SIEM content development
1 day ago
Job Title: SIEM Content Developer
Location: Bangalore, KA (WFO)
Skills Required: Content Developer
Experience: 4-7 Years
Job Description: Minimum 4+ years of experience
- Use Case Development: Knowledge of organizational risks and threats to design relevant and effective detection rules.
- Log Sources: Understanding log formats, sources, and parsing for accurate data utilization in use cases.
- SIEM and Analytics Tools: Familiarity with platforms like Securonix, Sentinel, or Splunk to implement and monitor use cases.
- Alert Logic: Ability to define thresholds, logic, and conditions to reduce false positives and improve detection accuracy.
- Incident Response Needs: Awareness of incident response workflows to align use cases with actionable intelligence.
- Performance Metrics: Skills to create and optimize KPI/KRI reports to track detection and response performance.
- Fine-Tuning Methodology: Experience in analyzing alert data to refine use cases and adjust logic periodically. Detect and respond to company-wide security incidents, coordinating cross-functional teams to mitigate and eradicate threats.
- Incident response lead to high impact cyber security incidents
- Triage events, escalations and incidents to determine remediation and resolution actions
- Coordinate appropriate response activities across teams or directly with stakeholders to rapidly remediate potential threats
- Develop playbooks to improve processes and information sharing across teams
- Initiative and project-related support to provide Security Operations and Incident Response perspective and subject matter expertise
- Contribute technical and process improvements within the team
- Participate in current operations, on call rotation. Which includes some after-hours responsibilities and escalations.
Desired Skills:(Good to Have)
- EC-Councils Certified Incident Handler (E|CIH)
- Experience with Cloud Computing and technology
- Experience with Unix/Linux, or work relating to OS internals or file level forensics
- CISSP or related GIAC certifications
Essential Skills: (Must Have)
- Experience in Cyber Threat incident response, vulnerability research, malware analysis and exploit investigation.
- Demonstrated experience in computer security related disciplines, including but not limited to the following subject areas: software vulnerabilities and exploitation, host forensics, malware analysis, network traffic analysis, Insider Threat and web-focused security topics.
- Knowledgeable about modern security related subjects and trends, for example, Advanced Persistent Threat (APT), Spear Phishing, and credential compromise techniques
- Proven ability to drive large scale, high visibility projects with high collaboration and leadership
- Excellent judgment, decision making skills, and the ability to work under pressure
- Excellent written and oral communication skills
- Excellent presentation skills and experience of presenting to senior management
- Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies
- Develop and improve the existing EDR Specific usecases for enhanced detection.
- Analyze the TTP's of the emerging threats and co-ordinate with the EDR team to develop use cases at EDR.
- Closely co-ordinate and provide continuous support for CSIRT team in an event of a P1/P2 Security Incidents.
- Conduct a Security Incident tabletop simulation internally within SOC to gauge the process and track improvements.
- Handle BEC emails targeted against VIP users within the Organization
-
SIEM - Splunk Content Developer
5 days ago
Chennai, Tamil Nadu, India GEETHA TECHNOLOGY SOLUTIONS PRIVATE LIMITED Full time US$ 90,000 - US$ 1,20,000 per year3+ years of experience working in the field of Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk/Arc sight /QRadar/Nitro ESM/etc.Deep understanding of MITRE ATT&CK Framework.Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion...
-
Cyber Defence Specialist
3 days ago
Bengaluru, Karnataka, India beBeeCyberDefence Full time ₹ 1,50,00,000 - ₹ 2,00,00,000Job Title: Cyber Defence Specialist - SIEM Content DeveloperAbout the Role:This is a critical position in our Cyber Defence team, responsible for developing and maintaining sophisticated detection rules for our SIEM solutions. As a key member of our CSOC, you will play a vital role in enhancing our cyber security capabilities.Key Responsibilities:* Develop...
-
SIEM Engineer
3 days ago
Chennai, Tamil Nadu, India Larsen & Toubro (L&T) Full time ₹ 15,00,000 - ₹ 28,00,000 per yearCandidate will be part of the Cyber Defense Group responsible for implementing and maintaining SIEM for our customers.Candidate will be responsible for understanding the customer requirement, design, develop and implement scalable SOC management solution (SIEM) for the customer.Expertise in deployment, management and enhancement of SIEM infra.Collaborate...
-
siem - l3
5 days ago
Chennai, Tamil Nadu, India Shivsys Inc. Full time ₹ 1,04,000 - ₹ 1,30,878 per yearHi Everyone,Greetings from Shivsys Softwares.We are hiring for the below mentioned role:Job Title: SIEM – Level 3 (L3)Experience: Minimum 10 YearsLocation: Chennai (rotational shift)Strong knowledge and Minimum 10 years Hands on Experience in 3 or more areas of security like (Security Incident and Event Management (SIEM) Qradar along with SOAR & TIP:...
-
Splunk SIEM Specialist
3 days ago
Hyderabad, Telangana, India Kiya Full time ₹ 1,04,000 - ₹ 1,30,878 per yearJob Title: Splunk SIEM SpecialistPosition OverviewWe are seeking an experienced Splunk SIEM Specialist to design, implement, and manage enterprise-level SIEM solutions. The role involves end-to-end Splunk administration, log source onboarding, detection content development, and platform optimization to enhance our organizations security monitoring and...
-
SIEM Lead
4 days ago
Bengaluru, Karnataka, India Hiret Consulting Full time ₹ 1,04,000 - ₹ 1,30,878 per yearWe're Hiring: SIEM & Security Analytics Engineer – BangaloreWe are looking for a highly skilledSIEM & Security Analytics Engineerto join our growing team in Bangalore. This role is ideal for professionals with7+ years of experience in SIEM Content Engineeringwho are passionate about building and fine-tuning advanced security use cases and automation...
-
Cybersecurity Expert
5 days ago
Hyderabad / Secunderabad, Telangana, India beBeeSecurity Full time ₹ 1,40,000 - ₹ 28,00,000As a seasoned security professional, you'll take on the role of SIEM Content Management Specialist to drive our security operations forward.We are seeking a highly skilled and proactive expert to join our team. The ideal candidate will be responsible for designing, implementing, and managing custom SIEM content that supports the organization's security...
-
Administrator - Siem
2 weeks ago
Bengaluru, India Microland Full timeAdditional details **Level** - P2**Requirement location** - India - Bengaluru**Number of Position** - 1**Employment type** - ML**Cluster/Group** - Microland Delivery**Business Unit** - US**Department** - CyberSecurity - Tech CoE**Job Description**: Required Skill Technology - Cybersecurity|SIEM-SOAR Technology - Cybersecurity|SOC Alert...
-
Administrator - Siem
5 days ago
Bengaluru, India Microland Full timeAdditional details **Level** - P2**Requirement location** - India - Bengaluru**Number of Position** - 1**Employment type** - ML**Cluster/Group** - Microland Delivery**Business Unit** - APAC**Department** - SOC - Tech Ops**Job Description**: Required Skill Technology - Cybersecurity|SIEM-SOAR Technology - Cybersecurity|SOC Alert Management Technology -...
-
Siem Admin
2 days ago
Hyderabad, India Inspira Full time5+ years working with SIEM technology preferably on ArcSight/Qradar/Security Analystics Experience with system administration skill set in both Unix and Windows technologies with Integration of devises such as windows, Unix, linux IDS etc. - Installation, trouble shooting and up gradation of connectors. - Installation, implementation, troubleshooting of...
