Administrator supplied components

Job Title: Administrator Supplied Components

Platforms: SIEM / SOAR / UEBA / NDR / Deception / ASM

Department: Security Operations Center (SOC)

Location: Delhi

Shift Model: 24x7 Operations

Candidates from in and around Delhi alone are preferred

Role Overview

The Administrator Supplied Components is responsible for the end-to-end lifecycle management, engineering, integration, security hardening, and operational excellence of enterprise SOC platforms including SIEM, SOAR, UEBA, NDR, Deception, and ASM.

This role ensures high availability, performance optimization, regulatory compliance, seamless integrations, and zero data loss across production, disaster recovery (DR), and staging environments.

Key Responsibilities

1. Platform Lifecycle Management

• Own full lifecycle management including deployment, configuration, hardening, patching, upgrades, and decommissioning.
• Design and maintain high-availability (HA) and clustering architectures across production, DR, and staging.
• Perform capacity planning and infrastructure scaling to meet ingestion and storage growth.

2. Log & Data Pipeline Engineering

• Engineer and maintain ingestion pipelines including parsers, connectors, normalization rules, and enrichment feeds.
• Ensure 100% log source onboarding within defined SLA.
• Maintain zero data loss and minimal ingestion latency.
• Troubleshoot pipeline failures across Kafka, Logstash, Cribl, and related components.

3. Security & Compliance Governance

• Implement and enforce RBAC models across all platforms.
• Configure certificate-based authentication and API key lifecycle management.
• Ensure encryption-at-rest and encryption-in-transit across systems.
• Maintain comprehensive audit logging.
• Ensure compliance with MeitY, CERT-In, ISO 27001, and applicable regulatory mandates.

4. Monitoring, Reporting & Optimization

• Develop health dashboards covering:
• Resource utilization
• License consumption
• Cluster health
• Ingestion performance
• Configure proactive alerting for saturation and service degradation.
• Generate monthly performance and capacity reports with trend analysis and forecasting.

5. Platform Integration & Ecosystem Orchestration

• Design and maintain integration fabric across SIEM, SOAR, UEBA, NDR, Deception, and ASM.
• Develop bidirectional API integrations and webhook orchestrations.
• Enable seamless detection-to-response workflows across platforms.
• Maintain data forwarding and enrichment workflows.

6. Upgrades, Migration & Disaster Recovery

• Plan and execute zero-downtime upgrades and migration projects.
• Maintain detailed runbooks and SOP documentation.
• Develop and test disaster recovery procedures.
• Conduct quarterly DR drills and document RTO/RPO adherence metrics.

Required Qualifications

• B.Tech / B.E. in Computer Science, Information Technology, or Cybersecurity (M.Tech preferred).
• Minimum 2 years of hands-on administration experience with enterprise SIEM platforms.
• Experience managing at least three enterprise SIEM/SOAR solutions in a production SOC environment.
• Strong Linux and Windows server administration skills.
• Experience with log pipeline technologies such as Kafka, Logstash, and Cribl.
• Understanding of security frameworks and compliance requirements (ISO 27001, CERT-In, MeitY).

Preferred Skills

• Experience with enterprise-grade SIEM platforms (e.g., Splunk, QRadar, ArcSight, Sentinel).
• Experience with SOAR automation and playbook development.
• Knowledge of containerized deployments and virtualization.
• Familiarity with scripting (Python, Bash, PowerShell).
• Experience working in high-ingestion SOC environments.

Key Competencies

• Strong troubleshooting and root cause analysis skills
• Ability to manage mission-critical 24x7 platforms
• Documentation and process-oriented mindset
• Cross-team collaboration and communication skills
• Analytical thinking and capacity forecasting capability

Company Website : https://innspark.in/