Job Description

• Good knowledge of SIEM/QRadar Architecture, SIEM health check.
• Deployment of SIEM in customer environment
• Troubleshooting of SIEM issues, and SOC tools.
• Backup and restore, purging, SIEM configurations as per need and compliance.
• SIEM upgrade, patch, onboarding log sources, etc.
• Raising change management tickets for SOC Administration activities.
• Troubleshooting at device end for log source issues, non-reporting devices fix and maintain device status.
• Building a Parser for the SIEM using regex, custom properties, custom DSM creation as per requirement.
• EPS analysis, Licensing, Use case creation, fine tuning, rules, reports, offense analysis.
• Administration of Windows and Unix/Linux servers, Networking.

Primary Skills

• SIEM Qradar

Secondary Skills

• Good knowledge of basic Linux scripting, job scheduling.
• Good verbal/written communication skills.