Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 2K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

For Employers

Add office photos

Employer? Claim Account for FREE

ColorTokens

Compare

3.0

based on 61 Reviews

28 ColorTokens Jobs

Platform Administrator - NextGen SIEM

ColorTokens, Inc.

3.0

based on 61 Reviews

4-9 years

Bangalore / Bengaluru

1 vacancy

Platform Administrator - NextGen SIEM

ColorTokens

posted 1mon ago

Job Role Insights

Flexible timing

Key skills for the job

Python Social Work Automation Testing Microsoft Power BI Information Security XML

+ 2 more

Job Description

Deploy, configure, and maintain the NextGen SIEM platform (e.g., Stellar Cyber, Splunk, Sentinel, QRadar, Chronicle, Exabeam etc).
Perform regular updates, patches, and upgrades to ensure platform security and functionality.
Monitor platform health, performance, and availability, ensuring optimal uptime.

2.Log Source Management

Onboard new log sources, ensuring proper data ingestion and parsing from various environments (endpoints, servers, cloud platforms, applications).
Troubleshoot and resolve issues related to log ingestion, parsing, and formatting.
Maintain log retention policies in alignment with compliance requirements.

3.Rule and Use Case Management

Develop, deploy, and fine-tune detection rules, correlation use cases, and alerts.
Continuously update use cases based on emerging threats, business needs, or compliance mandates.
Collaborate with SMEs and SOC analysts to refine detection capabilities and reduce false positives.

4.Integration and Automation

Integrate the SIEM platform with other security tools (EDR, microsegmentation solution, vulnerability scanners, etc.).
Design and implement automation workflows for incident detection, investigation, and response.

5.Platform Security and Compliance

Enforce platform access control policies, ensuring role-based access and least privilege principles.
Ensure the SIEM adheres to regulatory compliance standards (e.g., SOC2, ISO 27001).
Conduct regular audits and ensure the platform is free of vulnerabilities.

6.Collaboration and Support

Work closely with SOC analysts, threat hunters, and engineers to align the SIEM capabilities with security goals.
Provide technical support to users of the SIEM platform.
Offer training and documentation for security teams on effective SIEM usage.
Be available round the clock in case of any incidents with the platform

7.Performance Monitoring and Optimization

Monitor and optimize storage and indexing performance.
Proactively identify bottlenecks and improve platform scalability.
Generate reports on platform performance and alerting effectiveness.

8.Incident Support

Assist the SOC team with root cause analysis and advanced investigations.
Ensure forensic data is readily available during incident response.

Education and Certifications:

Bachelor s degree in Computer Science, Information Security
Relevant certifications such as Splunk Certified Admin, Microsoft Certified: Security Operations Analyst Associate, QRadar Certification, or similar NextGen SIEM certifications are highly desirable along with CISSP

Experience:

8+ years of experience in managing SIEM platforms (traditional or NextGen).
Strong hands-on experience with at least one NextGen SIEM platform (e.g., Stellar Cyber, Splunk, Sentinel, Chronicle, Exabeam).
Experience with log management, rule creation, and data onboarding.
Familiarity with scripting languages (e.g., Python, PowerShell) for automation.

Technical Skills:

In-depth understanding of log formats, protocols (e.g., Syslog, JSON, XML), and data pipelines.
Proficiency in querying languages (e.g., KQL, SPL, AQL).
Experience with integration of SIEMs with security tools like EDR, SOAR, NDR, and threat intelligence platforms.
Knowledge of security frameworks such as MITRE ATT&CK, NIST, or CIS.

Soft Skills:

Strong analytical and troubleshooting skills.
Excellent verbal and written communication skills.
Ability to work collaboratively in a fast-paced environment.

Preferred Skills:

Familiarity with cloud-based security solutions (e.g., AWS, Azure, Google Cloud).
Experience in implementing machine learning or anomaly detection in SIEM use cases.
Exposure to SOAR tools (e.g., Palo Alto Cortex XSOAR, Splunk Phantom).

Key Metrics for Success: