Browse
···
Log in / Register
Job Summary: We are seeking a QRadar expert to lead the defense of national critical infrastructure and serve as the technical reference for the IBM QRadar SIEM platform within the SOC. Key Highlights: 1. Lead the national-scale defense of critical infrastructure. 2. Serve as the technical reference for the IBM QRadar SIEM platform. 3. Deliver direct impact on security incident detection and response. Are you passionate about threat detection and ready to take your SIEM expertise to the next level? We are looking for someone who knows **QRadar** inside and out to lead the defense of national critical infrastructure. **What will be your challenge?** You will serve as the technical reference for the IBM QRadar SIEM platform within the SOC, directly impacting the detection and response capabilities of one of the country's largest companies. **Responsibilities:** * Administer, configure, and optimize QRadar SIEM in high-criticality production environments. * Design and fine-tune correlation rules, use cases, and offenses tailored to business needs. * Integrate new log sources and manage DSMs (Device Support Modules). * Monitor events in real time, triage alerts, and lead incident escalation. * Conduct forensic analysis and in-depth investigations using QRadar and complementary tools. * Manage platform retention policies, storage, and performance. * Collaborate closely with Infrastructure, Networking, and Development teams to integrate new technologies into the SIEM. * Build security dashboards and reports for both technical and executive audiences. * Drive SOC evolution: automation, SOAR, and continuous improvement. * Keep the QRadar platform updated and patched. **Required Experience:** * 3\+ years working with IBM QRadar: administration, tuning, and rule development. * Solid foundation in networking protocols (TCP/IP, DNS, HTTP/S, SMTP, etc.). * Experience analyzing logs from firewalls, IDS/IPS, endpoints, Active Directory, and web applications. * Proficient use of AQL (Ariel Query Language) for event investigation. **Bonus (and highly valued) if you have:** * IBM Certified Associate/Deployment Professional – QRadar SIEM certification. * Experience with other SIEM platforms: Splunk, Microsoft Sentinel, LogRhythm. * Knowledge of frameworks such as MITRE ATT\&CK, Cyber Kill Chain, or NIST. * Experience with SOAR tools (QRadar SOAR / Resilient, Phantom, etc.). * Scripting skills in Python or Bash to automate SOC tasks. * Background in threat intelligence and threat hunting. **Education:** * Engineering or Bachelor’s degree in Computer Science, Informatics, Telecommunications, or related field (or equivalent demonstrable experience). * Valued certifications: CompTIA Security\+, CEH, CISSP, IBM QRadar SIEM V7\.x. **Work Modality: Hybrid – CABA (Puerto Madero)
