SIEM Lead

4 weeks ago

Delhi, India Hiret Consulting Full time

We are seeking an experienced

SIEM & Security Analytics Engineer (SIEM Lead)

to design, develop, and enhance our detection capabilities across multiple SIEM platforms. This role involves building advanced correlation rules, use cases, and SOAR playbooks while integrating new log sources from both on-premises and cloud environments. The SIEM Lead will also drive security automation initiatives, improve detection engineering processes, and provide thought leadership for our SOC teams.
Key Responsibilities
Design and develop

new SIEM rules, correlation logic, and use cases

based on diverse log sources, including

cloud security .
Write and fine-tune correlation, grouping, and logical rules in SIEM platforms (e.g.,

Splunk, Google Chronicle, AlienVault ).
Integrate new log sources and assets into SIEM; validate data ingestion and enrichment.
Build and maintain

SOAR playbooks

to automate detection and response processes.
Customize

SIGMA rules

and map use cases to the

MITRE ATT&CK framework .
Create advanced threat detection content using datasets like Proxy, VPN, Firewall, DLP, and Cloud logs.
Collaborate with SOC teams to develop and refine SOPs, work instructions, and runbooks.
Use threat intelligence and threat hunting outputs to build custom detection content.
Identify gaps in existing detection coverage and propose

new security controls .
Conduct testing and deployment of new use cases, ensuring continuous optimization.
Mentor junior analysts/engineers and contribute to team capability building.
Required Skills & Experience
7+ years of experience

in SIEM content engineering, rule development, and security analytics.
Strong knowledge of

MITRE ATT&CK framework

and its application in rule/use case development.
Proven expertise in

SIEM platforms

(Splunk, ELK, Google Chronicle, AlienVault, or equivalent).
Hands-on experience with

SOAR platforms , automation, and orchestration workflows.
In-depth knowledge of

log formats

(firewall, proxy, VPN, DLP, endpoint, cloud) and ability to create new detections.
Strong understanding of

networking concepts

(TCP/IP, routing, protocols) and

security technologies

(Firewall, IDS/IPS, VPN, EDR, DLP, Malware Analysis, Cloud Security Tools).
2+ years of experience working with

cloud infrastructures

(AWS, Azure, GCP).
Proficiency in writing

queries, correlation rules, and security analytics content

(Splunk SPL, ELK queries, etc.).
Experience with

incident analysis

and ability to interpret, manipulate, and enrich data across enterprise SIEM/ITSM platforms.
Knowledge of

Windows/Linux internals , exploitation techniques, and malware behavior analysis.
Familiarity with

standard hacking tools and attack techniques .
Qualifications
Bachelor’s degree in

Computer Science, Information Technology, or related field .
Strong analytical, problem-solving, and communication skills (written & verbal).
Security certifications are highly desirable:

Splunk Certified, Elastic Certified, CEH, CISSP, OSCP, Security+

or equivalent.

  • SIEM Admin _ Hyderabad

    1 day ago

    New Delhi, India Tata Communications Full time

    We are hiring for SIEM Admin L2 & L3.Experience: 5+ YearsLocation: Mumbai & HyderabadWork Mode: Work from OfficeJD:This is a core technical IC role which requires candidate to be hands on and ability to deliver the below tasks independently.- Ownership of SIEM platform in terms of administration and management ( should be currently performing this role)-...

  • SIEM Admin _ Hyderabad

    3 days ago

    New Delhi, India Tata Communications Full time

    We are hiring for SIEM Admin L2 & L3.Experience: 5+ YearsLocation: Mumbai & HyderabadWork Mode: Work from OfficeJD:This is a core technical IC role which requires candidate to be hands on and ability to deliver the below tasks independently. Ownership of SIEM platform in terms of administration and management ( should be currently performing this role)...

  • Senior Consultant

    3 days ago

    New Delhi, India SmarTek21 Full time

    Description:Senior Consultant responsible for designing, implementing, and optimizing Google SecOps SIEM and SOAR solutions, leading complex integrations, and advising clients on advanced detection, automation, and response strategies.Responsibilities:- Lead the design and deployment of Google SecOps SIEM and SOAR solutions for complex client environments. -...

  • Lead IT Security Architect

    3 weeks ago

    Delhi, India Lenze Full time

    Company Description:Lenze is a leading automation specialist that has been a pioneer in the industry for over 75 years. The company supports customers in the machine and plant manufacturing sector with high-quality mechatronic solutions and powerful automation systems. Headquartered in Aerzen and represented in 45 countries, Lenze employs over 3,700 people...

  • Lead IT Security Architect

    1 week ago

    New Delhi, India Lenze Full time

    Company Description:Lenze is a leading automation specialist that has been a pioneer in the industry for over 75 years. The company supports customers in the machine and plant manufacturing sector with high-quality mechatronic solutions and powerful automation systems. Headquartered in Aerzen and represented in 45 countries, Lenze employs over 3,700 people...

  • Lead IT Security Architect

    3 days ago

    New Delhi, India Lenze Full time

    Company Description: Lenze is a leading automation specialist that has been a pioneer in the industry for over 75 years. The company supports customers in the machine and plant manufacturing sector with high-quality mechatronic solutions and powerful automation systems. Headquartered in Aerzen and represented in 45 countries, Lenze employs over 3,700 people...

  • Lead IT Security Architect

    5 days ago

    New Delhi, India Lenze Full time

    Company Description: Lenze is a leading automation specialist that has been a pioneer in the industry for over 75 years. The company supports customers in the machine and plant manufacturing sector with high-quality mechatronic solutions and powerful automation systems. Headquartered in Aerzen and represented in 45 countries, Lenze employs over 3,700 people...

  • Security Compliance Lead

    3 weeks ago

    Delhi, India Acura solutions Full time

    Compliance CERT-In UIDAI eKYC safeguards DPDP controls IAM AppSec Keycloak hardening OAuth2 OIDC SAST SCA DAST in Jenkins SonarQube Cloud security AWS IAM KMS WAF GuardDuty CloudTrail IR monitoring SIEM Graylog Dynatrace playbooks tabletop exercises Data protection Encryption at rest in transit TLS PKI secrets mgmt anonymization ...

  • Security & Compliance Lead

    2 days ago

    Delhi, Delhi, India gtprod Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    10+ years in cybersecurity/IT risk; 4+ years leading org-wide security programs.B.Tech/B.E. in CS/InfoSec (M.Tech/MS in Cybersecurity a plus).Compliance: CERT-In, UIDAI eKYC safeguards, DPDP controls.IAM & AppSec: Keycloak hardening, OAuth2/OIDC, SAST/SCA/DAST in Jenkins/SonarQube.Cloud security: AWS IAM, KMS, WAF, GuardDuty, CloudTrail.IR & monitoring: SIEM...

  • Security & Compliance Lead

    6 hours ago

    Delhi, Delhi, India Corpxcel Consulting Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    Role : Security & Compliance LeadLocation : Delhi 100% OnsiteClient : Government DepartmentQualifications : - B.Tech/B.E. in CS/InfoSec (M.Tech/MS in Cybersecurity a plus). years in cybersecurity/IT risk; 4+ years leading org-wide security programs.Key Responsibilities : - Define and run OURs cybersecurity strategy, policies, and architecture for...