Security Analyst I- SOC Admin

About Gruve

Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks.

About The Role

We are seeking a skilled SIEM Administrator to manage and optimize different SIEM solutions. The ideal candidate will be responsible for system administration, log integration, troubleshooting, Deployment, Implementation and maintaining security posture for the organization.

Key Responsibilities

SIEM Administration:

• Install, configure, maintain, and upgrade SIEM components. (IBM Qradar SIEM, DNIF, Splunk & Securonix).
  
  

Log Management

• Onboard, parse, and normalize logs from various data sources (firewalls, servers, databases, applications, etc.)
• Custom log source integration and parser development.
  
  

System Monitoring & Troubleshooting

• Ensure SIEM tools are functioning optimally. Monitor & regular health check perform for SIEM tools. troubleshoot system errors and resolve performance issues.
• Conduct regular performance tuning and capacity planning
• Perform root cause analysis for system failures & performance issues.
• Optimize system performance and storage management for SIEM
  
  

Integration & Automation

• Integrate third-party security tools (firewalls, EDR, threat intelligence feeds) with SIEM.
  
  

Compliance & Audits

• Ensure log retention policies comply with regulatory standards.
• Develop & enforce SIEM access controls & user roles/permissions.
  
  

Documentation & Training

• Document system configurations, SOP’s & troubleshooting documents.
• Prepare monthly/ weekly reports and PPT, onboarding documentation as per business/ client requirement.
  
  

Dashboard & Report Development

• Create & maintain custom dashboards & reports
• Optimize searches & reports for performance and efficiency.
  
  

Other Knowledge Base

• Hands on experience with Linux OS & Windows OS
• Basic to mediator level knowledge in networking skills
• Should be familiar with Azure, AWS or GCP products
  
  

Required Skills & Qualifications

• B.E/B.Tech degree in computer science, Cybersecurity, or related field (preferred).
• 1-3 years experience as Soc Admin
• Strong knowledge of SIEM architecture, log sources, and event correlation.
• Proficiency in log management, regular expressions, and network security concepts.
• Experience integrating SIEM with various security tools (firewalls, IDS/IPS, antivirus, etc.).
• Scripting knowledge (Python, Bash, or PowerShell) is a plus.
• Training or Certificate on Splunk or IBM Qradar Preferred.
  
  

Soft Skills

• Strong analytical and problem-solving skills.
• Excellent communication and documentation abilities.
• Ability to work independently and in a team.
  
  

Must Have Skills

• Hands-on experience with SIEM tools like IBM QRadar, Splunk, Securonix, LogRhythm, Microsoft Sentinel, DNIF etc.
• Proficiency in IBM Qradar & Splunk administration
• Configuring, maintaining, and troubleshooting SIEM solutions.
• Log source integration, parsing, and normalization.
• Strong knowledge of TCP/IP, DNS, HTTP, SMTP, FTP, VPNs, proxies, and firewall rules.
• Familiarity with Linux and Windows system administration.
  
  

Why Gruve

At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you.

Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.