Talent.com
This job offer is not available in your country.
SIEM Administrator

SIEM Administrator

ColorTokens Inc.Bengaluru, Karnataka, India
2 days ago
Job description

Job Title : Platform Administrator – NextGen SIEM

Location : Bangalore (on site)

Experience Level : 8+ years

About ColorTokens

At ColorTokens , we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen—but with our cutting-edge ColorTokens Xshield™ platform , companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to continue operating while breaches are contained, ensuring critical assets remain protected.

Our innovative platform provides unparalleled visibility into traffic patterns between workloads, OT / IoT / IoMT devices, and users, allowing businesses to enforce granular micro-perimeters, swiftly isolate key assets, and respond to breaches with agility. Recognized as a Leader in the Forrester Wave™ : Microsegmentation Solutions (Q3 2024) , ColorTokens safeguards global enterprises and delivers significant savings by preventing costly disruptions.

Join us in transforming cybersecurity. Learn more at www.colortokens.com .

Our culture

We foster an environment that values customer focus, innovation, collaboration, mutual respect, and informed decision-making. We believe in alignment and empowerment so you can own and drive initiatives autonomously.

Self-starters and high-motivated individuals will enjoy the rewarding experience of solving complex challenges that protect some of world’s impactful organizations - be it a children’s hospital, or a city, or the defense department of an entire country.

Company Overview :

ColorTokens is a fast-growing cybersecurity product company that is redefining the way enterprises protect their digital assets. Our market-leading Xshield platform enables Zero Trust microsegmentation and real-time visibility into application traffic, ensuring robust protection against modern cyber threats. We are looking for passionate and driven individuals to join our mission in building cutting-edge security products.

Position Overview :

Colortokens is seeking a highly skilled and motivated Platform Administrator to manage, maintain, and optimize our NextGen Security Information and Event Management (SIEM) platform . The ideal candidate will oversee the day-to-day operations, ensure seamless integration of customer log sources, security tools, and provide robust support to the security operations team. This role requires a strong technical background, hands-on experience with SIEM platforms, and a proactive approach to enhancing security posture.

Key Responsibilities :

SIEM Platform Administration

  • Deploy, configure, and maintain the NextGen SIEM platform (e.g., Stellar Cyber, Splunk, Sentinel, QRadar, Chronicle, Exabeam etc).
  • Perform regular updates, patches, and upgrades to ensure platform security and functionality.
  • Monitor platform health, performance, and availability, ensuring optimal uptime.

Log Source Management

  • Onboard new log sources, ensuring proper data ingestion and parsing from various environments (endpoints, servers, cloud platforms, applications).
  • Troubleshoot and resolve issues related to log ingestion, parsing, and formatting.
  • Maintain log retention policies in alignment with compliance requirements.

    • Rule and Use Case Management

  • Develop, deploy, and fine-tune detection rules, correlation use cases, and alerts.
  • Continuously update use cases based on emerging threats, business needs, or compliance mandates.
  • Collaborate with SMEs and SOC analysts to refine detection capabilities and reduce false positives.

    • Integration and Automation

  • Integrate the SIEM platform with other security tools (EDR, microsegmentation solution, vulnerability scanners, etc.).
  • Design and implement automation workflows for incident detection, investigation, and response.

    • Platform Security and Compliance

  • Enforce platform access control policies, ensuring role-based access and least privilege principles.
  • Ensure the SIEM adheres to regulatory compliance standards (e.g., SOC2, ISO 27001).
  • Conduct regular audits and ensure the platform is free of vulnerabilities.

    • Collaboration and Support

  • Work closely with SOC analysts, threat hunters, and engineers to align the SIEM capabilities with security goals.
  • Provide technical support to users of the SIEM platform.
  • Offer training and documentation for security teams on effective SIEM usage.
  • Be available round the clock in case of any incidents with the platform

    • Performance Monitoring and Optimization

  • Monitor and optimize storage and indexing performance.
  • Proactively identify bottlenecks and improve platform scalability.
  • Generate reports on platform performance and alerting effectiveness.

    • Incident Support

  • Assist the SOC team with root cause analysis and advanced investigations.
  • Ensure forensic data is readily available during incident response.

    • Education and Certifications :

  • Bachelor's degree in computer science, Information Security
  • Relevant certifications such as Splunk Certified Admin, Microsoft Certified : Security Operations Analyst Associate, QRadar Certification, or similar NextGen SIEM certifications are highly desirable along with CISSP

    • Experience :

  • 8+ years of experience in managing SIEM platforms (traditional or NextGen).
  • Strong hands-on experience with at least one NextGen SIEM platform (e.g., Stellar Cyber, Splunk, Sentinel, Chronicle, Exabeam).
  • Experience with log management, rule creation, and data onboarding.
  • Familiarity with scripting languages (e.g., Python, PowerShell) for automation.

    • Technical Skills :

  • In-depth understanding of log formats, protocols (e.g., Syslog, JSON, XML), and data pipelines.
  • Proficiency in querying languages (e.g., KQL, SPL, AQL).
  • Experience integrating SIEMs with security tools like EDR, SOAR, NDR, and threat intelligence platforms.
  • Knowledge of security frameworks such as MITRE ATT&CK, NIST, or CIS.

    • Soft Skills :

  • Strong analytical and troubleshooting skills.
  • Excellent verbal and written communication skills.
  • Ability to work collaboratively in a fast-paced environment.

    • Preferred Skills :

  • Familiarity with cloud-based security solutions (e.g., AWS, Azure, Google Cloud).
  • Experience in implementing machine learning or anomaly detection in SIEM use cases.
  • Exposure to SOAR tools (e.g., Palo Alto Cortex XSOAR, Splunk Phantom).

    • Key Metrics for Success :

  • Uptime and performance of the SIEM platform.
  • Number of new log sources and use cases onboarded.
  • Reduction in false positives and tuning of alerts.
  • Timely resolution of platform-related issues.
  • Alignment of the platform with business and security requirements

    • Why Join Us?

  • Work on a cutting-edge cybersecurity product in a fast-paced startup environment.
  • Collaborate with a world-class team of engineers and security experts.
  • Opportunity to learn, grow, and make a real impact from day one.
    • Create a job alert for this search

    Administrator • Bengaluru, Karnataka, India

    Related jobs
    SIEM Engineer

    SIEM Engineer

    Tata Consultancy ServicesBengaluru, Karnataka, India
    Experience : 8+years of Experience.Create innovative solutions to automate and reduce timeframes for operational changes and initial installation of the platform. Responsible for major SIEM client e...Show moreLast updated: 14 days ago
    SIEM Engineer

    SIEM Engineer

    kyndrylINDIA
    At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward always pushing o...Show moreLast updated: 30+ days ago
    • Promoted
    Lead Detection Developer - SIEM

    Lead Detection Developer - SIEM

    Zyoin GroupBangalore
    Job Description : You'll be working as a detection developer on our Cloud Detection Team, responsible for ensuring the quality and sca...Show moreLast updated: 30+ days ago
    • Promoted
    Cyber Security Engineer - SIEM

    Cyber Security Engineer - SIEM

    Intraedge Technologies Ltd.Bangalore
    Location : Remote This role will lead the development and implementation of intelligent security solutions using SIEM, SOAR, and machine learning to enhance detectio...Show moreLast updated: 11 days ago
    Group SIEM Engineer

    Group SIEM Engineer

    DP World AustraliaBangalore, Karnataka, India
    Administer and maintain SIEM and SOAR platforms, including configuration, tuning, and updates.Onboarding of Log sources into SIEM platform, enhancing our security monitoring capabilities.Develop an...Show moreLast updated: 18 days ago
    • Promoted
    SIEM Administrator

    SIEM Administrator

    ColorTokens Inc.Bengaluru, Karnataka, India
    Platform Administrator – NextGen SIEM.Breaches happen—but with our cutting-edge.We enable organizations to continue operating while breaches are contained, ensuring critical assets remain protected...Show moreLast updated: 2 days ago
    • Promoted
    Cyber Security Analyst - SIEM Platform

    Cyber Security Analyst - SIEM Platform

    One Degree North HR ServicesBangalore
    We are seeking a vigilant and skilled Cyber Security Analyst with at least 3 years of experience in monitoring, analyzing, and responding to cyber threats and incidents. The ideal candidate will pla...Show moreLast updated: 8 days ago
    SIEM Engineeer

    SIEM Engineeer

    ScaleneWorksBengaluru, karnataka, India
    Quick Apply
    Individuals at this job are responsible for managing SIEM infrastructure like Microsoft Azure Sentinel and / or other SIEMs. Working knowledge of Microsoft Azure cloud platform, log analytics worksp...Show moreLast updated: 30+ days ago
    • Promoted
    Endpoint Security Engineer - SIEM

    Endpoint Security Engineer - SIEM

    OptivBangalore
    Job Description : In your role at Optiv, youll be inspired by a team of the brightest business and technical minds in cybersecurity.We are ...Show moreLast updated: 11 days ago
    • Promoted
    Umbrella Infocare - SIEM Engineer

    Umbrella Infocare - SIEM Engineer

    Umbrella Infocare Pvt Ltd.Bangalore
    What You'll Do : - SIEM Engineering & Management : Take ownership of configuring, managing, and maintaining the...Show moreLast updated: 18 days ago
    • Promoted
    • New!
    ColorTokens - Platform Administrator - SIEM

    ColorTokens - Platform Administrator - SIEM

    ColortokensBangalore
    Job Title : Platform Administrator NextGen SIEM.Location : Bangalore (on site).Experience Level : 8+ ColorTokens : At ColorTo...Show moreLast updated: 18 hours ago
    • Promoted
    SIEM Administrator - Azure Sentinel

    SIEM Administrator - Azure Sentinel

    Unisys India Pvt. Ltd.Bangalore
    Job Description : This is a technical role in our group and hence we are looking for someone who has experience in implementing and maintai...Show moreLast updated: 30+ days ago
    • Promoted
    SIEM Implementation Engineer - Cyber Security

    SIEM Implementation Engineer - Cyber Security

    NetEnrich Technologies Pvt LtdBangalore
    About company : Netenrich boosts the effectiveness of organizations security and digital operations so they can avoid disruption and manage risk.Resolution I...Show moreLast updated: 1 day ago
    • Promoted
    Threat Detection Engineer - SIEM Platform

    Threat Detection Engineer - SIEM Platform

    Cloudesign TechnologyBangalore
    Job Title : Threat Detection Engineer.Company : Cloudesign Technology Solutions (CTS).About Cloudesign Technology Solutions (CTS) : Cloudesign Technology Solutions (CTS) is an...Show moreLast updated: 18 days ago
    Administrator - SIEM

    Administrator - SIEM

    MicrolandBengaluru, India
    Technology | Scripting Language - Shell Scripting, Python.Technology | Azure Data Factory, ADLS, Azure SQL.Technology | Databricks - Spark SQL, PySpark, Apache Spark. Technology | SQL / NoSQL Developm...Show moreLast updated: 30+ days ago
    Senior SIEM engineer

    Senior SIEM engineer

    AMGENINDIA
    Join Amgens Mission of Serving Patients.At Amgen, if you feel like youre part of something bigger, its because you are.Our shared missionto serve patients living with serious illnessesdrives all th...Show moreLast updated: 30+ days ago
    • New!
    SIEM Integration Architect

    SIEM Integration Architect

    UnisysBangalore, KA, India
    What success looks like in this role : .Splunk, LogRhythm, Securonix) into Microsoft Sentinel.Sentinel connectors, KQL queries, workbooks, and analytics rules. Logic Apps or integrated response tools....Show moreLast updated: 10 hours ago
    • Promoted
    CoinDCX - L2 SOC Analyst - SIEM

    CoinDCX - L2 SOC Analyst - SIEM

    CDCX TECHNOLOGIES PRIVATE LIMITEDBangalore
    The CoinDCX Journey : Building Tomorrow, today.At CoinDCX, we believe CHANGE STARTS TOGETHER.You are the driving force that will help us make Web3 accessible to all. In the last six years, we have s...Show moreLast updated: 10 days ago
    • Promoted
    Platform Administrator - NextGen SIEM

    Platform Administrator - NextGen SIEM

    JSjobsolutionsBangalore
    Key Responsibilities : SIEM Platform Administration : - Deploy, configure, and maintain the NextGen SIEM platform (e.Stellar Cyber, Splunk, Sentinel, QRad...Show moreLast updated: 12 days ago
    SIEM Senior Consultant

    SIEM Senior Consultant

    Anicalls (Pty) LtdBengaluru, India
    Drive multiple simultaneous workstreams; manage schedules, risks, and issues with effective communication to the team, to senior management, and company executives. Research and keep up to date on t...Show moreLast updated: 30+ days ago