• Technical Architect - Qradar

  Exp From 6.0 Yrs To 10.0 Yrs        India - Trivandrum

Apply For This Job

Job Description

Job ID - 0060993838

Job Details -

Ability to interpret disparate sources of data, identify subtle patterns indicative of malicious activity and follow up with research to produce high quality intelligence assessments and reports.
• Correlating log events from multiple technologies using a combination of rules, filters, lists and queries to identify the sequences of events that match potential attack patterns.
• Design and build detection capability to present the SOC analysts with alerts relating to suspicious activity
• Incident response and Forensics experience is an asset
• Should capable to fine tune logs 
• Evaluate event flows to identify common risks and vulnerabilities to develop and implement solutions
• Recommend enhancements to SOC security process, Operations efficiencies.
• Elastic Stack experience preferable
• Owning installation and management of QRadar infrastructure (Red Hat Enterprise Linux (RHEL) images for QRadar SIEM).
• Sizing of QRadar event collector images at offering sites (bare metals and/or virtuals).
• Management of QRadar Appliance builds.
• Co-ordinate extensively with networking teams to maintain and establish communication to remote QRadar Collectors/Processors.
• Work with business units to ensure they know what and how to feed data into QRadar.
• Work with business units to create network hierarchy, building blocks, classify Log Sources within the QRadar SIEM.
• Work with teams tuning the QRadar application to suppress or alert on false positive security events.
• Closely work with offering teams on implementation and growth planning for installations of event processors/collectors.
• Break-fix triage, resolution and restoration of service for QRadar application and event collector images.

General IT Skills

• Complete knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products
• Network administration and troubleshooting knowledge (Routing/Switching)
• Security Solutions knowledge of IPS/IDS, WAF, DDoS, Spam, Proxy etc.,
• System administration and troubleshooting knowledge (Windows/Linux)
• Programming knowledge – Python

Must Technology Skill

• SIEM – Qradar (Preferable QRadar Certified Fundamental Administration)
• CEH/CCNA Security/ CompTIA Security+

Functional Area :

Key Skills

Walkin Details

Sponsorship :
Employment Type :

Contact Details

Company Website:
Contact Person: Jolly Ego
Contact Person's Email : contactus@poweritservices.com