Administrator components

Position: Administrator supplied components
Job Title:

Administrator – Supplied Components
Platforms:  SIEM / SOAR / UEBA / NDR / Deception / ASM
Department:  Security Operations Center (SOC)

Location:

Delhi
Shift Model:  24x7 Operations

Candidates from in and around Delhi alone are preferred

Role Overview
The Administrator – Supplied Components is responsible for the end-to-end lifecycle management, engineering, integration, security hardening, and operational excellence of enterprise SOC platforms including SIEM, SOAR, UEBA, NDR, Deception, and ASM.
This role ensures high availability, performance optimization, regulatory compliance, seamless integrations, and zero data loss across production, disaster recovery (DR), and staging environments.

Key Responsibilities

1. Platform Lifecycle Management
Own full lifecycle management including deployment, configuration, hardening, patching, upgrades, and decommissioning.
Design and maintain high-availability (HA) and clustering architectures across production, DR, and staging.
Perform capacity planning and infrastructure scaling to meet ingestion and storage growth.
2. Log & Data Pipeline Engineering
Engineer and maintain ingestion pipelines including parsers, connectors, normalization rules, and enrichment feeds.
Ensure 100% log source onboarding within defined SLA.
Maintain zero data loss and minimal ingestion latency.
Troubleshoot pipeline failures across Kafka, Logstash, Cribl, and related components.
3. Security & Compliance Governance
Implement and enforce RBAC models across all platforms.
Configure certificate-based authentication and API key lifecycle management.
Ensure encryption-at-rest and encryption-in-transit across systems.
Maintain comprehensive audit logging.
Ensure compliance with MeitY, CERT-In, ISO 27001, and applicable regulatory mandates.
4. Monitoring, Reporting & Optimization
Develop health dashboards covering:
Resource utilization
License consumption
Cluster health
Ingestion performance
Configure proactive alerting for saturation and service degradation.
Generate monthly performance and capacity reports with trend analysis and forecasting.
5. Platform Integration & Ecosystem Orchestration
Design and maintain integration fabric across SIEM, SOAR, UEBA, NDR, Deception, and ASM.
Develop bidirectional API integrations and webhook orchestrations.
Enable seamless detection-to-response workflows across platforms.
Maintain data forwarding and enrichment workflows.
6. Upgrades, Migration & Disaster Recovery
Plan and execute zero-downtime upgrades and migration projects.
Maintain detailed runbooks and SOP documentation.
Develop and test disaster recovery procedures.
Conduct quarterly DR drills and document RTO/RPO adherence metrics.

Required Qualifications
B.Tech / B.E. in Computer Science, Information Technology, or Cybersecurity (M.Tech preferred).
Minimum 2 years of hands-on administration experience with enterprise SIEM platforms.
Experience managing at least three enterprise SIEM/SOAR solutions in a production SOC environment.
Strong Linux and Windows server administration skills.

Experience with log pipeline technologies such as Kafka, Logstash, and Cribl.
Understanding of security frameworks and compliance requirements (ISO 27001, CERT-In, MeitY).
Preferred Skills

Experience with enterprise-grade SIEM platforms (e.g., Splunk, QRadar, Arc Sight, Sentinel).

Experience with SOAR automation and playbook development.
Knowledge of containerized deployments and virtualization.
Familiarity with scripting (Python, Bash, Power Shell).
Experience working in high-ingestion SOC environments.

Key Competencies
Strong troubleshooting and root cause analysis skills
Ability to manage mission-critical 24x7 platforms
Documentation and process-oriented mindset
Cross-team collaboration and communication skills
Analytical thinking and capacity forecasting capability

Company Website :