Fecha de publicación: 09 junio 2025
- lugar:
- hybrid (guadalajara)
- skills:
*_ technical experience:_*
- custom event mapping for unknown events, miscategorized events, and custom log source extensions.
- work with the irt team to remediate offenses, tune rules for false positives, and create new rules.
- creation and management of reference sets and outside threat intel sources.
- onboard new log sources and assign log sources to the correct group.
- dashboard creation for monitoring environment.
- report creation and maintenance.
- maintain all components of a distributed qradar infrastructure and deployment servers.
provide overall management of the qradar platform deployment, configuration, and maintenance across various unix and windows platforms.
*_professional attributes:_*
- previous qradar administration or development (dsm/parser development) experience: at least 2 years of qradar experience is required.
- create, modify, and tune the siem rules to adjust the specifications of alerts and incidents.
- work with customer-designated personnel to provide continual correlation rule tuning, incident classification, and prioritization recommendations.
- report query adjustments, dashboard creation, system maintenance, and other siem configuration activities.
- familiarity with working in the red hat enterprise linux operating system.
- custom event mapping for unknown events, miscategorized events, and custom log source extensions.
- work with the irt team to remediate offenses, tune rules for false positives, and create new rules.
- creation and management of reference sets and outside threat intel sources.
- onboard new log sources and assign log sources to the correct group.
- dashboard creation for monitoring environment.
- report creation and maintenance.
- maintain all components of a distributed qradar infrastructure and deployment servers.
provide overall management of the qradar platform deployment, configuration, and maintenance across various unix and windows platforms.
- *english level: advanced*
- actividades:
- responsible for the design & implementation of siem platform(s).
- responsible for the integration of various log sources with siem.
- responsible for custom log source integrations with siem.
- responsible for creation/modification of security use case (rule triggers) in siem by understanding the customer infra setup and customer needs.
- responsible for the creation/modification of reports (automated & custom).
- responsible for working with respective stakeholders to on-board or troubleshoot the broken log sources if any.
- responsible for custom property creation.
- responsible for wincollect installation & management.
- responsible for apps installation & apphost management.
- deseable:
- beneficios:
- 100% nómina
- vales de despensa
- aguinaldo (30 días)
- fondo de ahorro
- 5 días flotantes
- sgmm
- sgmm
- seguro de vida
- ptu
- capacitación