Introduction
In this role you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
In this role you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
Your role and responsibilities
- We are seeking an experienced QRadar Incident Forensic Specialist to manage the deployment configuration and day-to-day operations of the QRadar SIEM platform while supporting incident response and forensic investigations.
- The ideal candidate will play a critical role in enhancing security monitoring investigating incidents and ensuring seamless SIEM operations.
- This role requires a blend of expertise in QRadar deployment incident handling and forensic analysis to improve the organizationโs security posture Plan design and deploy QRadar SIEM environments including Incident forensic ensuring proper integration with network devices servers and applications
Required education
Bachelor's Degree
Preferred education
Master's Degree
Required technical and professional expertise
- Develop and maintain documentation including deployment guides SOPs. Generate forensic reports and compliance dashboards for internal stakeholders and external audits. Proactively identify gaps in threat detection capabilities and recommend enhancements.
- Implement updates patches and upgrades to maintain system reliability and performance. Optimize architecture and storage allocation to ensure scalability and efficiency. Hands-on experience with QRadar architecture deployment and administration.
- Strong knowledge in Linux unix redhat OS. Strong knowledge in TCP/IP & networking. Proven track record in incident handling forensic investigations and log analysis. Expertise in QRadar features such as AQL queries rule creation offense management and dashboards. Proficiency in forensic tools and methodologies for log analysis and evidence gathering
Preferred technical and professional experience
- Support threat hunting activities by leveraging anomaly detection and root cause analysis. Research and implement emerging QRadar features integrations and third-party tools to enhance functionality. Perform daily health checks ensure system availability and resolve performance bottlenecks.
- Use the tools in IBM QRadar Incident Forensics in specific scenarios in the different types of investigations such as network security insider analysis fraud and abuse and evidence-gathering. Investigate security incidents by analyzing logs offenses and related data within QRadar.
- Manage and troubleshoot log ingestion data flow and parsing issues across multiple data sources. Extract and analyze digital evidence to support forensic investigations and incident response. Reconstruct attack scenarios and provide root cause analysis for post-incident reviews