Job Title: L1 – SIEM Administrator
Experience: 1–3 Years
Location: Mumbai – Western Line
Openings: 1
Job Description
We are seeking an immediate joiner for SIEM Administrator role with 1–3 years of experience to support the monitoring, administration, and first-level analysis of security events using enterprise SIEM platforms.
Candidates with strong Unix/Linux Administration experience who are looking to transition into the Cybersecurity / SIEM domain are also encouraged to apply.
Roles & Responsibilities
- Configure, maintain, and troubleshoot SIEM components including Event Processors, Flow Processors, and Console
- Perform software upgrades, patches, and version migrations of SIEM platforms
- Conduct regular health checks to ensure system performance, stability, and availability
- Integrate network devices, servers, security tools, and custom applications with SIEM for log collection
- Develop and maintain custom parsers and log source extensions
- Ensure effective log normalization and event correlation for accurate threat detection
- Create, tune, and optimize correlation rules to identify security incidents and reduce false positives
- Monitor SIEM alerts and perform initial triage, analysis, and escalation of incidents
- Support incident response activities, including log analysis and evidence collection
- Collaborate with IT, SOC, and security teams during investigations
- Maintain detailed documentation, SOPs, and troubleshooting guides
- Provide support and knowledge sharing with junior team members as required
Required Skills & Qualifications
- 1–3 years of hands-on experience as a SIEM Administrator / UNIX Admin
- Experience with SIEM tools such as IBM QRadar, ArcSight, or similar platforms
- Strong knowledge of log management, event correlation, and threat detection concepts
- Hands-on experience in QRadar appliance installation, configuration, and administration
- Exposure to custom parser and log source development
- Unix/Linux administration skills (log handling, basic commands, process monitoring)
- Basic understanding of networking concepts (TCP/IP, DNS, HTTP, firewalls, IDS/IPS)
- Working knowledge of Python or Bash scripting for automation (preferred)
- Strong analytical, troubleshooting, and communication skills
- Willingness to work in shifts.
- Willingness to visit client sites.
Education & Certifications
- Bachelor’s degree in computer science, Information Security, or related field
- IBM QRadar Certified Administrator (C2150-624) or equivalent security certification – preferred
Why Join Us?
- Exposure to enterprise-scale SIEM environments
- Opportunity to grow within SOC and Cybersecurity operations
- Hands-on learning with industry-standard security tools
Employment Service Agreement
A 2-year service agreement will be applicable, aligned with training, skill development, and exposure to enterprise SIEM platforms