eClerx logo

Process Manager

eClerx

Posted about 9 hours ago

About this role

Full Time Mid-level Process Manager in healthcare at eClerx in Mumbai, Maharashtra, India. Apply directly through the link below.

At a glance

Work mode
Office
Employment
Full Time
Location
Mumbai, Maharashtra, India
Experience
Mid-level · 3+ years

Core stack

  • Infrastructure
  • Documentation
  • Optimization
  • Performance
  • Leadership
  • Compliance
  • Analytics
  • ISO 27001
  • Incident
  • Security
  • On-call
  • Python
  • Backup
  • Azure
  • Linux
  • SOLID
  • Audit
  • Bash
  • AWS
  • AI

Quick answers

  • What skills are required?

    Infrastructure, Documentation, Optimization, Performance, Leadership, Compliance, Analytics, ISO 27001, Incident, Security, and more.

eClerx is hiring for this role. Visit career page

Mumbai, India

Job Title: Security Analyst – SIEM (QRadar & LogRhythm)
Location: [Insert Location]
Department: Security Operations Center (SOC)
Reports To: SOC Manager / Information Security Manager

 

 

 

Job Summary:

We are looking for an experienced SOCC professional to manage the Security Operations Command Center team while providing strong technical leadership. The candidate must have hands-on expertise in SIEM platforms like IBM QRadar and LogRhythm, covering log integration, use-case development, alert tuning, UEBA configuration, threat detection, threat hunting, and DFIR. The role also requires solid experience with DLP tools such as Forcepoint, Symantec/Broadcom, or Microsoft Purview, including policy creation, incident analysis, and rule optimization. The SOCC Lead will oversee daily monitoring, guide analysts, drive process improvements, coordinate incident response, and ensure effective escalation and reporting across the organization.

Key Responsibilities:

  • Security Monitoring & Investigation:

    • Monitor and analyze events and alerts generated by QRadar and LogRhythm SIEM.

    • Investigate anomalies, correlated offenses, and triggered alarms using both platforms.

    • Use QNI (QRadar Network Insights) and UBA (User Behavior Analytics) for enhanced detection.

    • Conduct forensic log analysis and cross-platform correlation to determine the full attack chain.

  • Use Case Development & Tuning:

    • Develop custom detection rules, correlation logic, and alarms for both QRadar and LogRhythm.

    • Fine-tune existing use cases to reduce false positives and improve alert fidelity.

    • Apply MITRE ATT&CK mapping to SIEM use cases for comprehensive coverage.

  • Log Source Integration & Parsing:

    • Onboard new log sources (Windows, Linux, Cloud, Network Devices, Firewalls) into LogRhythm and QRadar.

    • Create and troubleshoot DSMs (Device Support Modules) and log parsing rules in QRadar.

    • Customize LogRhythm Data Indexing Policies and AI Engine rules for specific log types.

  • Incident Response & Management:

    • Investigate incidents using QRadar’s offense manager and LogRhythm’s SmartResponse automation.

    • Respond to and contain threats by integrating EDR, firewall, and SOAR actions via both platforms.

    • Track incident lifecycle from detection to closure using integrated ticketing or IR tools.

  • Threat Hunting & Analytics:

    • Perform threat hunting in QRadar using AQL (Ariel Query Language) and saved searches.

    • Use LogRhythm's Analyst Console, AI Engine, and Case Management to detect stealthy threats.

    • Enrich incidents with threat intelligence feeds and IOC lookups in both platforms.

  • Platform Optimization & Maintenance:

    • Maintain system health, conduct backup, patching, and performance tuning of QRadar and LogRhythm.

    • Configure custom dashboards, widgets, and reports for management and technical teams.

    • Conduct regular audit and gap assessments on SIEM log coverage and rule effectiveness.

  • Collaboration & Documentation:

    • Work with infrastructure and application teams to ensure full log visibility and proper event tagging.

    • Maintain detailed SOPs, incident reports, platform configuration documentation, and use case libraries.

Required Skills and Qualifications:

  • Experience:

    • Minimum 3+ years of experience in SOC operations or cyber incident response.

    • Direct hands-on experience with IBM QRadar (including QNI, UBA, AQL) and LogRhythm (AI Engine, SmartResponse, Case Management).

  • Technical Skills:

    • Deep understanding of log ingestion, normalization, and correlation rule creation.

    • Proficient in writing AQL queries in QRadar and developing AI Engine rules in LogRhythm.

    • Strong understanding of network protocols, firewall rules, endpoint security, and Linux/Windows event logs.

    • Experience in integration with third-party tools: EDRs, firewalls, cloud logs (AWS, Azure), and SOAR platforms.

  • Analytical & Communication:

    • Excellent threat analysis and root cause investigation skills.

    • Strong documentation and report-writing capabilities.

    • Effective communication with internal teams and external vendors.

  • Certifications (Preferred):

    • QRadar Certification (e.g., IBM Certified Associate Administrator – QRadar)

    • LogRhythm Certified Security Analyst (LRSA) or Admin (LRSE)

    • CISSP, CEH, GCIA, GCIH, or similar certifications are a plus.

  • Other:

    • Willingness to work in shifts and handle on-call rotation.

    • Ability to work under pressure and handle multiple incidents simultaneously.

Nice to Have:

  • Knowledge of scripting (Python, Bash, PowerShell) for automation and log parsing.

  • Experience in SOAR tools like IBM Resilient, LogRhythm SmartResponse, or similar.

  • Understanding of compliance frameworks: PCI-DSS, ISO 27001, NIST, etc.

Job details

Workplace

Office

Location

Mumbai, Maharashtra, India

Job type

Full Time

Experience

Mid-level · 3+ years

Similar

Company

Website

Visit site

Twitter

@eClerx

Jobr Assistant extension

Get the extension →