sales@siconsult.com

Phone: +44 (0)20 332 70699

Visit Si Engineering

SiConsult Location SiConsult Location SiConsult Location

View our
Current Vacancies

Si Careers

Si prides itself on attracting, developing and retaining the most highly skilled and experienced resources across all areas of our company operations. If you wish to apply for one of the following positions, please email your CV to careers@siconsult.com.

Si Cyber Careers

  • Job Reference Number: CYB-SA-03
    Job Title: SOC Analyst
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience.
    Job Description:

    The primary function of the Security Analyst is to analyse any incidents escalated by the Level 1 Security Engineer and undertake the detailed investigation of the Security Event. The Security Analyst shall determine whether the security event will be classified as an incident. They will be coordinating with the customer IT and Security team for resolution of the Security Incident.

    This role reports to the SOC Team Lead.

    Responsibilities
    • Escalate validated and confirmed incidents to designated incident response team
    • Notify Client of incident and required mitigation works
    • Fine-tune SIEM rules to reduce false positive and remove false negatives
    • Collect global threat intelligence and internal threats then inject actions based on analysis and recommendation
    • Proactively research and monitor security information to identify potential threats that may impact the organisation
    • Develop and distribute information and alerts on required corrective actions to the organisation
    • Learn new attack patterns, actively participate in security forums
    • Work closely with Vulnerability Management and designated incident response team
    • Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc
    • Understand the subject of Carbon Black alarms
    • Perform Ad-hoc training for L1 analysis
    • Perform threat intel research
    • Ability to run and understand Sandbox Static Analysis
    • Open and update incidents in SecurityHQ (ITSM Platform) to report the alarms triggered or threats detected. Analyst should properly include for each incident on SecurityHQ all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.
    • Track and update incidents and requests based on client’s updates and analysis results.
    Key Responsibilities:
    • Properly log client requests and change requests in SecurityHQ
    • Report infrastructure issues to Si support team
    • Review false positive alarms reported by L1 analyst
    • Submit reports to L3 and L4 analysts to fine-tune alarms and correlation rules on LogRhythm and Carbon Black
    • Review weekly reports and report findings to L3 analyst before uploading the report to SecurityHQ
    • Respond to client’s phone calls and emails
    Essential Skills:
    • Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products
    • Experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments
    • Should have expertise on TCP/IP network traffic and event log analysis
    • Knowledge and hands-on experience with LogRhythm, QRadar, Arcsight, Mcafee epo, NetIQ Sentinel or any SIEM tool
    • Knowledge of ITIL disciplines such as Incident, Problem and Change Management
    • Configuration and Troubleshooting experience on Checkpoint, Cisco, Fortigate, PaloAlto and Sonicwall firewalls would be an added advantage
    Additional Desired Skills:
    • Strong verbal and written English communication
    • Strong interpersonal and presentation skills
    • Ability to work with minimal levels of supervision
    • Willingness to work in a job that involves 24/7 operations
    Education Requirements & Experience:
    • Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree
    • Minimum of 4 to 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment
    • Certifications: CCNA, CCSP, CEH

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SA-03” in the subject header.

  • Job Reference Number: CYB-SE-04
    Job Title: SOC Engineer
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience.
    Job Description:

    We are searching for a SOC Engineer who will be responsible for monitoring, reporting, and escalating events to our SOC Analysts.

    The primary function of this position is to monitor the analytics tools and perform alert management and initial incident qualification.

    This role reports to the SOC Team Lead.

    Responsibilities:
    • Acknowledge, analyse and validate incidents triggered from correlated events through SIEM solution
    • Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
    • Collection of necessary logs that could help in the incident containment and security investigation
    • Escalate validated and confirmed incidents to SOC Analyst
    • Undertake first stages of false positive and false negative analysis
    • Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.
    • Understand the subject of Carbon Black alarms
    • Open incidents in SecurityHQ (ITSM Platform) to report the alarms triggered or threats detected. Analyst should properly include for each incident on SecurityHQ all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.
    • Track and update incidents and requests based on client’s updates and analysis results
    • Properly log client requests and change requests in SecurityHQ
    • Report infrastructure issues to the Si support team.
    • Report false positive alarms from Carbon Black and LogRhythm to L2 SOC analysts
    • Generate weekly reports from LogRhythm platform and send it to L2 SOC analysts for review
    • Other duties related to the position
    Essential Skills:
    • Knowledge and hands-on experience in management of IDS/IPS, Firewall, VPN, and other security products
    • Experience in Security Information Event Management (SIEM) tools, creation of basic co-relation rules, and administration of SIEM
    • Should have expertise on TCP/IP network traffic and event log analysis
    • Knowledge and hands-on experience in LogRhythm, QRadar, Arcsight, Novell Sentinel or any other SIEM tool
    • Knowledge of ITIL disciplines such as Incident, Problem and Change Management
    Additional Desired Skills:
    • Strong interpersonal and presentation skills
    • Ability to work with minimal levels of supervision or oversight
    • Adherence to security policies
    Education Requirements & Experience:
    • Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree
    • Minimum of 1 year of experience in the IT security industry, preferably working in a SOC/NOC environment
    • Certifications: CCNA, CCSP, CEH

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SE-04” in the subject header.

  • Job Reference Number: CYB-TE-05
    Job Title: SOC Trainee Executive
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience.
    Job Description:

    We’re searching for a Trainee Executive SOC to assist our 24×7 managed security operations center. The position would comprise the following:

    • Undergoing training for 6 months to learn security monitoring concepts, primary analysis of the logs, network concepts, handling customer calls, etc.
    • Assisting our security engineers in their day-to-day functions as detailed within the Responsibilities section of this document
    • This role reports to the SOC Team Lead.
    Responsibilities
    • Acknowledge, analyse and validate incidents triggered from correlated events through SIEM solution
    • Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
    • Collection of necessary logs that could help in the incident containment and security investigation
    • Escalate validated and confirmed incidents to SOC Analyst
    • Undertake first stages of false positive and false negative analysis
    • Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.
    • Understand the subject of Carbon Black alarms
    • Open incidents in SecurityHQ (ITSM Platform) to report the alarms triggered or threats detected. Analyst should properly include for each incident on SecurityHQ all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.
    • Track and update incidents and requests based on client’s updates and analysis results
    • Properly log client requests and change requests in SecurityHQ
    • Report infrastructure issues to the Si support team.
    • Report false positive alarms from Carbon Black and LogRhythm to L2 analysts
    • Generate weekly reports from LogRhythm platform and send it to L2 for review
    • Other duties related to the position
    Essential Skills:
    • Certifications: CCNA
    • Should have knowledge in Linux and Windows.
    Additional Desired Skills:
    • Certifications: CCNA Security
    • Good communication skills
    • Good analytical skills
    • Quick learner
    • Team player
    Education Requirements & Experience:
    • B.E., MCA, BCA, or University degree equivalent
    • No required work experience in the IT security industry

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-TE-05” in the subject header.

  • Job Reference Number: CYB-SC-06
    Job Title: Security Consultant
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience.
    Job Description:

    An Si Security Consultant is responsible for analysing client network security architecture to determine the ideal security threat landscape for a proposed product. The Consultant will act as team lead & manage security engineers who are working on security device migration, optimisation & implementation.

    Responsibilities:
    • Ability to work independently and confidently on single or multiple projects
    • Manage security engineers’ team
    • Plan, research and design robust security architectures for any IT project
    • Data center security consulting for NGFW, NGIPS, WAF, network DLP, SSL offload, Load balancer
    • Planning & designing for firewall migration, optimisation & new implementation
    • Prepare security design document – CRD, HLD, LLD, migration & implementation plan
    • Help OEM to run POC & conduct post POC presentation
    • Interview security staff and heads of departments to determine specific security issues & provide the appropriate solution
    Essential Skills:
    • Hands-on experience on Firewall migration projects
    • Hands on experience on firewall like ASA, Juniper, Palo Alto, FortiGate
    • Technically good in IPSEC tunnel creation and troubleshooting
    • Knowledge of any Remote access VPN, Clientless VPN, NAT and ACL
    • Knowledge of next generation features like threat intelligent, threat prevention, content filtering, DLP, user-identification
    • In-depth knowledge of OSI Layers, Internet Protocol, TCP/IP
    • Ability to work independently and confidently
    • Visio & MS presentation skills
    • Excellent problem solving, analytical & communication skills
    • Solid communication skills and expertise to translate technical jargon into business familiar language
    • Communicate effectively with customers, team-members, and management

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SC-06” in the subject header.

  • Job Reference Number: CYB-SM-08
    Job Title: Security Operations Center (SOC) Manager
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience.
    Job Description:

    We are looking for a Manager for our Global Security Operations Center (SOC), with minimum 10+ years’ experience in information security with good team management experience.

    Responsibilities:
    • Direct the functions, processes, and operations of the SOC and ensures policies and procedures and objectives align with client goals
    • Lead the operations of the SOC to ensure optimal identification/resolution of security incidents, and enhance client security
    • Manage the collection, documentation and research of security incidents received via the SOC
    • Monitor key performance indicators, determine gaps in performance metrics, and recommend/execute change management techniques for efficiency/quality improvements
    • Oversee the monitoring, identification and resolution of security incidents to detect threats through analysis, investigations and prioritization of incidents based on risk/exposure
    • Manage outsourced and in-house SOC services for quality performance and fulfillment of Service Level Agreements (SLAs)
    • Develop and maintain an incident response management program that includes incident detection, analysis, containment, eradication, recovery and chain of evidence/ forensic artifacts required for additional investigations.
    • Develop, maintain, and submit SOC compliance reports as required by the client
    • Develop appropriate response strategies based on intelligence received
    • Communicate threats to Senior Management which may impact the client
    • Analyze applications functionality and new technologies to optimize effective/efficient incident review by staff and minimize client risk
    • Conduct scheduled and ad hoc training exercises to ensure staff are current with the latest threats and incident response techniques
    • Oversee and develop strategies to identify, detect, and prevent fraudulent activity
    • Perform supervisory/managerial responsibilities
    • Ensure adequate/skilled staffing; select employees
    • Establish performance goals and priorities
    • Develop, mentor and counsel staff
    • Ensure efficiency of operations
    Essential Skills:
    • Hands on experience on one of the SIEM tools such as LogRhythm, QRadar, Splunk, ArcSight and others
    • Hands on experience on various security products such as Firewalls, IDS/IPS (network and host based), VPN, VLAN, Routers, Switches, content filtering, spam filters, etc.
    • Strong working knowledge of operating systems security for Windows, Linux, Solaris, AIX, etc
    • Strong working knowledge of hacking tools and techniques
    • Strong experience in Incident Management cycle
    • At least 10+ years of IT Security experience with 5+ years of management experience
    Additional Desired Skills:
    • Strong interpersonal, customer handling and presentation skills
    • Strong written and verbal communication skills
    • Ability to work with minimal levels of supervision or oversight
    • Security policies to be adhered to
    Education Requirements & Experience:
    • Education: BE/MCA or University degree
    • Experience: Candidates should have at least 10 years of experience working in SOC environment. Experience in SIEM implementation & administration, experience in device management is a must
    • Certifications: CISSP, CISM, CCSP, GCIH, CCIE R&S or CCIE Security

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SM-08” in the subject header.

  • Job Reference Number: CYB-SA-09
    Job Title: System Administrator -  Linux
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience
    Job Description:

    We are looking for a Linux System Administrator to join our Security Operation Center team in Pune, India. This position reports to the SOC Admin Lead.

    Responsibilities:
    • Continuous monitoring of UNIX (Linux, AIX, SUN & HP) servers and resolving the system related issues if any occurred as 24/7 production support
    • Managing User / Group Administration
    • Creating file systems, disk partitioning and troubleshooting
    • Configuring & trouble shooting NFS, NIS and DNS services
    • Troubleshoot and resolve complex systems hardware and software issues
    • Communicate with vendors on any type of un-resolved issues such as hardware failures, related to newly released updates
    • Analyze and diagnose system failures and recover and restore operating systems and file systems
    • Monitor system availability, load, and system capacity
    • Schedule and execute regular system management activities, including system reboot, backup, recovery, patching (OS & Firmware level), archiving, and restoration
    • Working on console management in case of server reboots / maintenances / boot-issues
    • Visio and general documentation skills
    • Security policies to be adhered to
    Essential Skills:
    • Linux (Suse , Redhat), IBM-AIX , Sun Solaris & HP-UX
    • Veritas Netback ex.net backup
    • Solaris/Linux shell scripting (Bash and Korn)
    Additional Desired Skills:
    • Needs to be hands on with technical skills
    • Experience configuring and supporting Apache and Tomcat
    • Experience supporting and troubleshooting Java based applications
    • Excellent problem solving skills
    • Experience Ticketing Management system
    • Strong verbal communication skills
    • Good interpersonal skills
    • Project Management Experience
    • Worked for major software or networking Product Company
    Education Requirements & Experience: BE IT or Computer Science/B Tech, 3 to 5 years, Linux Certified Engineer, IBM Certified System Administrator, Sun certified system administrator

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SA-09” in the subject header.

  • Job Reference Number: CYB-SA-10
    Job Title: System Administrator -  Linux
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience
    Job Description:

    We are looking for a Windows / Exchange System Administrator to join our Security Operation Center team in Pune, India. This position reports to the SOC Admin Lead.

    Responsibilities:
    • Analyzing, planning, testing, and implementation of Messaging application software
    • Support high availability technologies
    • Performing root cause analysis and providing recommendations to improve efficiencies and resolve problems
    • Resolving problems with Messaging systems and technologies
    • Escalating problems to vendors
    • Maintenance of disaster recovery solutions
    • Documenting system uptime and usage metrics
    • Maintaining documentation of processes, procedures, troubleshooting guides and change management logs
    • Flexible to work overtime as required
    • Security policies to be adhered to
    Essential Skills:
    • MS Windows 2003, 2008 (+Active Directory)
    • MS Exchange 2003, 2007
    Education Requirements & Experience:
    • 3-5 years of experience in following
    • Bachelors degree and/or equivalent combination of education, training and experience
    • Strong expertise (3-5 years) in Messaging systems
    • Proven troubleshooting abilities
    • Specific messaging experience including:
      • Expertise in Microsoft Exchange Server 2003/2007 (to include monitoring, clustering, backup/restore, and attached storage)
      • Strong understanding of message routing technologies
    • Experience with SMTP gateway tools and appliances is preferred
    • Good working knowledge of Active Directory
    • Understanding of Outlook Web Access (OWA)
    • Strong knowledge of Windows 2003, 2008 and XP
    • Strong planning and analysis skills
    • Strong documentation skills

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SA-10” in the subject header.

  • Job Reference Number: CYB-SA-11
    Job Title: SOC Analyst – Level 3
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience
    Job Description:

    The primary function of an L3 Analyst is to ensure that the SOC team is performing its functions as required and to trouble shoot problematic incidents and events. In summary, the L3 Analyst shall also act as the technical SME and shall report technically to the L4 Analyst.

    Responsibilities:
    • Work collaboratively with Account Manager for Client relations
    • Track incident detection and closure
    • Execute risk hunting activities
    • Undertake forensic investigations
    • Act as subject matter expert and expert witness where required
    • General intelligence advisories and delegate intelligence aggregation tasks to L2
    • Generate new use cases for emerging threats
    • Conduct incident response coordination with customer
    • Validation of security incidents
    • Conduct audits of logging and correlation
    • Conduct monthly security use case review and correlation audits
    • Use of sandbox, honeypot, analytics tools and security testing
    • Escalation management
    • Ensure process compliance
    • Ensure quality of investigations and notification and direct L2 and L1 accordingly
    • Report deviations to SOC manager and L4
    • Ensure SLA compliance for projects within remit
    • Perform deep analysis to security incidents to identify the full kill chain
    • Set up weekly meeting to review the weekly reports with the client
    • Respond to clients’ requests, concerns and suggestions
    • Act as subject matter expert for different clients
    • Provide knowledge to L1 and L2 such as guides, cheat sheets etc
    • Follow up with the recommendations to the client to contain an incident or mitigate a threat
    • Conduct presentations and updates to the client
    • Respond to incident escalations and provide solid recommendations
    • Update aging incidents and requests
    • Track SOC performance in terms of SLAs and incident quality
    • Review vulnerability assessment reports with the client and provide necessary recommendations
    • Configure and maintain vulnerability scanners policies and reports
    • Conduct threat hunting exercises on LogRhythm and CB platforms
    • Conduct penetration testing on web applications, mobile applications, servers (Windows/Linux) and wireless infrastructure
    • Develop and improve processes for monitoring and incident qualification
    • Perform quarterly evaluation for L1 and L2 analysts and report feedback to SI management
    • Participate in professional services (internal and external penetration testing, wireless assessments, web and mobile application assessments, firewall and server security audits, social engineering exercises, security awareness programs etc.)
    • Perform threat intelligence analysis and investigations. Search on the dark web and use other platforms such as RF to identify intelligence indicators or threats for a specific client
    • Create reports for threat intelligence as a service
    Essential Skills:
    • Experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments
    • Should have expertise on TCP/IP network traffic and event log analysis
    • Knowledge and hands-on experience with LogRhythm, QRadar, Arcsight, Mcafee epo, NetIQ Sentinel or any SIEM tool
    • Knowledge of ITIL disciplines such as Incident, Problem and Change Management
    • Configuration and Troubleshooting experience on Checkpoint, Cisco, Fortigate, PaloAlto and Sonicwall firewalls would be an added advantage
    • Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products
    Additional Desired Skills:
    • Strong verbal and written English communication
    • Strong interpersonal and presentation skills
    • Ability to work with minimal levels of supervision
    • Willingness to work in a job that involves 24/7 operations
    Education Requirements & Experience:
    • Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree
    • Minimum of 8 to 10 years of experience in the IT security industry, preferably working in a SOC environment
    • Certifications: GCIH, CCNA, CCSP, CEH

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SA-11” in the subject header.

  • Job Reference Number: CYB-SOCA-13
    Job Title: SOC Admin – Level 1
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience
    Job Description:

    We’re searching for a SOC Admin Level 1 to assist our 24×7 managed security operations center. The position would comprise the following:

    • Perform monitoring
    • Carry out health checks
    • Raise tickets for SOC Admin activities and incidents
    Responsibilities:
    • Having fair knowledge of SIEM, FIM, IPS, network devices and TCP/IP model
    • Good verbal/written communication skills
    • Health Check: ArcSight ESM, Loggers, ArcMC, IPS, Tripwire and Checkpoint
    • Evidence collection for audits and basic documentation for records.
    • Raising tickets for SOC Admin activities and incidents at ticketing tool
    • Helping L2 and L3 with details and basic documentations
    • Co-ordination with SOC Monitoring team on basic troubleshooting and highlighting it to L2 for further resolution
    • High level of ethics, ability to protect confidential information
    Essential Skills:
    • Experience in basic level SIEM administration and basic event flow architecture
    • Understanding of Firewall, IDP/IPS, SIEM functioning (generalize HLD).
    • Knowledge of network protocols TCP/IP
    • Team spirit and working ideas to get understand initial level of issue
    • Good verbal/written communication skills
    Additional Desired Skills:
    • Excel
    • Documentation
    • Quick response
    • Ready to work in 24x7 environments
    Education Requirements & Experience:
    • BE/B.Tech – CS/CSE or Equivalent trade, CCNA
    • Experience Level : 0-1 Years

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SOCA-13” in the subject header.

  • Job Reference Number: CYB-SOCA-14
    Job Title: SOC Admin Level 2
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience
    Job Description:

    We’re searching for a SOC Admin Level 2 Engineer to assist our 24×7 managed security operations center. The position will comprise the following:

    • Reporting
    • Troubleshooting issues occurred on daily health check
    • Creating change request tickets for SOC admin activities, issues and incidents.
    Responsibilities:
    • Having good knowledge on SIEM, FIM, IPS, Network devices and TCP/IP model, Ports and Incident analysis.
    • Good verbal/written communication skills.
    • Review of daily health Check: LogRhythm, QRadar and their components.
    • Data Archiving and backup and data purging as per need and compliance.
    • Evidence collection for audits and documentation of all activities performed and recorded.
    • Raising Change management tickets for SOC Admin activities and incidents at ticketing tool.
    • Helping L3 and assisting L1 with required knowledge base details and basic documentations.
    • Co-ordination with L1 and SOC Monitoring team on troubleshooting issues and highlighting it to L3 for further resolution and escalation.
    • High ethics, ability to protect confidential information.
    • Also creation active channels, reports, lists, filters, modifying the rules (fair knowledge) and dashboard.
    • Building of incident reports, check if SLA has been met for Incident alerting and Incident closure.
    • Update and maintain SOC knowledge base for new security incidents and docs.
    • Creation of daily status report sheet and submit to SOC Admin lead for review.
    • Provide analysis and trending of security log data from a large number of security devices.
    • Troubleshooting non-reporting devices and maintain device status
    • Firewall rules review and check and sanitizing the rules wrongly configured.
    • Configuration of policies on security devices with reports notification dashboards and alerts.
    • Working with OEM (Tool support) in a way to resolve the issue or incident raised.
    • Deep knowledge of understanding of configuring Connectors, agents and Sensors for SIEM, FIM and IPS and troubleshooting.
    • Working with third party tools is a plus.
    • Good knowledge on Linux commands
    Essential Skills:
    • Escalation point for L1 and SOC Monitoring team.
    • Handsome experience in SIEM administration and Event flow architecture and different types of logs generated by devices like Windows, Proxy, Network Devices, Database…etc.
    • Good understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD).
    • Deep understanding of Windows, DB, Mail cluster, VM and Linux commands.
    • Knowledge of network protocols TCP/IP and ports.
    • Team Spirit and working ideas heading to resolution of issues.
    • Good verbal/written communication skills.
    • Tools: Good knowledge on:
    • SIEM (LogRhythm, QRadar, ArcSight)
    • FIM (TripWire)
    • IPS/IDS (IBM, CISCO)
    • Firewall (CheckPoint, Cisco ASA, PA)
    Additional Desired Skills:
    • Excel, formulation
    • Documentation and presentation
    • Quick response on issues and mail with prioritization
    • Ready to work in 24x7 environment
    Education Requirements & Experience:
    • BE/B.Tech – CS/CSE or Equivalent trade, CCNA, Admin Analyst Certification
    • System Security Certification
    • CEH will be a plus
    • Experience Level: 1-3 Years

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SOCA-14” in the subject header.

  • Job Reference Number: CYB-SC-15
    Job Title: Security Consultant
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience
    Job Description:

    We are looking for an experienced security professional for our 24x7 managed security operations center to work as a Security Consultant. The candidate will be responsible for monitoring & analyzing security events, reporting and escalating events.

    Responsibilities:
    • Monitor & Analyse security events for suspicious traffic
    • Follow-up with customers & vendors to resolve open issues
    • Network & Security device management (administration and configuration tasks)
    • Working in SOC and keeping track of day to day security operations.
    • Review reports and ensure compliance to security policies and SLAs as applicable.
    • Perform in-depth analysis of events and logs for detecting malicious applications and network activity, common attack techniques that compromise hosts, detecting and analyzing system and network vulnerabilities and continuous process improvement by discovering the root causes of incidents
    • Work to resolve major security incidents in conjunction with respective resolver groups. Experience configuring security incident and event management tools including creating event filtering and correlation rules and reports.
    • Ability to work with customer and product specialists to weed out false positives and improve efficiency of the security operations
    • Creation of knowledge base which will be used by SOC analysts for performing their roles.
    • Development of customised use cases based on the applicable threats to client infrastructure.
    • Creation of ad-hoc reports and Dashboards as per customer requirements
    • Leading team of SOC Analyst/Operation team
    Essential Skills:
    • Knowledge & hands-on experience in management of IDS/IPS
    • Firewalls, VPN, and other network & security products
    • Experience in security Information event management (SIEM) tools such as Arcsight, Mcafee epo, Qradar or any other tools
    • Creating basic & advanced co-relation rules
    • Should have expertise on TCP/IP network traffic and event log analysis,
    • Knowledge of ITIL disciplines such as Incident, Problem and Change Management
    • In-depth knowledge of OSI Layers, Internet Protocol, TCP/IP
    • Ability to work independently and confidently
    • Visio & MS presentation skills
    • Excellent problem solving, analytical & communication skills
    • Solid communication skills and expertise to translate technical jargon into business familiar language
    • Communicate effectively with customers, team-members, and management
    Additional Desired Skills:
    • Strong verbal and written English communication
    • Strong interpersonal and presentation skills
    • Ability to work with minimal levels of supervision
    • Experience in vulnerability analysis and management would be an added advantage.
    • Experience in SIEM implementation & administration, experience in device management is desirable
    • Experience in Incident Response and Forensics
    Qualifications:
    • Educational qualification: BE/MCA or University degree
    • Candidates should have at least 6-10 years of experience working in SOC environment
    • Certifications required - CCNA
    • Certification Desired: CCSP, CEH

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SC-15” in the subject header.

  • Job Reference Number: CYB-SDM-16
    Job Title: Security Consultant
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience
    Job Description:

    We are looking for an experienced security professional for our 24x7 managed security operations center to work as a Service Delivery Manager.

    Skills Required:
    • Vulnerability/Patch management experience
    • Detailed involvement with security incidents
    • Experience in the development and implementation of an SDLC or Penetration Testing program
    • Understand regulations and governmental initiatives impacting the technology environment and systems, work with appropriate teams to ensure proper understanding of potential gaps, and propose strategic but practical response policies, plans, and projects
    • Develop, oversee, and drive the execution of remediation and corrective action plans for the department as they pertain to information and technology risk management issues.
    • Assist with development of annual and monthly budget development and monitoring
    • Perform threats and vulnerability assessment and provide subject matter expertise on appropriate threats mitigation
    • Work to prioritize security initiatives and spending considering needs in the light of evolving cyber threats
    • Identify appropriate goals, objectives and metrics consistent with corporate strategic plan. Manage the development and implementation of global security policy, standards, procedures and work instructions to ensure ongoing maintenance of security
    • Oversee key IS defense elements including network security architecture, network access and monitoring policies
    • Oversee execution of approved information security project plans and provide regular status reporting on progress of such projects
    • Contribute to the identification and development of enterprise-wide security requirements based on industry experience and best practices
    • Develop appropriate metrics (key risk and performance indicators) to measure the IS program and related process
    • Provide security consulting to technology, operations and business on an ongoing basis
    • Subject matter expert in software / application security (including understanding of OWASP top 10, static/dynamic code analysis)
    • Subject matter expert in Vulnerability Management and Incident Response Process and related forensics requirements
    Additional Skills:
    • Provide overall Information Security related subject matter expertise
    • Demonstrated ability to work independently and within a team
    • Demonstrated mastery of key Information Security technical disciplines and tools, with a preference for expertise in secure application design or incident management and forensics
    • Work directly with Information Security Group enterprise
    Education Requirements & Experience
    • Education: MS in IT/ BE/ B. Tech
    • Bachelor's degree in engineering, computer science, or a related field with minimum of 10 years of experience
    • Certified Information System Security Professional (CISSP) or Certified Information Security Manager (CISM) certification preferred; Knowledge of SIEM, IPS/IDS, VPN, Vulnerability Scanner, Active Directory, Malware Analysis, Penetration Testing, UNIX/Linux, Incident Response, Firewalls and APT Methodologies
    • Membership with FS-ISAC, US-CERT and other relevant technological knowledge sharing forums
    • Knowledge of ISO27001/ISO31000, NIST 800-53 and similar standards is preferred
    • Minimum 8 - 10 years’ experience in IT security industry
    • Prior information security and risk management experience, preferably with experience in secure applications development or incident response and forensics
    • Project Management experience
    • Experience in a combination of business analysis, systems, business continuity planning and financial services
    • Broad IT knowledge specifically in areas of information security, risk management and IT audit
    • Strong communication and negotiation skills
    • Strong analytical and problem-solving skills
    • Ability to work with all levels within the organization

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SDM-16” in the subject header.

  • Job Reference Number: CYB-SOCA-19
    Job Title: Security Analyst – SOC Administration Team
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience
    Job Description:

    We are looking for a Security Analyst for our SOC Administration team that will:

    a) Monitor, maintain and troubleshoot health related issues relating to the SOC Tools
    b) Onboarding and troubleshooting of the devices and non-reporting devices
    c) Lead and guide a team of Security Engineers on shift for resolution of incident tickets raised in the shift

    Responsibilities:
    • Good knowledge of SIEM, SIEM Architecture, SIEM health check.
    • Good verbal/written communication skills.
    • Review of daily health check of SIEM components like collector, processor, console etc.
    • Data archiving and backup and data purging as required and for compliance
    • Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM etc.
    • Helping L3 and assisting L1 with required knowledge base details and basic documentations.
    • Co-ordination with L1 and SOC Monitoring team on troubleshooting issues and highlighting it to L3 for further resolution and escalation.
    • High ethics, ability to protect confidential information.
    • Work on fine tuning of correlation rules, creation of monitoring dashboards and filtering of traffic.
    • Building of incident reports, check if SLA has been met for incident alerting and incident closure.
    • Update and maintain SOC knowledge base for new security incidents and docs.
    • Creation of daily status report sheet and submit to SOC lead for review.
    • Review advisories and make necessary detection measures.
    • Troubleshooting non-reporting devices and maintain device status.
    • Working with OEM (Tool support) in a way to resolve the issue or incident raised.
    • Administration of Windows Servers on which the tools have been installed.
    Tools:
    • Good knowledge of:
    • SIEM – Architecture, working of different components
    • Availability tools like Nagios, PRTG etc
    • Windows Server Administration
    • Linux Server administration
    Essential Skills:
    • Escalation point for L1 and SOC Monitoring team.
    • Good experience in SIEM administration and event flow architecture and different types of logs generated by devices like Windows, Proxy, Network Devices, Database…etc.
    • Good understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD).
    • Deep understanding of Windows, DB, Mail cluster, VM and Linux commands.
    • Must have knowledge of onboarding different devices into SIEM
    • Knowledge of network protocols TCP/IP and ports.
    • Team spirit and working ideas heading to resolution of issues.
    • Good verbal/written communication skills
    Additional Skills:
    • Excel, formulation
    • Documentation and presentation
    • Quick response to issues and mail with prioritization
    • Ready to work in a 24x7 environment
    Education Requirements & Experience
    • BE/B.Tech – CS/CSE or equivalent trade, CCNA, MSCE.
    • SIEM tool Certification
    • CEH will be a plus
    • Experience Level: 2-4 Years

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SOCA-19” in the subject header.

  • Job Reference Number: CYB-SE-20
    Job Title: Security Engineer – SOC Administration Team
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience
    Job Description: We are looking for a resource to support our SOC Administration Team for with the following Activities

    a) Monitor and maintain the health of the SOC Tools
    b) Raise tickets with the vendors for issues faced by the SOC tools
    Responsibilities:
    • Have fair knowledge on SIEM, FIM, IPS, network devices and TCP/IP model.
    • Good verbal/written communication skills
    • Health Check of the SOC tool, like SIEM, Availability Monitoring tools.
    • Maintaining the SOC infrastructure
    • Raising tickets for SOC Admin activities and incidents at ticketing tool.
    • Basic Troubleshooting of log sources and devices that are not sending logs
    • Write SOP for the SOC administration Level 1 activities.
    • Work on Projects as assigned by the SOC Manager.
    • Helping L2 and L3 with details and basic documentations.
    • Co-ordination with SOC Monitoring team on basic troubleshooting and highlighting it to L2 for further resolution.
    • High ethics, ability to protect confidential information
    Essential Skills:
    • Experience in basic level SIEM administration and basic event flow architecture.
    • Understanding of SIEM functioning.
    • Knowledge about Windows Administration or Linux Administration
    • Knowledge of network protocols TCP/IP.
    • Team spirit and working ideas to get initial level of issue understanding.
    • Good verbal/written communication skills
    Additional Desired Skills:
    • Excel
    • Documentation
    • Quick response
    • Ready to work in 24x7 environments
    Education Requirements & Experience
    • BE/B.Tech – CS/CSE or equivalent trade, CCNA, MSCE, RHCE
    • Experience Level: 0-2 Years

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SE-20” in the subject header.

  • Job Reference Number: CYB-SC-21
    Job Title: Security Consultant-  SOC Administration Team
    Si Business Division: Si Cyber
    Location: Pune, India
    Salary/Package: Negotiable depending on experience
    Job Description: We are looking for a Security Consultant to work in our SOC Administration Team to perform the following duties:

    a) Handle team of Security Analyst and Security Engineer
    b) Make sure the health of the SOC tools are always in green
    c) Make sure internal incident tickets and vendor tickets for SOC tools are resolved
    d) Setup and Configuration of SIEM
    e) Onboarding of log sources
    Responsibilities:
    • Good knowledge of SIEM, SIEM Architecture, SIEM health check.
    • Deployment of SIEM in customer environment.
    • Audit the SIEM in the customer environment.
    • Troubleshoot issues regarding SIEM and other SOC tools.
    • Good verbal/written communication skills.
    • Build of use case for the customer.
    • Data archiving and backup and data purging configuration as per need and compliance.
    • Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc.
    • Helping L2 and L1 with required knowledge base details and basic documentations.
    • Co-ordination with L2 and SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation.
    • High ethics, ability to protect confidential information.
    • Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis.
    • Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure.
    • Update and maintain SOC knowledge base for new security incidents and docs.
    • Creation of daily status report sheet and submit to SOC manager for review.
    • Review advisories and make necessary detection measures.
    • Provide analysis and trending of security log data from a large number of security devices.
    • Troubleshooting non-reporting devices fix and maintain device status.
    • Working with OEM (Tool support) in a way to resolve the issue or incident raised.
    • Administration of Windows and Unix servers
    • Building Parser for the SIEM using regex
    Essential Skills:
    • Escalation point for L2 and Soc Monitor team.
    • Ability to drive call and summarizing it post discussion.
    • Handsome experience in SIEM administration and Event flow architecture and different types of logs generated by devices like Windows, Proxy, Network Devices, Database…etc.
    • Good Understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD).
    • Deep understanding on Windows, DB, Mail cluster, VM and Linux commands.
    • Knowledge of network protocols TCP/IP and ports.
    • Team Spirit and working ideas heading to resolution of issues.
    • Good verbal/written communication skills
    Additional Desired Skills:
    • Excel
    • Documentation
    • Quick response
    • Ready to work in 24x7 environments
    Qualifications:
    • BE/B.Tech – CS/CSE or Equivalent trade, CCNA, Admin Analyst Certification.
    • System Security Certification.
    • CEH will be a plus.
    • Ground level experience with SOC Monitoring tasks and analytics and reporting.
    • SIEM administration Certificate
    • Experience Level: 4-6 Years.

    To apply for this position, please email your CV to careers@siconsult.com using reference “CYB-SC-21” in the subject header.

 

Click the job titles to open and close the tabs

Register and stay up to date with Si’s Cyber Intelligence

By using this form you agree with the storage and handling of your data by this website.

Interested in our services?

Do you have a question or need more information?

We would like to hear from you! Please complete the form below and a representative from Si will follow up with you as soon as possible.

Leave this empty:

By using this form you agree with the storage and handling of your data by this website. Please view the terms of our policy here.
Close

Al Barsha Business Point, Office 501, Al Barsha One, P.O. Box 283996, Dubai, UAE

CALL OFFICE EMAIL OFFICE
Close

1st Floor, 6 Bevis Marks, London, EC3A 7BA

CALL OFFICE EMAIL OFFICE
Close

Supreme Headquarters Building, Office 807-810, Survey No. 36, Pune-Bangalore Highway, Baner, Pune 411045, India

CALL OFFICE EMAIL OFFICE
Close

Office 808, Tower II, The Gate Mall, West Bay, Doha, Qatar, PO Box 14023

CALL OFFICE EMAIL OFFICE

Thank you for your enquiry. We will be in touch shortly.

Thank you for signing up to Si news.

Thank you for your download request. We will email it shortly.

Thank you for your partner registration application. We will be in touch shortly.

Thank you for your enquiry. We will be in touch shortly.

Thank you for your download request. We will email it shortly.

Thank you – your request has been submitted and you will be contacted within 24 hours.

Thank you – your request has been submitted and you will be contacted within 24 hours.

Thank you – your interest in this has event has been submitted and you will be contacted within 24 hours.