with our cutting-edge ColorTokens Xshield platform, companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We...


  • Bengaluru, Karnataka, India Colortokens Full time

    Job Title : Platform Administrator NextGen SIEM. Location : Bangalore (on site). Experience Level : 8+ ColorTokens : At ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape.Breaches happenbut with our cutting-edge ColorTokens Xshield platform, companies can minimize the impact of breaches...


  • Bengaluru, Karnataka, India GENPACT Full time

    Genpact NYSE G is a global professional services and solutions firm delivering outcomes that shape the future Our 125 000 people across 30 countries are driven by our innate curiosity entrepreneurial agility and desire to create lasting value for clients Powered by our purpose the relentless pursuit of a world that works better for people we serve...


  • Bengaluru, Karnataka, India beBeeCybersecurity Full time US$ 1,20,000 - US$ 2,50,000

    The role of SOC Admin is an internal corporate position responsible for the administration, management, configuration, testing, and integration of SIEM, SOAR, EDR, and other security platform solutions to improve the security value of the organization.Key responsibilities include aligning with internal and external needs, threat trends, and operational...


  • Bengaluru, Karnataka, India beBeeAutomation Full time ₹ 10,00,000 - ₹ 20,00,000

    Job TitleWe are seeking a skilled professional to fill the role of Cybersecurity Automation Specialist.The ideal candidate will have experience designing, building, and maintaining automated security workflows using SOAR platforms.A strong background in scripting languages such as Python, Bash, or PowerShell is required.Familiarity with REST APIs and...


  • Bengaluru, Karnataka, India Mount Talent Consulting Pvt Ltd. Full time

    Job Title: Cloud Security Solution ArchitectLocation: Bangalore / Hyderabad/ NoidaExperience Required: 10+ years overall IT experience, with at least 5+ years in Cloud Security and ArchitectureNotice Period: Immediate to 30 DaysAbout the RoleWe are seeking an experienced Cloud Security Solution Architect to design, implement, and govern secure cloud...


  • Bengaluru, Karnataka, India YASH Technologies Full time

    As part of Yash's Cybersecurity Services team, The Zscaler Security Administrator will be responsible for administering and supporting Zscaler cloud security solutions (ZIA, ZPA, ZDX etc) for designated client environments. This role focuses on policy administration, system monitoring, documentation, and coordination with internal and external stakeholders...


  • Bengaluru, Karnataka, India People Prime Worldwide Full time

    About Company :Our client is a trusted global innovator of IT and business services. They help clients transform through consulting, industry solutions, business process services, digital & IT modernization and managed services. Our client enables them, as well as society, to move confidently into the digital future. We are committed to our clients'...