Role: SIEM L3 Administrator (IBM QRadar)
Location: Frisco, TX (Day 1 Onsite)
Mandatory skills: IBM QRadar
Job Description:
Design and deploy of SIEM Platform.
Patching & Upgrading of SIEM Platform/Agents.
Work with business units to create network hierarchy, building blocks, classify Log Sources within the QRadar SIEM
Creating Custom API Connectors and Parsers for log sources which are not out-of-box supported by SIEM Vendor.
Audit and prepare assessment report for existing SIEM platform.
Troubleshoot issues regarding SIEM and other SOC tools.
Develop use cases and create custom rules in SIEM.
Troubleshooting at log sources and connector/agent end to fix any issues reported by other team and observed on day-to-day basis.
Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc.
Working with OEM (Tool support) in a way to resolve the issue or incident raised.
Data archiving and backup and data purging configuration as per need and compliance.
Restoring configuration/data backups based on the needs.
High ethics, ability to protect confidential information.
MITRE Telecommunication&CK modelling
Experience in Windows/Unix Administration.
Python Scripting Knowledge (Good to have).
Last updated on Dec 8, 2022
Sparks, Nevada
·30+ days ago
Sparks, Nevada
·30+ days ago
Sparks, Nevada
·30+ days ago
Indianapolis, Indiana
·30+ days ago
Indianapolis, Indiana
·30+ days ago
Rochester, New York
·30+ days ago
Richmond, Virginia
·30+ days ago
New York
·30+ days ago
Houston, Texas
·30+ days ago
Washington, District of Columbia
·30+ days ago
Des Moines, Iowa
·30+ days ago
Chicago, Illinois
·30+ days ago
Dearborn, Michigan
·30+ days ago
Lexington, Massachusetts
·30+ days ago
Fremont, California
·30+ days ago