Description
This requires extensive knowledge of designing and developing SIEM Security Controls using QRadar and a good understanding of operations in a SOC. In this role, the candidate is expected to interact with stakeholders within the organization to gather support for business goals, requirements, and solutions.
At least 3 years + of Security Operations knowledge, with a track record that can demonstrate hands-on experience for SOC people, processes and technology, incl. requirements, design, implementation, and operations.
Good understanding of security technology (network security, process automation, SIEM, log management, application security)
Knowledge of Use Case Framework for a SOC
Understands the business justification for SOC's
Understands the business process workflow in a SOC
Extensive knowledge of QRadar
Extensive experience in implementing QRadar rules and alerts
Extensive knowledge of Business Analysis processes
Experience in requirements engineering and translation into functional and technical design documents and implement solutions
Extensive knowledge of Computer Networking and Networking Protocols including TCP/IP, SMB, HTTP(S) and a good understanding of Active Directory GPO's.
Extensive understanding of Security Controls such as Firewalls, NIDS, DLP, Network proxies.
Experience in implementing Splunk rules, reports, dashboard, and CEF output