Qradar Admin

You will be part of the Cyber Defence Group responsible for Implementing and maintaining SIEM and SOAR for our customers.
You will be responsible for understanding the customer requirement, design, Develop and implement scalable SOC management solution (SIEM / SOAR) for the customer
Collaborate with customer team to define and establish logging standards to address specific customer mandated requirements
Collaborate with key stakeholders at customer side as well as the SOC team to develop use cases to address specific business needs
Lead Log onboarding from customer applications into the SIEM platform
Develop connectors / parsers to index and normalize raw logs in the SIEM solution
Implement and configure SOAR platform
Build integrations with upstream and downstream applications for Orchestration and automation of Security responses
Create reporting templates to meet the requirements of our customers
Who are we looking for
This is a technical role in our group and hence we are looking for someone who has experience in implementing and maintaining either Microsoft Sentinel or IBM Qradar SIEM Solution. The candidate also should have experience in implementing any market leading SOAR solution, like IBM Resilient, Demisto, Microfocus SOAR.
Should have minimum 5+ years of experience in managing and operating Microsoft Sentinel and IBM Qradar SIEM solution.
You should know any scripting language, preferably Python.
Experience deploying and managing a large SIEM deployment in an enterprise or managing a MSSP platform for multiple customers.
You should have strong understanding of security concepts, network protocols, application logging models
You should have advanced knowledge on use case creation, parser development
You should have in-depth understanding of events alerts reported by various data sources such as Windows/Unix systems, applications, databases, and network devices. You should at the minimum possess Vendor specific SIEM certification.
You should have at least any of the following certification: RHCE or CCNA or CEH or MCSE
Qradar with Admin/Deploment/Config
No Monitoring