QRadar

Key Responsibilities:

• Must have hands on experience working in IBM Qradar SIEM solution.
• Should have strong understanding of the QRadar server concepts including Architecture application components etc.
• Should be able to handle QRadar administration activities as per the customer requirements.
• Should have experience in handling tasks like backup configuration application Upgrade on server DR Drill activities (HA configuration testing) able to review the current configuration and give suggestions to customer to optimize/improve efficiency.
• Should be able to understand the usecases shared by customer and be able to create queries usecases provide plan to customer to implement in PROD.
• Monitor and analyze security events using IBM QRadar SIEM.
• Perform in-depth investigation of alerts and incidents escalating to L3 when necessary.
• Fine-tune and optimize QRadar rules filters and correlation logic.
• Maintain and troubleshoot QRadar components including log sources DSMs and EPS usage.
• Develop and maintain use cases and custom rules for threat detection.
• Collaborate with SOC teams to improve detection capabilities and incident response.
• Generate reports and dashboards for compliance and operational visibility.
• Support onboarding of new log sources and ensure data normalization.
• Conduct root cause analysis and provide recommendations for remediation.
• Document incident handling procedures and maintain knowledge base.