Description
SIEM Q-Radar Expert/Analyst or equivalent SIEM software Analyst
- Application management and engineering for QRadar SIEM
- Coordination and planning for system upgrades, new systems, as well as maintaining current operational event flows
- Develop & manage Use Cases. Provide training on new content to Security Analysts
- Analyze requirements of engineering, operations and security staff and develop Use Cases (Reports/Rules) to improve efficiency and effectiveness in each discipline
- Manage/Coordinate relationships, projects and open issues with QRadar, support internal teams
- Design and implement
- Support architecture changes required to supporting evolving business needs and threat profile.
- Maintain documentation for the QRadar environment and generate technical documentation for the Use Cases
- Performing administrative tasks per management request (ad-hoc reports/trainings)
Functional and Technical Competencies
Mandatory:
- College Degree or equivalent
- 3-5 years of IT Security domain experience
- 1-2 years in a similar position
- In depth experience with QRadar SIEM tool
- In depth TCP/IP knowledge
- Experience with multiple security devices and log formats
- Content creation abilities, following defined processes
- Up to date with the latest security releases, implementation of use cases to respond to emerging threats
- Passion and drive to work in start-up division with potential of significant growth in scope and services
- Strong logical and analytical skills to help define new use cases, statistical correlation rules and analytical monitoring functions
- Strong troubleshooting skills
- Knowledge of log formats and ability to aggregate and parse log data for syslog, HTTP logs, DB logs for investigation purposes
- Scripting experience
Training, Qualifications, and Certifications
Preferred:
- QRadar certified
- CEH certified
- CISSP Certification
- ITIL Foundation Certification
- Linux Redhat certified