SIEM content development

2 weeks ago

Bengaluru Chennai Hyderabad, India Tekskills Full time ₹ 12,00,000 - ₹ 36,00,000 per year

Job Title: SIEM Content Developer

Location: Bangalore, KA (WFO)

Skills Required: Content Developer

Experience: 4-7 Years

Job Description: Minimum 4+ years of experience

  • Use Case Development: Knowledge of organizational risks and threats to design relevant and effective detection rules.
  • Log Sources: Understanding log formats, sources, and parsing for accurate data utilization in use cases.
  • SIEM and Analytics Tools: Familiarity with platforms like Securonix, Sentinel, or Splunk to implement and monitor use cases.
  • Alert Logic: Ability to define thresholds, logic, and conditions to reduce false positives and improve detection accuracy.
  • Incident Response Needs: Awareness of incident response workflows to align use cases with actionable intelligence.
  • Performance Metrics: Skills to create and optimize KPI/KRI reports to track detection and response performance.
  • Fine-Tuning Methodology: Experience in analyzing alert data to refine use cases and adjust logic periodically. Detect and respond to company-wide security incidents, coordinating cross-functional teams to mitigate and eradicate threats.
  • Incident response lead to high impact cyber security incidents
  • Triage events, escalations and incidents to determine remediation and resolution actions
  • Coordinate appropriate response activities across teams or directly with stakeholders to rapidly remediate potential threats
  • Develop playbooks to improve processes and information sharing across teams
  • Initiative and project-related support to provide Security Operations and Incident Response perspective and subject matter expertise
  • Contribute technical and process improvements within the team
  • Participate in current operations, on call rotation. Which includes some after-hours responsibilities and escalations.

Desired Skills:(Good to Have)

  • EC-Councils Certified Incident Handler (E|CIH)
  • Experience with Cloud Computing and technology
  • Experience with Unix/Linux, or work relating to OS internals or file level forensics
  • CISSP or related GIAC certifications

Essential Skills: (Must Have)

  • Experience in Cyber Threat incident response, vulnerability research, malware analysis and exploit investigation.
  • Demonstrated experience in computer security related disciplines, including but not limited to the following subject areas: software vulnerabilities and exploitation, host forensics, malware analysis, network traffic analysis, Insider Threat and web-focused security topics.
  • Knowledgeable about modern security related subjects and trends, for example, Advanced Persistent Threat (APT), Spear Phishing, and credential compromise techniques
  • Proven ability to drive large scale, high visibility projects with high collaboration and leadership
  • Excellent judgment, decision making skills, and the ability to work under pressure
  • Excellent written and oral communication skills
  • Excellent presentation skills and experience of presenting to senior management
  • Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies
  • Develop and improve the existing EDR Specific usecases for enhanced detection.
  • Analyze the TTP's of the emerging threats and co-ordinate with the EDR team to develop use cases at EDR.
  • Closely co-ordinate and provide continuous support for CSIRT team in an event of a P1/P2 Security Incidents.
  • Conduct a Security Incident tabletop simulation internally within SOC to gauge the process and track improvements.
  • Handle BEC emails targeted against VIP users within the Organization

  • SIEM Engineer

    13 hours ago

    Bengaluru, Chennai, Hyderabad, India Deloitte Consulting Full time ₹ 6,00,000 - ₹ 12,00,000 per year

    CyberDeloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape. Through powerful insights and managed services that simplify complexity, we enable businesses to operate with resilience, grow with confidence,...

  • Splunk SIEM Specialist

    2 weeks ago

    Hyderabad, Telangana, India Kiya Full time ₹ 6,00,000 - ₹ 18,00,000 per year

    Job Title: Splunk SIEM SpecialistPosition OverviewWe are seeking an experienced Splunk SIEM Specialist to design, implement, and manage enterprise-level SIEM solutions. The role involves end-to-end Splunk administration, log source onboarding, detection content development, and platform optimization to enhance our organizations security monitoring and...

  • Siem Admin

    18 hours ago

    Hyderabad, India Inspira Full time

    5+ years working with SIEM technology preferably on ArcSight/Qradar/Security Analystics Experience with system administration skill set in both Unix and Windows technologies with Integration of devises such as windows, Unix, linux IDS etc. - Installation, trouble shooting and up gradation of connectors. - Installation, implementation, troubleshooting of...

  • SIEM Architect

    6 days ago

    Chennai, Tamil Nadu, India Saaki Argus And Averil Consulting Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    About the Client:An IT services company.Role: SIEM ArchitectExperience: 15 to 20 yearsLocation: Chennai (Work From Office)Role Summary: As a SIEM Architect, you'll be a key player in designing, implementing, and optimizing Microsoft Sentinel solutions for our managed services customers. You will play a critical role in ensuring our customers achieve a...

  • SIEM Analyst

    6 days ago

    Chennai, Noida, India HCLTech Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    Candidate PersonaAbility to work with very large and complex network.Self-motivated individual and creative thinker who will take ownership of tasks and projects, able to work with the team, and manages tasks effectively and has a proven track record of consist and organized outputs.The ideal candidate will demonstrate an eagerness to understand complex...

  • Administrator - Siem

    5 days ago

    Bengaluru, Karnataka, India Microland Full time

    : - **Education Qualification**: Any Graduate **Skills**: Primary -> Technology | Cybersecurity | SOC Alert Management | 3 - Experienced Primary -> Technology | Cybersecurity | SIEM-SOAR | 3 - Experienced Secondary -> Technology | Cybersecurity | End Point Security | 2 - Knowledgeable Secondary -> Technology | Cybersecurity | Vulnerability Management | 2 -...

  • Associate Sme

    18 hours ago

    Bengaluru, Karnataka, India Microland Full time

    **Required Skills**: Behavioral | Aptitude | Communication Technology | Cybersecurity | End Point Security Technology | Cybersecurity | SOC Alert Management Technology | Cybersecurity | SIEM-SOAR Technology | Cybersecurity | Vulnerability Management **Education Qualification**: Any Graduate **Certification Mandatory / Desirable**: Technology | IT Security...

  • SIEM Admin

    1 day ago

    Hyderabad, India Tata Consultancy Services Full time

    Greetings from TCS!!!!Role: SIEM AdminExperience: 4 to 12 yrs.Drive Location: Chennai, Hyderabad, Bangalore, Pune & Noida****In Person drive: 8-Nov-2025*****Job Description:- Hands-on experience with Splunk Enterprise and/or Microsoft Sentinel- Strong understanding of SIEM architecture, log ingestion, and correlation rule setup- Experience in use case...

  • SIEM Admin

    2 days ago

    hyderabad, India Tata Consultancy Services Full time

    Greetings from TCS!!!!Role: SIEM AdminExperience: 4 to 12 yrs.Drive Location: Chennai, Hyderabad, Bangalore, Pune & Noida****In Person drive: 8-Nov-2025*****Job Description:Hands-on experience with Splunk Enterprise and/or Microsoft Sentinel Strong understanding of SIEM architecture, log ingestion, and correlation rule setup Experience in use case...

  • SIEM Admin

    2 days ago

    Hyderabad, India Tata Consultancy Services Full time

    Greetings from TCS!!!!Role: SIEM AdminExperience: 4 to 12 yrs.Drive Location: Chennai, Hyderabad, Bangalore, Pune & Noida****In Person drive: 8-Nov-2025*****Job Description:Hands-on experience with Splunk Enterprise and/or Microsoft Sentinel Strong understanding of SIEM architecture, log ingestion, and correlation rule setup Experience in use case...