Job Title: Senior IT Security Administrator / Lead - IT Security Administration
Function : IT Security
Reports to: Head of IT / CISO
Location: Bengaluru, Karnataka
Position Type: Full-Time
About The Role
We are seeking an experienced and hands-on Senior IT Security Administrator to be thecornerstone of our corporate cyber defense. In this critical role, you will architect, deploy, andoperate the corporate IT security infrastructure that protects our digital assets from an evolvingthreat landscape.You will be the technical owner of our core security platforms, including Next-GenerationFirewalls (NGFWs), SASE/VPN, Email and Web Security Gateways, and our EndpointDetection and Response (EDR) solution. A significant part of your mission will be to serve asthe crucial bridge between our internal teams and our Managed Security Operations Center(SOC), ensuring that threats are rapidly identified and neutralized. If you have a passion forbuilding resilient systems and a deep technical background in defense, we want to hear fromyou.
What You'll Do
Endpoint Defense & Management:
- Own the entire lifecycle of our Endpoint Detection and Response (EDR) platform (e.g.,
CrowdStrike, TrendMicro), from deployment to daily operations.
- Develop, implement, and fine-tune advanced EDR policies for prevention, detection, and
response across all corporate workstations and servers.
- Proactively tune EDR configurations to minimize false positives, enhance visibility, and
empower threat-hunting activities.
SOC Collaboration & Incident Response
- Serve as the primary technical liaison for our Managed SOC provider, ensuring a
seamless flow of information and actionable intelligence.
- Triage, investigate, and escalate validated security alerts from the SOC, acting as the
first line of technical response.
- Lead technical incident response efforts, coordinating with the SOC and internal teams
to ensure rapid containment, eradication, and recovery from security incidents.
Network & Access Security
- Architect and manage security policies on our Next-Generation Firewalls (NGFWs) like
Palo Alto, Fortinet, or Check Point.
- Design and enforce network segmentation, Zero Trust principles, access control lists
(ACLs), and web filtering policies to protect critical assets.
- Manage and optimize our secure access solutions, including SASE (e.g., Zscaler,
Netskope) and VPN (e.g., Palo Alto GlobalProtect), enforcing granular access policies
for all users.
- Perform regular audits of firewall and security group rules to ensure adherence to the
principle of least privilege.
Vulnerability & Risk Management
- Drive the end-to-end vulnerability management program, from discovery scanning and
analysis to remediation planning for Corporate IT Assets.
- Collaborate with system owners and IT teams to prioritize vulnerabilities based on risk
and business impact, and track remediation efforts to completion.
What Youll Bring
Required Qualifications:
- Education: Bachelor's degree in Cybersecurity, Information Technology, Computer
Science, or a related discipline.
- Experience: 7+ years of hands-on experience in a cybersecurity role such as security
engineering, administration, or senior analysis in a captive environment, preferably in an
Indian business.
- Endpoint Security: Deep, hands-on experience creating, managing, and tuning policies
in a major EDR solution (e.g., CrowdStrike, SentinelOne, TrendMicro).
- Firewall Expertise: Expertise in NGFW administration, including policy creation, NAT,
and Threat Prevention features. Direct experience with Palo Alto Networks is strongly
preferred.
- SOC/SIEM Integration: Proven experience acting as the technical interface for a
managed or in-house SOC and analyzing data in SIEM platforms (e.g., Splunk, QRadar.
Logrhythm).
- Secure Access: Strong command of VPN technologies (IPsec/SSL) and modern SASE
architecture.
- Networking Fundamentals: A solid foundation in networking principles, including the
TCP/IP suite, DNS, HTTP/S, and routing protocols.
Highly Desired (Bonus Points)
- Certifications: Advanced security certifications such as GIAC Certified Incident Handler
(GCIH), Palo Alto Networks Certified Network Security Engineer (PCNSE), Crowdstrike
Certified Falcon Hunter (CCFH),Trend Vision One Security Operation (SecOps)Professional etc relevant for the role.
- Cloud Security: Experience securing public cloud environments (AWS, Azure, GCP)
and familiarity with their native security tools[Good to have - not mandatory]
- Automation & Scripting: Proficiency in a scripting language (e.g., Python, PowerShell)
to automate security tasks and workflows.
- Frameworks: Practical experience implementing or operating within security
frameworks like the NIST Cybersecurity Framework, CIS Controls, or ISO 27001.
Skills: teams,cyber security,siem,trendmicro,ngfw,it,sentinelone,alto,access,security,crowdstrike,management,soc,edr,vpn,defense,it security
