Responsibilities
this position involves a wide range of responsibilities related to the design, implementation, and maintenance of the siem platform. Some key tasks include:
* designing and implementing the siem platform, including upgrading and updating its components
* integrating various log sources with the system, including custom log source integrations
* monitoring and maintaining the health of the system, including troubleshooting issues and resolving problems
* creating and modifying security use cases, including understanding customer infra setup and needs
* generating reports, including automated and custom reports
requirements
* at least 2 years of experience in qradar administration or development (dsm/parser development)
* familiarity with working in the red hat enterprise linux operating system
* knowledge of custom event mapping, including unknown events, miscategorized events, and custom log source extensions
* ability to work with the irt team to remediate offenses, tune rules for false positives, and create new rules
skills
* strong technical skills, including programming languages and software applications
* excellent analytical and problem-solving skills
* effective communication and collaboration skills
* able to work under pressure and meet deadlines