Security Information and Event Management Engineer

  • Posted 16 days ago | Updated 16 days ago

Overview

Remote
Depends on Experience
Full Time
Accepts corp to corp applications

Skills

QRadar SIEM AQL Analytical Skills Redhat Linux administration Bash DSM Database Management Excellent Verbal Communication Skills IBM IBM QRadar SIEM Intrusion Detection System IDS Linux Network Engineering Networking Protocol Performance Monitoring and Metrics PostgreSQL Problem Solving Python (Programming Language) SIEM SOAR Scripting Security Operations Software Troubleshooting Ticketing Systems Use case creation Vulnerability Scanning

Job Details

Required Skills:
QRadar SIEM
AQL
Analytical Skills
Redhat Linux administration
Bash
DSM
Database Management
Excellent Verbal Communication Skills
IBM
IBM QRadar SIEM
Intrusion Detection System IDS
Linux
Network Engineering
Networking Protocol
Performance Monitoring and Metrics
PostgreSQL
Problem Solving
Python (Programming Language)
SIEM
SOAR
Scripting
Security Operations
Software Troubleshooting
Ticketing Systems
Use case creation
Vulnerability Scanning

Preferred Skills:
Palo Alto XSIAM and XDR, Cribl, Splunk FireEye EDR security tools

Responsibilities :

Primary engineer managing SIEM platform with IBM QRadar and supporting delivery for Managed Security Services to a State Government client to provide timely, accurate, planned completion and implementation of security services, which must be available for 24x7x365 support
Leads primary day-to-day SIEM interactions with project team and State cybersecurity staff. Manages platform health, performs upgrades, including managing deployed sensors and collectors. Interacts with SOC analysts to tune alerts and use cases, to include integrations with client
Hands-on QRadar engineering and configuration experience required as system will be undergoing platform upgrades
Adding new log sources to existing QRadar, configure use cases, alerts, etc.Conduct Nessus scans
Ensure the solution can be integrated successfully into the overall application/system with clear, robust, and well-tested interfaces.
Perform troubleshooting, work through complex requirements/solutions, and provide assistance/coaching with the creation of QRadar search queries and dashboards
Maintain strong partnership with Detection & Response leadership and other teams in Security Organization
Investigate and resolve QRadar performance issues including event drops, parsing problems, and unknown events
Perform deep-dive analysis of log source integration issues and implement solutions
Troubleshoot and optimize event collection, parsing, and normalization
Create and maintain custom parsers, DSMs, and log source extensions
Monitor system health, storage utilization, and EPS/FPS metrics
Develop custom reports and dashboards for security metrics and compliance
Fine-tune correlation rules and optimize system performance
Perform root cause analysis for SIEM-related incidents

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Apexon