Q-Radar Implementation Engineer
As a SIEM SME, you will be responsible for implementing, administrating, and managing Qaradr SIEM. You will also assist with onboarding log sources, custom parsing, detection rules creation, and finetuning. You would also be required to create dashboards and generate reports as per need.
Qradar SIEM SME has experience with the following:
- SIEM implementation and administration
- SIEM change requests
- Deep understanding of Qradar components & health checks
- Ability to develop custom parsers
- Dashboards & report creation
- SIEM maintenance and upgrades
- Ability to work on shift rotations to cater for 24*7 operations
- Strong application and infrastructure knowledge; e.g. Tomcat, PostgreSQL, SAML, IMAP, LDAP, Active Directory, SSO.
- Working knowledge of Networking concepts (firewalls, DNS, IP addressing, SSL/TLS and certificates).
Education and Experience
- Bachelor’s Degree in Computer Science, Cyber Security, Information Systems or Business Administration or 3+ professional experience in a presales role including at least 2+ years of direct experience in Cyber Security Operations Center.
- A minimum of one of the following security-related certifications: Qradar, OSCP, CEH, GSEC or CompTIA Security+ required
- Excellent written, and verbal communication skills, ability to effectively coordinate multiple priorities in a dynamic environment, strong analytical and negotiating skills & excellent organization and interpersonal skills required
- Knowledgeable in Windows Domain, network, and multi-tier application architectures
- Familiar with tools such as SOAR, SIEM, and EDR.
- Persuasive with details and facts
- Ability to work both independently as well as part of a geographically dispersed integrated team
- Ability to balance multiple priorities in a fast-paced, highly collaborative, frequently changing, and sometimes ambiguous environment
- Expert-level knowledge of how to use network management tools and packet captures to resolve operational issues
- A solid understanding of what comprises a scalable, robust, supportable design for CSOC
- Candidates must be available locally with transferable visas and ready to join immediately.
Skills and Abilities
- Expert knowledge in the following technologies:
- Microsoft Active Directory Services
- TCP/IP Based Networking Principles
- Microsoft / Linux Operating Systems
- Firewalls and Perimeter Security
- Proxies and Load Balancers
- Intrusion Detection and Prevention Systems (IDS/IPS)