SIEM Lead
2 days ago
We are seeking an experienced
SIEM & Security Analytics Engineer (SIEM Lead)
to design, develop, and enhance our detection capabilities across multiple SIEM platforms. This role involves building advanced correlation rules, use cases, and SOAR playbooks while integrating new log sources from both on-premises and cloud environments. The SIEM Lead will also drive security automation initiatives, improve detection engineering processes, and provide thought leadership for our SOC teams.
Key Responsibilities
Design and develop
new SIEM rules, correlation logic, and use cases
based on diverse log sources, including
cloud security .
Write and fine-tune correlation, grouping, and logical rules in SIEM platforms (e.g.,
Splunk, Google Chronicle, AlienVault ).
Integrate new log sources and assets into SIEM; validate data ingestion and enrichment.
Build and maintain
SOAR playbooks
to automate detection and response processes.
Customize
SIGMA rules
and map use cases to the
MITRE ATT&CK framework .
Create advanced threat detection content using datasets like Proxy, VPN, Firewall, DLP, and Cloud logs.
Collaborate with SOC teams to develop and refine SOPs, work instructions, and runbooks.
Use threat intelligence and threat hunting outputs to build custom detection content.
Identify gaps in existing detection coverage and propose
new security controls .
Conduct testing and deployment of new use cases, ensuring continuous optimization.
Mentor junior analysts/engineers and contribute to team capability building.
Required Skills & Experience
7+ years of experience
in SIEM content engineering, rule development, and security analytics.
Strong knowledge of
MITRE ATT&CK framework
and its application in rule/use case development.
Proven expertise in
SIEM platforms
(Splunk, ELK, Google Chronicle, AlienVault, or equivalent).
Hands-on experience with
SOAR platforms , automation, and orchestration workflows.
In-depth knowledge of
log formats
(firewall, proxy, VPN, DLP, endpoint, cloud) and ability to create new detections.
Strong understanding of
networking concepts
(TCP/IP, routing, protocols) and
security technologies
(Firewall, IDS/IPS, VPN, EDR, DLP, Malware Analysis, Cloud Security Tools).
2+ years of experience working with
cloud infrastructures
(AWS, Azure, GCP).
Proficiency in writing
queries, correlation rules, and security analytics content
(Splunk SPL, ELK queries, etc.).
Experience with
incident analysis
and ability to interpret, manipulate, and enrich data across enterprise SIEM/ITSM platforms.
Knowledge of
Windows/Linux internals , exploitation techniques, and malware behavior analysis.
Familiarity with
standard hacking tools and attack techniques .
Qualifications
Bachelor’s degree in
Computer Science, Information Technology, or related field .
Strong analytical, problem-solving, and communication skills (written & verbal).
Security certifications are highly desirable:
Splunk Certified, Elastic Certified, CEH, CISSP, OSCP, Security+
or equivalent.
-
Siem Admin
2 days ago
Delhi, Delhi, India NTT DATA Full time**Make an impact with NTT DATA** Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it’s a place where you can grow, belong and thrive. **Your day at NTT DATA** The...
-
SOC L2
2 weeks ago
New Delhi, India NMS Consultant Full timeFrom 4 to 9 year(s) of experience ₹ Not Disclosed by Recruiter - New Delhi, Gurgaon/Gurugram **Job Description: - ** - ** Having Hands-on experience in SIEM Configuration.**: - Identifying and analyzing the incidents for false and true positive analysis of triggered alerts following Playbook. - Understand Cyber-Attacks methods, and perform analysis of...
-
Lead IT Security Architect
5 hours ago
Delhi, India Lenze Full timeCompany Description:Lenze is a leading automation specialist that has been a pioneer in the industry for over 75 years. The company supports customers in the machine and plant manufacturing sector with high-quality mechatronic solutions and powerful automation systems. Headquartered in Aerzen and represented in 45 countries, Lenze employs over 3,700 people...
-
Security & Compliance Lead
1 day ago
Delhi, Delhi, India gtprod Full time ₹ 15,00,000 - ₹ 25,00,000 per year10+ years in cybersecurity/IT risk; 4+ years leading org-wide security programs.B.Tech/B.E. in CS/InfoSec (M.Tech/MS in Cybersecurity a plus).Compliance: CERT-In, UIDAI eKYC safeguards, DPDP controls.IAM & AppSec: Keycloak hardening, OAuth2/OIDC, SAST/SCA/DAST in Jenkins/SonarQube.Cloud security: AWS IAM, KMS, WAF, GuardDuty, CloudTrail.IR & monitoring: SIEM...
-
Security & Compliance Lead
1 day ago
Delhi, Delhi, India Contactx Resource Management Pvt. Ltd. Full time ₹ 20,00,000 - ₹ 25,00,000 per yearWe are hiring for Big 6 firms -Delhi locationImmediate joiners/serving notice (Preferred)/45 days/50 days/Manager Level (10-14Years)JD:Role: Security & Compliance LeadLocation: Delhi 100% OnsiteClient: Government DepartmentQualifications:B.Tech/B.E. in CS/InfoSec (M.Tech/MS in Cybersecurity a plus).10+ years in cybersecurity/IT risk; 4+ years leading...
-
Cyber Security Operations Lead
2 weeks ago
Delhi, Delhi, India beBeeCybersecurity Full time ₹ 5,00,000 - ₹ 8,00,000Job Title: Cyber Security Operations LeadAbout the Role:This is a fantastic opportunity for an experienced Cyber Security Operations Lead to join our team. As a key member of our security operations center, you will play a crucial role in leading and managing our team of security analysts, ensuring that we are always one step ahead of potential threats.Key...
-
Delhi, India FPL Technologies Full timeSecurity Operations Centre (SOC) Administrator Opportunity: We are looking for an experienced professional for the SOC Lead position. The candidate should have experience with SIEM setup and operational knowledge, cloud environments. The candidate should be highly motivated, inquisitive and a problem solver. Knowledge of Incident response and SOAR...
-
Security & Compliance Lead
10 hours ago
Delhi Division, India Corpxcel Consulting Full timeRole : Security & Compliance LeadLocation : Delhi 100% OnsiteClient : Government DepartmentQualifications : - B.Tech/B.E. in CS/InfoSec (M.Tech/MS in Cybersecurity a plus).- 10+ years in cybersecurity/IT risk; 4+ years leading org-wide security programs.Key Responsibilities : - Define and run OURs cybersecurity strategy, policies, and architecture for...
-
Soc Analyst
1 day ago
Delhi, Delhi, India RAH Infotech Full time ₹ 9,00,000 - ₹ 12,00,000 per yearRole & responsibilities :Architect and implement end-to-end SIEM solutions using ArcSight 24(ESM, Smart Connectors, Recon)Hands-on experience in leading parser configuration, customization, and tuning for various log sources and third-party security technologies.Continuously improve detection rules and SOAR playbooks based on evolving threat intelligence and...
-
SOC Specialist
5 hours ago
Delhi, India Peoplefy Full timeHi Everyone,I am on lookout for SOC Specialist for leadingproduct based MNC in Kharadi , Pune.Kindly refer below JD:-Should have experience with Security and Threat monitoringShould have good experience with concepts of SIEMShould have strong experience in Threat and Vulnerability management.Any SIEM tools experience: (Splunk, Azure Sentinel, EDR, MS...
