Job Description
An employer is looking for a Sr. QRadar SIEM Engineer for a remote, contract-to-hire opportunity. The client is an enterprise grocery store chain and the Sr. SIEM Engineer will be joining the Threat Operations team. This team includes threat intelligence, threat hunting, insider risk, and detection engineering. The team also oversees the SIEM, SOAR and TIP and protects the client by proactively identifying, researching and tracking threats and the people behind them.
Key Responsibilities:
Development of use cases, rules, log source, system maintenance and upgrades.
Provide mentorship and training to other technical staff members.
Configuring custom log sources for business applications, and management.
Engineering and administration of SIEM ticketing, and workflow.
Collaborate with internal and external teams on SIEM functional requirements: logging, event collection, normalization, correlation, storage, system access, reporting, and customization.
Coordinate change management processes for testing and validating systems to production.
Ability to review log sources, alerts, and integrations for auditing.
On-Call for major incidents and outages.
Required Skills & Experience
4+ years' related work experience
2+ years' technical architecture experience with IBM QRadar SIEM solution deployment, configuration and administration
Experienced with multiple security concepts and methods, such as:
Vulnerability assessments
Data classification
Privacy assessments
Incident response
Security policy creation
Enterprise security strategies, architectures and governance
Strong understanding of networking (TCP/IP, OSI model), operating system fundamentals (Windows, Linux) and security technologies (endpoint security, DLP, firewalls, IDS/IPS, etc.)
Understanding/experience with application programming/scripting languages (Python, Java, Perl, Shell) as well as Regular Expressions
Understanding of various security frameworks and/or methodologies (MITRE ATT&CK, NIST, etc.)
Strong interpersonal skills/able to work both independently and in a team environment
Nice to Have Skills & Experience
Experience with large enterprise architecture and working as part of a cross-functional team to implement solutions
Additional experience with SOAR solutions and playbooks
Experience with multiple cloud-based service architecture
Understanding of regulatory requirements and compliance issues affecting clients related to privacy and data protection, such as PCI DSS, HIPPA, GDPR, etc.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.