Home
Job Title: L1 – SIEM Administrator
Experience: 1–3 Years
Location: Mumbai – Western Line
Openings: 1

Job Description

We are seeking an immediate joiner for SIEM Administrator role with 1–3 years of experience to support the monitoring, administration, and first-level analysis of security events using enterprise SIEM platforms.

Candidates with strong Unix/Linux Administration experience who are looking to transition into the Cybersecurity / SIEM domain are also encouraged to apply.


Roles & Responsibilities
  • Configure, maintain, and troubleshoot SIEM components including Event Processors, Flow Processors, and Console
  • Perform software upgrades, patches, and version migrations of SIEM platforms
  • Conduct regular health checks to ensure system performance, stability, and availability
  • Integrate network devices, servers, security tools, and custom applications with SIEM for log collection
  • Develop and maintain custom parsers and log source extensions
  • Ensure effective log normalization and event correlation for accurate threat detection
  • Create, tune, and optimize correlation rules to identify security incidents and reduce false positives
  • Monitor SIEM alerts and perform initial triage, analysis, and escalation of incidents
  • Support incident response activities, including log analysis and evidence collection
  • Collaborate with IT, SOC, and security teams during investigations
  • Maintain detailed documentation, SOPs, and troubleshooting guides
  • Provide support and knowledge sharing with junior team members as required

Required Skills & Qualifications
  • 1–3 years of hands-on experience as a SIEM Administrator / UNIX Admin
  • Experience with SIEM tools such as IBM QRadar, ArcSight, or similar platforms
  • Strong knowledge of log management, event correlation, and threat detection concepts
  • Hands-on experience in QRadar appliance installation, configuration, and administration
  • Exposure to custom parser and log source development
  • Unix/Linux administration skills (log handling, basic commands, process monitoring)
  • Basic understanding of networking concepts (TCP/IP, DNS, HTTP, firewalls, IDS/IPS)
  • Working knowledge of Python or Bash scripting for automation (preferred)
  • Strong analytical, troubleshooting, and communication skills
  • Willingness to work in shifts.
  • Willingness to visit client sites.

Education & Certifications
  • Bachelor’s degree in computer science, Information Security, or related field
  • IBM QRadar Certified Administrator (C2150-624) or equivalent security certification – preferred

Why Join Us?
  • Exposure to enterprise-scale SIEM environments
  • Opportunity to grow within SOC and Cybersecurity operations
  • Hands-on learning with industry-standard security tools

Employment Service Agreement
A 2-year service agreement will be applicable, aligned with training, skill development, and exposure to enterprise SIEM platforms
View all job openings