Platform Administrator Nextgen Siem Job in Colortokens

Platform Admin NextGen SIEM

• Location: Bangalore (Onsite)

About ColorTokens

At ColorTokens, we re all about helping businesses stay secure and keep running, no matter what cyber chaos hits. Our game-changing Xshield platform stops ransomware and malware from spreading sideways, so companies can keep their critical stuff safe and business uninterrupted.

We bring insane visibility into traffic flows between workloads, IoT devices, users basically everything to create super tight security zones that isolate threats fast. We re a Forrester Wave Leader (Q3 2024) for microsegmentation and protect global giants from costly cyber disruptions.

Our Culture

We love self-starters who bring energy, curiosity, and big ideas. You ll get to own projects, collaborate with passionate teammates, and work on security that actually protects real people from hospitals to cities to entire nations.

What You ll Do The Role

You ll run and manage our NextGen SIEM platform think Splunk, Sentinel, Exabeam, Stellar Cyber, or similar making sure it s up-to-date, humming smoothly, and packed with the right alerts.

• Admin & Ops: Install, configure, patch, and keep the SIEM platform running 24/7.
• Log Boss: Bring in new log sources, troubleshoot ingestion issues, and ensure data is clean and compliant.
• Rule Maker: Build and tweak detection rules and alerts to catch real threats while cutting down false alarms.
• Integrate & Automate: Connect SIEM with other security tools and automate incident workflows.
• Lock It Down: Manage user access, keep the platform secure, and nail compliance requirements.
• Team Player: Work closely with SOC analysts, threat hunters, and engineers to level up detection and response.
• Support & Train: Help users get the most from the platform and be the go-to expert when incidents hit.
• Optimize & Report: Track performance, fix bottlenecks, and share insights to keep the platform sharp.

What You Bring Your Skills & Experience

• 8+ years managing SIEM platforms, especially NextGen ones like Splunk, Sentinel, or Exabeam.
• Expert in log management, rule creation, and onboarding data from all sorts of sources.
• Solid scripting skills (Python, PowerShell) to automate and customize workflows.
• Deep knowledge of log formats (Syslog, JSON, XML), querying languages (KQL, SPL, AQL), and data pipelines.
• Experience integrating SIEM with EDR, SOAR, NDR, and threat intel platforms.
• Familiar with security frameworks like MITRE ATT&CK, NIST, or CIS.
• Bonus points if you know cloud security (AWS, Azure, GCP), machine learning in SIEM, or SOAR tools like Cortex XSOAR or Phantom.

Your Credentials

• Bachelor s degree in Computer Science, InfoSec, or related field (or equivalent experience).
• Relevant certifications like Splunk Certified Admin, Microsoft Security Operations Analyst, QRadar cert, or CISSP are a major plus.

What Success Looks Like

• Keep SIEM uptime near 100%.
• Smoothly onboard new log sources and build killer detection use cases.
• Reduce noise fewer false positives, sharper alerts.
• Fast, effective fixes when platform issues pop up.
• Align SIEM capabilities tightly with security and business goals.

Ready to level up security at a cutting-edge company and protect some of the world s most important organizations? Let s talk!