LogRhythm Platform Administrator

Title: LogRhythm Platform Administrator

Location: Qatar

Experience: 5+ years

Working Mode: On-site

Company Profile:

Tech Mahindra represents the connected world, offering innovative and customer-centric information technology experiences. We #Rise together to create sustainable businesses that can bring about lasting change in our communities – to create an equal world, to be future ready, and to create value. We are 152,000+ professionals across 90 countries, helping 1297 global customers including Fortune 500 companies.

LogRhythm Platform Administrator

Key Responsibilities:

Platform Administration:

• Install, configure, and maintain LogRhythm SIEM platform components (collectors, processors, and storage).
• Manage system updates, patches, and upgrades to ensure platform security and functionality.
• Monitor the health and performance of the platform, ensuring high availability and reliability.
• Troubleshoot and resolve issues related to the LogRhythm platform, including data ingestion, alerts, and reporting.
• Perform periodic backups of configurations and ensure recovery processes are tested.

Security Monitoring & Event Management:

• Work with the security operations team to tune and optimize event correlation rules, policies, and alerts.
• Analyze and review LogRhythm logs and events to identify potential security incidents or vulnerabilities.
• Configure and maintain custom log sources and integrations, ensuring all necessary data is ingested into the platform.
• Collaborate with other IT teams to integrate additional security tools into LogRhythm (e.g., firewalls, IDS/IPS, endpoint protection systems).

Incident Response Support:

• Assist with investigating security incidents by providing insights from LogRhythm dashboards, reports, and logs.
• Create custom reports and alerts to aid in incident detection and response.
• Provide technical support to security analysts during incident investigations.

Reporting & Dashboards:

• Develop and maintain customized dashboards and reports tailored to the organization's security requirements.
• Create automated reports for compliance and audit purposes.
• Provide visibility into security metrics and key performance indicators (KPIs) to stakeholders.

Performance Optimization:

• Continuously assess and improve the performance of the LogRhythm platform, ensuring efficient data processing and storage.
• Identify and address any performance bottlenecks related to data ingestion, correlation, and reporting.

Collaboration & Documentation:

• Collaborate with internal teams to identify and address emerging security threats.
• Maintain clear and comprehensive documentation for platform configuration, processes, and incident resolution.
• Train and support team members on LogRhythm best practices and usage.

Compliance & Security Standards:

• Ensure the platform is configured to comply with industry regulations (e.g., GDPR, HIPAA, PCI-DSS).
• Conduct periodic reviews of platform configurations to ensure alignment with internal security policies.

Required Skills and Qualifications:

• Education: Bachelor’s degree in Information Security, Computer Science, or a related field, or equivalent experience.
• Experience:
• Minimum of 4-6 years of experience in managing SIEM platforms, preferably with LogRhythm.
• Experience with LogRhythm deployment, administration, and troubleshooting.
• Strong understanding of security technologies (firewalls, IDS/IPS, endpoint protection, etc.).
• Knowledge of log management, event correlation, and incident response workflows.
• Technical Skills:
• Hands-on experience with LogRhythm platform components (Collectors, Processors, and Storage).
• Familiarity with Linux/Unix and Windows server environments.
• Knowledge of scripting languages (e.g., Python, PowerShell) for automation and customization.
• Familiarity with network protocols (e.g., TCP/IP, HTTP, DNS).
• Experience with creating and managing alerts, dashboards, and reports.
• Knowledge of security frameworks (NIST, CIS, etc.) and compliance regulations.

Preferred Skills:

• LogRhythm certifications (e.g., LogRhythm Certified Security Engineer).
• Experience with other SIEM platforms (Splunk, QRadar, etc.) is a plus.
• Experience with cloud environments and cloud-native SIEM solutions.
• Strong understanding of threat intelligence platforms and integration.

Soft Skills:

• Strong problem-solving and analytical skills.
• Ability to work under pressure and prioritize tasks effectively.
• Excellent communication skills, both verbal and written.
• Ability to work independently and as part of a collaborative team.

If you’re interested in the above job description, please respond with your comfortable time and I will connect for more details email id - [email protected]

Tech Mahindra is an Equal Employment Opportunity employer. We promote and support a diverse workforce at all levels of the company. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, age, national origin or disability. All applicants will be evaluated solely on the basis of their ability, competence, and performance of the essential functions of their positions.