QRadar SIEM Consultant

• Experience with Network Security, Vulnerability Detection and Response, Network Administration, System Patching, and Forensic Investigation
• Experience collecting events from different instances of IBM QRadar log source types
• Experience working with IBM QRadar Device Support Modules (DSMs)
• Experience performing initial performance tuning, requirements gathering, hardware upgrades, resource optimization, Configuring CPU, memory, and disk partitions as required
• Experience performing system monitoring, verifying the integrity and availability of all hardware, server resources, systems and key processes, reviewing system and application logs, and verifying completion of scheduled jobs – such as backups
• Experience performing backup operations, ensuring all required file systems and system data are successfully backed up to the appropriate media, recovery tapes or disks are created, and media is recycled and sent off site as necessary
• Experience applying patches and upgrades of services as required, and upgrading administrative tools and utilities – configure and add new services as necessary
• Ability to evaluate threats, vulnerabilities, and risks while supporting real-time security monitoring operations
• Ability to configure and install IBM QRadar Incident Forensics (QIF) appliances for deployment
• Ability to create, change, and delete user accounts per request
• Ability to perform deep forensic analysis to aid in finding threats/suspicious activities
• Ability to conduct a high-level analysis of requirements documentation with respect to correctness, completeness, and consistency
• Ability to upgrade and configure system software that supports the customer’s infrastructure applications
• Ability to perform initial performance reporting to support capacity planning
• Must be well trained in implementing computer security controls related to government compliance of HIPPA, SOX, and NIST standards
• Must possess excellent interpersonal and communication skills
• Must be willing to travel 100% of project duration (if necessary)

Desired Skills
• Preferred that resource has prior experience with IBM QRadar, including implementation, customization of reports to fit the client’s requirements, tuning and filtering of false positives, patching and upgrading services, and the creation of rules to identify security breaches
• Preferred that resource currently holds either a CompTIA Security+ or CISSP Certification
• Additional preferred skills include Transmission Control Protocol/Internet Protocol (TCP/IP) fundamentals – such as Open Source Initiative (OSI) layers, UNIX routing protocols, and Windows/Unix-specific networking

To apply for this job email your details to chonly@onwireco.com