IN-AssociateSIEMDigital IntegrationAdvisoryKolkata

PricewaterhouseCoopers

Not Interested
Bookmark
Report This Job
profile Job Location:

Kolkata - India

profile Monthly Salary: Not Disclosed
Posted on: 21 hours ago
Vacancies: 1 Vacancy
Register to Apply

Job Summary

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Microsoft

Management Level

Associate

Job Description & Summary

At PwC our people in business application consulting specialise in consulting services for a variety of business applications helping clients optimise operational efficiency. These individuals analyse client needs implement software solutions and provide training and support for seamless integration and utilisation of business applications enabling clients to achieve their strategic objectives.

As a business application consulting generalist at PwC you will provide consulting services for a wide range of business applications. You will leverage a broad understanding of various software solutions to assist clients in optimising operational efficiency through analysis implementation training and support.

*Why PWC

about us.

At PwC we believe in providing equal employment opportunities without any discrimination on the grounds of gender ethnic background age disability marital status sexual orientation pregnancy gender identity or expression religion or other beliefs perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this we have zero tolerance for any discrimination and harassment based on the above considerations.

About the Role

Werelooking for an early-career SIEM Engineer to join our Global SIEM team and help drive the next phase of our security analytics and observability journey. You will be hands-on withSplunk (Enterprise/Cloud/ES)andCribl(Stream/Edge)to onboard normalize andoptimizesecurity data while building/maintainingdetections dashboards and automations that support our SOC Threat Hunting and Incident Response teams.

Youllthrive here if you enjoy crafting robust data pipelines writing efficient SPL applying security frameworks (MITRE ATT&CK NIST) and continuously improving signal quality and time-to-detect/resolve.

Responsibilities

Platform & Data Engineering

  • Onboard new log sources (network endpoint identity cloud SaaS) intoSplunkviaCribl(Stream/Edge) ensuring secure reliable and cost-optimized ingestion.

  • Build and manageCriblpipelines(parsing shaping routing redaction filtering sampling) aligned to data retention and ingest budgets.

  • Implement and maintainSplunk data models CIM mappingssourcetypes index strategies HEC tokens and ingestion best practices.

  • Monitor andoptimizesearch performance (SPL tuning data model acceleration summary indexing KV stores lookup strategies).

Detection Content & Operations

  • Develop tune andmaintaincorrelation searchesand detections inSplunk Enterprise Security(includingRisk-Based Alerting).

  • Build operational and executivedashboards reports and analytics for SOC and leadership stakeholders.

  • Maintain runbooks field extractions (regex) data quality checks and use case documentation.

Security Mindset & Collaboration

  • ApplyMITRE ATT&CKmapping threat modeling and basic threat hunting practices to refine use cases and reduce false positives.

  • Partner closely withSOC Analysts Threat Hunters IR Cloud/SRE and Application Ownersto improve detection coverage and response workflows.

  • Contribute to purple team exercises and lessons learned to elevate controls and detections.

Required Qualifications

  • 23 yearsof hands-on experience withSplunk(Enterprise/Cloud/ES) in security logging detection engineering or SIEM operations.

  • Working knowledge ofCribl(Stream and/or Edge) for data routing transformation and optimization.

  • Solid SPL skills: joins stats/timechart eval rex transactiondatamodeltstatsmstats.

  • Familiarity withCIM data models and security-relevant log sources (EDRfirewall proxy DNS identity cloud).

  • Understanding ofcore security concepts:authentication flows network fundamentals common attack techniques andincident response basics.

  • Experience withLinux fundamentalsGit-based content management and scripting for automation (bash or Python preferred).

  • Strong communication documentation and cross-time-zone collaboration skills.

Preferred Certifications (one or more)

Equivalent or higher-level credentials are welcome.

Splunk

  • Splunk Core CertifiedPower User

  • Splunk Core CertifiedAdmin

  • Splunk Enterprise SecurityCertified Admin(nice to have)

  • SplunkCloud Admin(nice to have)

Cribl

  • CriblCertified Observability Engineer (CCOE) Stream

  • CriblCertified Observability Engineer Edge(nice to have)

Security

  • SecurityCySA orGSEC(or equivalent)

  • Familiarity withMITRE ATT&CKNIST CSF/800-53ISO 27001

Nice-to-Have Skills

  • Experience withrisk-based alerting entity analytics/UEBA or threat hunting content.

  • Cloud and SaaS logging:AWS(CloudTrail/GuardDuty/S3)Azure(Event Hub/Graph/Defender)GCP(Audit/Cloud Logging)OktaM365(Graph/Security Center).

  • Observability crossover: metrics/logs/tracesOpenTelemetry S3/object storage targets syslog/TLS HEC Kafka.

  • Familiarity withSOAR(e.g. Splunk SOAR) for playbooks and enrichment automation.

  • Knowledge ofregexYAML/JSONpipelines and API-based integrations.

  • Exposure tocompliance/reporting (PCI-DSS ISO 27001 SOC2).

Success Metrics (What Good Looks Like)

  • Time-to-Onboardnew data sources (meeting quality and CIM standards).

  • Signal Quality: reduction in false positives; improved precision/recall of detections.

  • Performance & Cost:searchlatency improvements efficient data model usage andoptimizedingest/storage.

  • Operational Excellence: documented runbooks reliable handoffs and on-time closure of engineering backlog.

  • Stakeholder Satisfactionfrom SOC/IR and platform owners.

Mandatory skill sets:Platform & Data Engineering Onboard new log sources (network endpoint identity cloud SaaS) into Splunk via Cribl (Stream/Edge) ensuring secure reliable and cost-optimized ingestion. Build and manage Cribl pipelines (parsing shaping routing redaction filtering sampling) aligned to data retention and ingest budgets. Implement and maintain Splunk data models CIM mappings sourcetypes index strategies HEC tokens and ingestion best practices. Monitor and optimize search performance (SPL tuning data model acceleration summary indexing KV stores lookup strategies).

Preferred skill sets: Develop tune and maintain correlation searches and detections in Splunk Enterprise Security (including Risk-Based Alerting). Build operational and executive dashboards reports and analytics for SOC and leadership stakeholders. Maintain runbooks field extractions (regex) data quality checks and use case documentation.

Years of experience required:2 to 5 Years

Education Qualification:B.E. / / MBA. All qualifications should be in regular full-time mode with no extension of course duration due to backlogs Splunk Core Certified Power User Splunk Core Certified Admin Splunk Enterprise Security Certified Admin (nice to have) Splunk Cloud Admin (nice to have) Cribl Cribl Certified Observability Engineer (CCOE) Stream Cribl Certified Observability Engineer Edge (nice to have)

Education (if blank degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Engineering Master of Business Administration

Degrees/Field of Study preferred:

Certifications (if blank certifications not specified)

Required Skills

SIEM Tools

Optional Skills

Accepting Feedback Accepting Feedback Active Listening Analytical Reasoning Application Software Business Data Analytics Business Management Business Technology Business Transformation Communication Documentation Development Emotional Regulation Empathy Implementation Research Implementation Support Implementing Technology Inclusion Intellectual Curiosity Optimism Performance Assessment Performance Management Software Problem Solving Product Management Product Operations Project Delivery 11 more

Desired Languages (If blank desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship

Government Clearance Required

Job Posting End Date

April 14 2026


Required Experience:

IC

Line of ServiceAdvisoryIndustry/SectorNot ApplicableSpecialismMicrosoftManagement LevelAssociateJob Description & SummaryAt PwC our people in business application consulting specialise in consulting services for a variety of business applications helping clients optimise operational efficiency. Thes...
View more view more

Key Skills

Apply Now

About Company

PricewaterhouseCoopers
Company Logo

At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 155 countries with over 284,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by vis ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click

AI AutoApply

AI Resume Builder

Create an ATS-ready CV in minutes

AI Resume Builder

AI Cover Letter

Write a personalized letter instantly

AI Cover Letter

Related Jobs

IN Data Engineer Data Integration

Match Point Solutions

profile Bengaluru

Require a Deputy Manager in Chennai

Testhiring

profile Chennai

Require an Assistant Director(EDP) in Mumbai

Testhiring

profile Mumbai

Check-in & Boarding Executive || Airport Job

Bluespirit

profile Chandigarh

Airport Check-in & Passenger Handling Staff

Bluespirit

profile Bengaluru

Boarding Gate & Check-in Staff Hiring

Bluespirit

profile Kolkata

Check-in Counter Executive || Airport Vacancy

Bluespirit

profile Pune

Check-in Executive Hiring At Airport – Freshers Apply

Bluespirit

profile Pune
  1. Home
  2. Jobs In India
  3. Jobs In Kolkata
  4. IN-AssociateSIEMDigital IntegrationAdvisoryKolkata