Back to listings
CGIBangalore, KA

Security L3 Administrator / Engineer (SOC, IAM, PAM)

Description

Security L3 Administrator / Engineer (SOC, IAM, PAM) Role Overview The Security L3 Administrator is responsible for advanced management, troubleshooting, and optimization of enterprise security infrastructure. This includes Security Operations Center (SOC) monitoring, Identity & Access Management (IAM), and Privileged Access Management (PAM) solutions. The role requires deep expertise in security technologies, strong analytical skills, and the ability to resolve complex issues independently while ensuring compliance and resilience against cyber threats. Key Responsibilities

  • Provide L3 support for escalated security incidents across SOC, IAM, and PAM platforms.
  • Manage and optimize SIEM tools (Splunk, QRadar, ArcSight, Sentinel) for threat detection and response.
  • Lead incident response, forensic analysis, and root cause investigations for critical security events.
  • Administer and enhance IAM solutions (Azure AD, Okta, SailPoint, Ping Identity).
  • Manage PAM platforms (CyberArk, BeyondTrust, Thycotic) to secure privileged accounts and sessions.
  • Implement security policies, access controls, and compliance frameworks (ISO 27001, NIST, ).
  • Perform patching, upgrades, and configuration management across security systems.
  • Automate security workflows using PowerShell, Python, or Ansible.
  • Collaborate with infrastructure, application, and network teams to ensure secure operations.
  • Maintain documentation for incident handling, configurations, and security procedures. Required Skills & Experience
  • 7–12 years of experience in enterprise security administration with strong L3 expertise.
  • Hands‑on experience with SOC operations, IAM platforms, and PAM solutions.
  • Strong knowledge of SIEM tools, log analysis, and threat detection methodologies.
  • Expertise in identity lifecycle management, single sign‑on (SSO), and multi‑factor authentication (MFA).
  • Experience with privileged account security, session monitoring, and vault management.
  • Familiarity with cloud security (AWS, Azure, GCP) and hybrid environments.
  • Proficiency in scripting and automation for security operations.
  • Solid understanding of network security, firewalls, IDS/IPS, and compliance standards.
  • Ability to lead critical incident resolution and mentor junior analysts. Preferred Qualifications
  • Certifications: CISSP, CISM, CEH, CCSP, GIAC (SOC focus), CIMP/IAM certifications, CyberArk Certified Trustee.
  • Experience with SOAR platforms (Splunk Phantom, Palo Alto Cortex XSOAR).
  • Exposure to Zero Trust frameworks and cloud IAM/PAM integrations.
  • Knowledge of ITIL processes for incident, problem, and change management.

Skills:

Incident Management

Skills

SsoAWSSecurityAzureGCPIamSplunkAnsiblePowershellPython