Security Information Management Specialist

Job Description We are seeking an experienced and skilled System Administrator to join our team. The successful candidate will be responsible for designing, implementing, upgrading, and maintaining our SIEM platform. Key Responsibilities: Design and implement SIEM platform(s) Upgrade and update SIEM components and applications Integrate various log sources with SIEM Customize log source integrations with SIEM Monitor and maintain the health of SIEM components and applications Develop and modify security use cases (rule triggers) in SIEM Generate reports (automated and custom) Collaborate with stakeholders to onboard or troubleshoot broken log sources Technical Experience: Custom event mapping for unknown events, miscategorized events, and custom log source extensions Work with the IRT team to remediate offenses, tune rules for false positives, and create new rules Creation and management of reference sets and outside threat intel sources Onboarding new log sources and assigning log sources to the correct group Dashboard creation for monitoring environment Report creation and maintenance Maintaining all components of a distributed QRadar infrastructure and deployment servers Required Skills and Qualifications: At least 2 years of QRadar administration or development experience Proficiency in creating, modifying, and tuning SIEM rules Familiarity with working in Red Hat Enterprise Linux operating system Ability to work with customer-designated personnel to provide continual correlation rule tuning, incident classification, and prioritization recommendations Benefits: This role offers a competitive salary and opportunities for professional growth and development.

Creado: Jue, 01 de Ene de 1970