| SIEM L3 Administrator (IBM QRadar) at Frisco, Texas, USA |
| Email: [email protected] |
| From: Shyam, TechStar Group [email protected] Reply to: [email protected] Role: - SIEM L3 Administrator (IBM QRadar) Location: - Frisco, TX (Day 1 Onsite) Mandatory skills: - IBM QRadar Job Description: - Design and deploy of SIEM Platform. Patching & Upgrading of SIEM Platform/Agents. Work with business units to create network hierarchy, building blocks, classify Log Sources within the QRadar SIEM Creating Custom API Connectors and Parsers for log sources which are not out-of-box supported by SIEM Vendor. Audit and prepare assessment report for existing SIEM platform. Troubleshoot issues regarding SIEM and other SOC tools. Develop use cases and create custom rules in SIEM. Troubleshooting at log sources and connector/agent end to fix any issues reported by other team and observed on day-to-day basis. Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Data archiving and backup and data purging configuration as per need and compliance. Restoring configuration/data backups based on the needs. High ethics, ability to protect confidential information. MITRE ATT&CK modelling Experience in Windows/Unix Administration. Python Scripting Knowledge (Good to have). Keywords: |
| [email protected] View all |
| Sun Dec 11 02:42:00 UTC 2022 |