Qradar Implementation Engineer - SIEM Solutions

Key Responsibilities : - QRadar Deployment & Configuration : Design and implement QRadar SIEM solutions for MSSP clients, including the installation and configuration of QRadar components (Console, Event Processors, Data Nodes, etc.). - Multi-Tenant Environment : Configure and maintain QRadar in a multi-tenant MSSP environment, ensuring proper segmentation and secure data handling for each client. - Log Source Integration : Integrate diverse log sources (network devices, endpoints, applications, cloud services) into QRadar for continuous monitoring and threat detection across different client environments. - Customization for Clients : Develop and customize correlation rules, dashboards, and alerts specific to client needs, including use cases tailored to each customers threat landscape. - Use Case Development : Work closely with client SOC teams to develop security use cases, tune rules, and optimize detection capabilities based on emerging threats and business requirements. - Performance Optimization : Ensure the optimal performance of QRadar across all tenants, including EPS management, storage, and event processing in high-volume environments. - Client Onboarding : Collaborate with internal and external teams for seamless onboarding of new clients onto the MSSP platform, ensuring successful integration with existing security tools and services. - Security Monitoring and Threat Detection : Assist in the development of effective monitoring strategies, leveraging QRadar to detect and respond to threats for multiple clients. - Compliance and Reporting : Ensure that QRadar deployments align with regulatory requirements (PCI-DSS, GDPR, HIPAA, etc.) and provide detailed reporting and audits for each client as needed. - Troubleshooting & Support : Provide Level 2/3 support for QRadar issues, ensuring timely resolution of problems related to log ingestion, parsing, rule execution, and system performance. - System Upgrades & Maintenance : Plan and execute regular system upgrades, patching, and maintenance activities for QRadar instances across all client environments. Desired qualifications : - Bachelors degree in Computer Science, Cybersecurity, or related field, or equivalent experience. - 5 years of experience in deploying and managing QRadar SIEM in large-scale environments, preferably within an MSSP. - In-depth understanding of QRadar architecture, components, and deployment scenarios. - Strong experience in managing and securing multi-tenant SIEM environments. - Expertise in log source integration, event normalization, and tuning for different client environments. - Familiarity with scripting and automation tools (Python, Bash, etc.) for custom integrations and log parsing. - Solid understanding of networking and security technologies (firewalls, IDS/IPS, EDR, etc.). - Hands-on experience with security frameworks such as MITRE ATT&CK, NIST, or ISO 27001. Preferred Certifications : - IBM Certified QRadar SIEM Administrator or Architect. - CISSP, CEH, or other relevant cybersecurity and way of working : - Base location : Mumbai/Gurgaon - Professional is required to work from office (ref:hirist.tech)

Location: mumbai, IN

Posted Date: 11/25/2024