SIEM L3 Administrator (IBM QRadar)

Role: - SIEM L3 Administrator (IBM QRadar) Location: - Dallas, TX / Frisco, TX (Day 1 Onsite) Mandatory skills:- IBM QRadar Job Description:-

• Design and deploy of SIEM Platform.
• Patching & Upgrading of SIEM Platform/Agents.
• Work with business units to create network hierarchy, building blocks, classify Log Sources within the QRadar SIEM
• Creating Custom API Connectors and Parsers for log sources which are not out-of-box supported by SIEM Vendor.
• Audit and prepare assessment report for existing SIEM platform.
• Troubleshoot issues regarding SIEM and other SOC tools.
• Develop use cases and create custom rules in SIEM.
• Troubleshooting at log sources and connector/agent end to fix any issues reported by other team and observed on day-to-day basis.
• Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc.
• Working with OEM (Tool support) in a way to resolve the issue or incident raised.
• Data archiving and backup and data purging configuration as per need and compliance.
• Restoring configuration/data backups based on the needs.
• High ethics, ability to protect confidential information.
• MITRE ATT&CK modelling
• Experience in Windows/Unix Administration.