Introduction At IBM, work is more than a job - its a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things youve never thought possible. Are you ready to lead in this new era of technology and solve some of the worlds most challenging problems If so, lets talk. Your role and responsibilities We are seeking a highly skilled SIEM Security Engineer to join our cybersecurity team. This role involves the administration, engineering, and optimization of Security Information and Event Management (SIEM) solutions, specifically focusing on QRadar SIEM, as well as developing and implementing security use cases based on frameworks like MITRE ATT&CK and NIST. Key Responsibilities: SIEM Administration & Engineering: Maintain, configure, and optimize SIEM platforms, ensuring high availability and efficiency. Use Case Development: Design, implement, and test correlation rules and threat detection methodologies based on industry best practices. Log Source Management: Integrate and troubleshoot various log sources including firewalls, endpoints, IAM, cloud, network devices, and more. Threat Hunting & Incident Response Support: Work closely with SOC analysts, threat hunters, and incident response teams to identify security incidents and optimize detections. False Positive Reduction & SIEM Optimization: Refine correlation logic to improve detection efficacy while minimizing false positives. Security Framework & Compliance: Implement security controls in alignment with MITRE ATT&CK, NIST, and ITIL frameworks. Documentation & Collaboration: Maintain use case catalogs, runbooks, and collaborate with internal teams for continuous improvements. Advanced Analysis: Lead investigations of complex cybersecurity threats, escalate critical findings, and contribute to SOC strategic planning. Required education Bachelors Degree Preferred education Bachelors Degree Required technical and professional expertise 8+ years of experience in IT Cyber Security Industry 6+ years experience in SIEM Administration and Use Case Engineering Strong understanding of Networking, OSI, TCP/IP concepts Expertise in Cybersecurity controls, threat detection, and attack methodologies Knowledge of MITRE ATT&CK, NIST frameworks, and security best practices Hands-on experience with multiple SIEM solutions, preferably QRadar SIEM Experience with UBA solutions and SIEM tuning Familiarity with log source integration, parsing, correlation, and troubleshooting Coordination and communication skills to work with security, engineering, and service delivery teams Preferred technical and professional experience SIEM Use Case Engineering and Content Development Relevant cybersecurity certifications such as CEH, CompTIA Security+, CCNA Strong ability to analyze security trends, optimize existing rules, and recommend improvement