Job Description

Lead SIEM Analyst (Q-Radar & Splunk)

What are we looking for:

• 6 to 8 years of experience on SIEM tool IBM QRadar and Splunk.
• IBM QRadar SIEM administration and implementation.
• Strong skill set in Parser development for unsupported log sources/Custom log source integration.
• Log source integration with SIEM.
• IBM QRadar UBA administration
• Candidate with Splunk ES experience will have additional advantage.
• Ability to multitask and work independently with minimal direction and maximum accountability.
• Must be proficient in scripting language PowerShell or Python.
• Intimate familiarity with Linux and windows platform and its command line utilities.
• Ability to reach to high pressure and challenging environment.
• Excellent customer service including strong written and oral communication skills.
• Bachelor’s degree in Information Security/Systems or related industry experience.
• Certifications such as IBM Certified Associate Administration and/or IBM Certified Deployment Professional.

Good to have:

• Performs detailed analysis of alerts and potential threats.
• Performs daily detect & response functions, working closely with SOC functions.
• Maintains and documents the security control procedure, SOP & Play-book.
• Participates in Forensic investigations and computer security incident response.
• Leverages internal and external resource to research threats, vulnerabilities and intelligence on various attack vectors and attack infrastructure.
• Strong knowledge on ITIL processes like Incident, Problem & Change Management. ITIL V3 Foundation certification will be given preference.