Login for faster access to the best deals. Click here if you don't have an account.

Security Consultant (QRADAR) Full-time Job

6 days ago Information Technology Pune   6 views
Job Details

We are looking for a Security Consultant (QRADAR) to work in our SOC Administration Team to perform the following duties:

a) Handle team of Security Analyst and Security Engineer.
b) Make sure the health of the SOC tools are always in green.
c) Make sure internal incident tickets and vendor tickets for SOC tools are resolved.
d) Setup and Configuration of SIEM
e) Onboarding of log sources.


  • Good knowledge of SIEM, SIEM Architecture, SIEM health check.
  • Deployment of SIEM in customer environment.
  • Audit the SIEM in the customer environment.
  • Troubleshoot issues regarding SIEM and other SOC tools.
  • Good verbal/written communication skills.
  • Build of use case for the customer.
  • Data archiving and backup and data purging configuration as per need and compliance.
  • Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc.
  • Helping L2 and L1 with required knowledge base details and basic documentations.
  • Co-ordination with L2 and SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation.
  • High ethics, ability to protect confidential information.
  • Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis.
  • Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure.
  • Update and maintain SOC knowledge base for new security incidents and docs.
  • Creation of daily status report sheet and submit to SOC manager for review.
  • Review advisories and make necessary detection measures.
  • Provide analysis and trending of security log data from a large number of security devices.
  • Troubleshooting non-reporting devices fix and maintain device status.
  • Working with OEM (Tool support) in a way to resolve the issue or incident raised.
  • Administration of Windows and Unix servers.
  • Building Parser for the SIEM using regex.

Essential Skills

  • Escalation point for L2 and Soc Monitor team.
  • Ability to drive call and summarizing it post discussion.
  • Handsome experience in SIEM administration and Event flow architecture and different types of logs generated by devices like Windows, Proxy, Network Devices, Database…etc.
  • Good Understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD).
  • Deep understanding on Windows, DB, Mail cluster, VM and Linux commands.
  • Knowledge of network protocols TCP/IP and ports.
  • Team Spirit and working ideas heading to resolution of issues.
  • Good verbal/written communication skills.

Additional Desired Skills

Quick response
Ready to work in 24×7 environments

Education Requirements & Experience

  • BE/B.Tech – CS/CSE or Equivalent trade, CCNA, Admin Analyst Certification.
  • System Security Certification.
  • CEH will be a plus.
  • Ground level experience with SOC Monitoring tasks and analytics and reporting.
  • SIEM administration Certificate
  • Experience Level: 4-6 Years.

Interested candidates Click on below link Apply Online and you will be redirected to Career Page of Company or Career url.

To help recruiter identify source of information
!!! Please carry printout of this page or mention Localwalkins.com on your resume !!!
Company Description
"SecurityHQ prides itself on its global reputation as an advanced Managed Security Service Provider, delivering superior engineering-led solutions to clients around the world. By combining dedicated security experts, cutting-edge technology and processes, clients receive an enterprise grade experience that ensures that all IT virtual assets, cloud, and traditional infrastructures, are protected."