SIEM Lead

14 hours ago

bangalore district, India Hiret Consulting Full time

We are seeking an experienced SIEM & Security Analytics Engineer (SIEM Lead) to design, develop, and enhance our detection capabilities across multiple SIEM platforms. This role involves building advanced correlation rules, use cases, and SOAR playbooks while integrating new log sources from both on-premises and cloud environments. The SIEM Lead will also drive security automation initiatives, improve detection engineering processes, and provide thought leadership for our SOC teams.

Key Responsibilities

  • Design and develop new SIEM rules, correlation logic, and use cases based on diverse log sources, including cloud security .
  • Write and fine-tune correlation, grouping, and logical rules in SIEM platforms (e.g., Splunk, Google Chronicle, AlienVault ).
  • Integrate new log sources and assets into SIEM; validate data ingestion and enrichment.
  • Build and maintain SOAR playbooks to automate detection and response processes.
  • Customize SIGMA rules and map use cases to the MITRE ATT&CK framework .
  • Create advanced threat detection content using datasets like Proxy, VPN, Firewall, DLP, and Cloud logs.
  • Collaborate with SOC teams to develop and refine SOPs, work instructions, and runbooks.
  • Use threat intelligence and threat hunting outputs to build custom detection content.
  • Identify gaps in existing detection coverage and propose new security controls .
  • Conduct testing and deployment of new use cases, ensuring continuous optimization.
  • Mentor junior analysts/engineers and contribute to team capability building.

Required Skills & Experience

  • 7+ years of experience in SIEM content engineering, rule development, and security analytics.
  • Strong knowledge of MITRE ATT&CK framework and its application in rule/use case development.
  • Proven expertise in SIEM platforms (Splunk, ELK, Google Chronicle, AlienVault, or equivalent).
  • Hands-on experience with SOAR platforms , automation, and orchestration workflows.
  • In-depth knowledge of log formats (firewall, proxy, VPN, DLP, endpoint, cloud) and ability to create new detections.
  • Strong understanding of networking concepts (TCP/IP, routing, protocols) and security technologies (Firewall, IDS/IPS, VPN, EDR, DLP, Malware Analysis, Cloud Security Tools).
  • 2+ years of experience working with cloud infrastructures (AWS, Azure, GCP).
  • Proficiency in writing queries, correlation rules, and security analytics content (Splunk SPL, ELK queries, etc.).
  • Experience with incident analysis and ability to interpret, manipulate, and enrich data across enterprise SIEM/ITSM platforms.
  • Knowledge of Windows/Linux internals , exploitation techniques, and malware behavior analysis.
  • Familiarity with standard hacking tools and attack techniques .

Qualifications

  • Bachelor’s degree in Computer Science, Information Technology, or related field .
  • Strong analytical, problem-solving, and communication skills (written & verbal).
  • Security certifications are highly desirable: Splunk Certified, Elastic Certified, CEH, CISSP, OSCP, Security+ or equivalent.

  • Siem lead

    5 days ago

    Bangalore, India Hiret Consulting Full time

    We are seeking an experienced SIEM & Security Analytics Engineer (SIEM Lead) to design, develop, and enhance our detection capabilities across multiple SIEM platforms. This role involves building advanced correlation rules, use cases, and SOAR playbooks while integrating new log sources from both on-premises and cloud environments. The SIEM Lead will also...

  • SIEM Lead

    5 days ago

    bangalore, India Hiret Consulting Full time

    We are seeking an experienced SIEM & Security Analytics Engineer (SIEM Lead) to design, develop, and enhance our detection capabilities across multiple SIEM platforms. This role involves building advanced correlation rules, use cases, and SOAR playbooks while integrating new log sources from both on-premises and cloud environments. The SIEM Lead will also...

  • SIEM Lead

    3 days ago

    Bangalore, India Hiret Consulting Full time

    We are seeking an experienced SIEM & Security Analytics Engineer (SIEM Lead) to design, develop, and enhance our detection capabilities across multiple SIEM platforms. This role involves building advanced correlation rules, use cases, and SOAR playbooks while integrating new log sources from both on-premises and cloud environments. The SIEM Lead will also...

  • Cloud Security Analyst

    2 weeks ago

    Bangalore, India Jobted IN C2 Full time

    Job Title: Cloud Security Analyst (SIEM) Total Experience: 6-9 Years Location: Bangalore About Company Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired by a collaborative community of colleagues around the world, and where you’ll be able to...

  • Security Operations Center

    5 days ago

    bangalore district, India ColorTokens Inc. Full time

    About ColorTokens At ColorTokens , we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen—but with our cutting-edge ColorTokens Xshield™ platform , companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable...

  • In-Person Hiring Drive-T&T-Cyber-SOC Operations

    9 hours ago

    bangalore district, India Deloitte Full time

    Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with...

  • Lead Security Operations Analyst

    5 days ago

    bangalore district, India Smarsh Full time

    Company Description Smarsh is the leader in Communications Compliance, Archiving, and Analytics. We provide compliance across the broadest set of communications channels with insights on what’s being captured. Smarsh customers manage over 500 million daily conversations across 80 channels - and it’s still growing. Our customers include the top 10 U.S.,...

  • Lead DevSecOps Engineer

    9 hours ago

    bangalore district, India slice Full time

    About Us: slice the way you bank slice’s purpose is to make the world better at using money and time, with a major focus on building the best consumer experience for your money. We’ve all felt how slow, confusing, and complicated banking can be. So, we’re reimagining it. We’re building every product from scratch to be fast, transparent, and feel...

  • In-Person Hiring Drive-T&T-Cyber-SOC Operations- CISCO/Palo Alto

    5 days ago

    bangalore district, India Deloitte Full time

    Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with...

  • In-Person Hiring Drive-T&T-Cyber-Privileged Identity Management

    6 days ago

    bangalore district, India Deloitte Full time

    Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with...