SIEM Engineer (QRadar)

Alliance Of Professionals And ConsultantsAtlanta, GA
262d$50 - $60Remote
Match Resume

About The Position

The SIEM Engineer (QRadar) will be responsible for managing the SIEM platform with IBM QRadar and supporting delivery for Managed Security Services to a State Government client. This role requires timely, accurate, planned completion and implementation of security services, which must be available for 24x7x365 support. The engineer will lead primary day-to-day SIEM interactions with the project team and State cybersecurity staff, manage platform health, perform upgrades, and interact with SOC analysts to tune alerts and use cases. Hands-on QRadar engineering and configuration experience is required as the system will be undergoing platform upgrades. The engineer will also be responsible for adding new log sources, conducting Nessus scans, troubleshooting, and optimizing event collection, parsing, and normalization.

Requirements

  • SIEM experience.
  • IBM QRadar SIEM experience.
  • AQL proficiency.
  • Analytical skills.
  • RedHat Linux administration.
  • Bash scripting.
  • DSM knowledge.
  • Database management skills.
  • Intrusion Detection System (IDS) experience.
  • Linux proficiency.
  • Network engineering skills.
  • Networking protocol knowledge.
  • Performance monitoring and metrics experience.
  • PostgreSQL knowledge.
  • Problem-solving skills.
  • Python programming language proficiency.
  • SOAR experience.
  • Scripting skills.
  • Security operations experience.
  • Software troubleshooting skills.
  • Ticketing systems experience.
  • Use case creation experience.
  • Vulnerability scanning experience.
  • Excellent verbal communication skills.

Nice To Haves

  • Palo Alto XSIAM and XDR experience.
  • Cribl experience.
  • Splunk experience.
  • FireEye EDR security tools experience.

Responsibilities

  • Manage SIEM platform with IBM QRadar.
  • Support delivery for Managed Security Services to a State Government client.
  • Lead day-to-day SIEM interactions with project team and State cybersecurity staff.
  • Manage platform health and perform upgrades.
  • Interact with SOC analysts to tune alerts and use cases.
  • Add new log sources to existing QRadar and configure use cases and alerts.
  • Conduct Nessus scans.
  • Ensure successful integration of the solution into the overall application/system.
  • Perform troubleshooting and provide assistance with QRadar search queries and dashboards.
  • Investigate and resolve QRadar performance issues.
  • Perform deep-dive analysis of log source integration issues.
  • Create and maintain custom parsers, DSMs, and log source extensions.
  • Monitor system health, storage utilization, and EPS/FPS metrics.
  • Develop custom reports and dashboards for security metrics and compliance.
  • Fine-tune correlation rules and optimize system performance.
  • Perform root cause analysis for SIEM-related incidents.

Benefits

  • Remote work opportunity.
  • 12 month W2 contract with potential for extension or conversion to permanent.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Industry

Professional, Scientific, and Technical Services

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service