Siem/soc lead hybrid professional
we are seeking a highly skilled and experienced siem/soc lead to join our team. As a key member of our security operations team, you will be responsible for providing leadership and guidance on the development and implementation of our siem solution.
about the role
* create, modify, and tune siem rules to adjust alert and incident specifications.
* work with customer-designated personnel to provide continual correlation rule tuning, incident classification, and prioritization recommendations.
* report query adjustments, dashboard creation, system maintenance, and other siem configuration activities.
key skills and qualifications
* familiarity with working in red hat enterprise linux operating system.
* custom event mapping for unknown events, miscategorized events, and custom log source extensions.
* experience with qradar administration or development (dsm/parser development) is required.
benefits
we offer a competitive compensation package, opportunities for growth and development, and a collaborative work environment.
other responsibilities
* work with irt team to remediate offenses, tune rules for false positives, and create new rules.