Assistant Manager

Job Description

Key Skills: Qradar, SIEM Roles and Responsibilities: QRadar Platform Configuration & Administration: Implement and configure IBM QRadar SIEM, including the integration of log sources (firewalls, servers, IDS/IPS, etc.). Administer and maintain QRadar appliances, including updating, patching, and tuning for performance. Ensure the proper setup of security event collection, parsing, normalization, and storage. Security Monitoring & Incident Response: Monitor QRadar dashboards and alerts for security incidents and potential threats. Investigate and triage security incidents, escalating as necessary, and providing detailed reports for remediation. Create and fine-tune custom rules, offenses, and alerts to improve threat detection accuracy. Log Source Management: Configure and manage log source integrations, including forwarders, collectors, and data processing. Work with teams across the organization to identify and collect relevant logs for security monitoring. Correlation Rules and Customization: Develop, maintain, and optimize correlation rules to detect suspicious activities. Work with security analysts to develop custom use cases and refine QRadar correlation capabilities. Threat Intelligence and Data Integration: Integrate threat intelligence feeds into QRadar for enhanced detection of external threats. Leverage external data sources and QRadar's built-in capabilities to identify emerging threat patterns. Reporting and Documentation: Generate reports for management, compliance audits, and regulatory requirements. Document configurations, rules, processes, and troubleshooting steps for knowledge sharing and incident response procedures. Collaboration & Support: Work closely with IT and cybersecurity teams to integrate new systems and optimize SIEM operations. Assist in the development of incident response playbooks and provide expertise during security incidents. Skills Required: Strong hands-on experience with IBM QRadar SIEM platform Proficient in configuring and administering QRadar appliances Expertise in integrating and managing various log sources (firewalls, servers, IDS/IPS, etc.) Ability to monitor, investigate, and respond to security incidents and threats Skilled in creating and fine-tuning correlation rules, offenses, and alerts Experience in integrating threat intelligence feeds into QRadar Familiarity with developing custom use cases for advanced threat detection Competence in generating reports for audits, compliance, and management Strong documentation skills for processes, rules, and troubleshooting Effective collaboration with cross-functional IT and cybersecurity teams Knowledge of incident response planning and playbook development Education: Bachelor's Degree in related field