T&T-Cyber-Defense & Resilience-CIC-L3 QRADAR Engineering

Your work profile

 As Deputy Manager in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: -

We are seeking a skilled QRadar Engineer to manage, maintain, and enhance our QRadar SIEM platform, ensuring effective monitoring, detection, and response to security incidents. The ideal candidate will have strong experience in QRadar administration, threat detection, and SOC operations to provide continuous security improvements and support to the SOC team.

Key Responsibilities:

• QRadar Administration: Install, configure, and manage QRadar components, including log sources, custom log parsers, and correlation rules.
• Log Source Management: Integrate and manage various log sources from network devices, servers, applications, and security tools to ensure proper log ingestion and parsing.
• Rule Development: Develop and fine-tune correlation rules, offenses, and custom use cases to detect malicious activity.
• Threat Detection: Monitor, analyze, and respond to security events and incidents detected by QRadar.
• Performance Tuning: Optimize QRadar’s performance, including storage management, event processing, and tuning for high EPS environments.
• Integration and Customization: Work with APIs and custom integrations to extend the capabilities of QRadar with other security tools (firewalls, EDR, DLP, etc.).
• Incident Response Support: Collaborate with the SOC team in investigating security incidents, using QRadar for root cause analysis and mitigation strategies.
• Dashboard & Report Creation: Design and manage QRadar dashboards and reports for management and security operations teams.
• Compliance and Auditing: Ensure QRadar operations align with regulatory standards, such as GDPR, HIPAA, or PCI-DSS, as required.
• Troubleshooting: Resolve QRadar-related issues, including log ingestion problems, performance issues, and system errors.
• Upgrades and Patching: Plan and execute system upgrades, patching, and version updates to maintain system integrity and security.

Desired qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience.
• 4+ years of experience with QRadar SIEM, including installation, configuration, and administration.
• Strong knowledge of SIEM operations, event correlation, and log management.
• Experience in SOC operations, threat detection, and incident response.
• Proficiency in scripting and automation (Python, Bash, or PowerShell) is a plus.
• Familiarity with network security tools, firewalls, IDS/IPS, EDR, and other security technologies.
• In-depth knowledge of security frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001).

Preferred Certifications

• IBM QRadar SIEM Certification.
• CISSP, CEH, CISM, or other relevant security certifications.

Professional is required to work from office