Home

Position: SIEM Admin


Job ID: SIA_001


Location: Andheri, Mumbai


Your responsibilities as a SIEM Admin:


  1. Configure, maintain, and troubleshoot QRadar components such as Event Processors, Flow Processors, and Console.
  2. Plan and execute software upgrades, patches, and version migrations.
  3. Conduct regular health checks to ensure optimal performance and reliability.
  4. Integrate devices and custom applications with QRadar for effective log collection.
  5. Develop and maintain custom parsers and log source extensions.
  6. Ensure proper log normalization and correlation to facilitate accurate threat detection.
  7. Create and tune correlation rules to identify security incidents and anomalies effectively.
  8. Review and optimize existing rules to improve detection accuracy and reduce false positives.
  9. Collaborate with other IT and security teams to investigate and respond to security incidents identified by the SIEM.
  10. Provide support during incident response activities, including log analysis and evidence collection.
  11. Document configurations, procedures, and troubleshooting steps to maintain comprehensive system documentation.
  12. Provide training and support to junior staff members or other teams as required.


Skill sets we require:


  1. Proven experience working as a SIEM Administrator, with a focus on IBM QRadar.
  2. Proficiency in the installation, configuration, and administration of QRadar appliances.
  3. Strong understanding of log management, event correlation, and threat detection concepts.
  4. Experience developing and maintaining custom parsers and log source extensions.
  5. Familiarity with scripting languages such as Python or Bash for automation tasks.
  6. Excellent analytical and problem-solving skills, with the ability to troubleshoot complex issues independently.
  7. Effective communication skills, with the ability to collaborate with cross-functional teams.


Pedigree and Experience:


  1. Bachelor's degree in Computer Science, Information Security or related field.
  2. Industry certifications such as IBM QRadar Certified Administrator (C2150-624) or equivalent are a plus.
  3. 2+ years of experience in relevant field.
View all job openings