QRadar Suite Endpoint Detection and Response (EDR)

  • Posted 20 days ago | Updated 16 days ago

Overview

Remote
$0 - $0
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 6 Month(s)
Able to Provide Sponsorship

Skills

Qradar
Linux
Python
LDAP
MITRE

Job Details

100% Remote

1. QRadar Platform Expertise

Architecture and components (Console, Event Collectors, Event Processors, Flow Collectors, Data Nodes)

Log source integration and configuration

Custom rules and building offenses

Use Case Manager app and AQL (Advanced Query Language)

DSM (Device Support Modules) tuning and extension

Flow data and QFlow/QNi

Offense management and tuning

Asset profiles and identity integration

2. SIEM & Security Fundamentals

Knowledge of security event types (e.g., logs from firewalls, IDS/IPS, servers, applications)

Understanding of attack frameworks (MITRE ATT&CK, Cyber Kill Chain)

Incident detection, response, and investigation processes

3. System Administration

Linux (Red Hat/CentOS) command line and troubleshooting

QRadar CLI tools and support utilities

Disk space and performance monitoring

Backup and recovery of QRadar components

4. Networking

TCP/IP, routing, VLANs, NAT, etc.

Understanding of NetFlow/sFlow/jFlow and network behavior analysis

Firewall rules and common network security tools

5. Integration Knowledge

Integration with threat intelligence feeds (STIX/TAXII, X-Force)

Identity sources (LDAP/AD)

Ticketing systems (e.g., ServiceNow, Jira)

Use of REST APIs for automation

6. Scripting & Automation (Bonus)

Bash or Python scripting for automation

Regex for log parsing and rule building

QRadar API for integrations or custom tooling

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About intiGrow