Siem Admin

**Responsibilities**:
SIEM admin engineer should have experience with the following:

- SIEM Administration (preferable IBM Q-Radar SIEM solution)
- SIEM Installation and configuration of additional components if needed
- Adding Log sources to SIEM and developing custom integrations
- Monitoring Activities
- Use Case Development
- Develop Threat hunting SIEM rules for extended visibility
- Mapping Use Cases to different regulation frameworks such as MITRE, NIST 800-53, CBE
- Tuning SIEM rules to minimize false positives
- Troubleshooting SIEM and following up on Tickets with support
- Engagement in SIEM upgrades and Enhancements
- Understand customer requirements for SOC service and able to position the offering.
- Ability to work independently with little or no supervision and result oriented.
- Able to execute instructions and to request clarification when needed.
- Able to exhibit ability to be sensitive to the needs, concerns, and feeling of others.
- Able to interact effectively with all levels of management.
- Working knowledge of Networking concepts (firewalls, DNS, IP addressing, SSL/TLS and certificates).
- Security Solutions integration (Including FWs, EDR, SOAR, TIP, etc) with SIEM solution.
- Identify integration capabilities and best practices for each product.
- **Job **Qualifications**:
- Bachelors Degree in Computer Science, Cyber Security, Information Systems or Business Administration.
- Excellent written, verbal communication skills, ability to effectively coordinate multiple priorities in a dynamic environment, strong analytical and negotiating skills & excellent organization and interpersonal skills required
- SIEM solution administration (Preferable IBM Q-Radar ).
- Security software countermeasures
- Persuasive with details and facts
- Ability to work both independently as well as part of a geographically dispersed integrated team
- Ability to balance multiple priorities in a fast-paced, highly collaborative, frequently changing, and sometimes ambiguous environment
- Knowledge of how to use network management tools and packet captures to resolve operational issues
- Expert knowledge in the following technologies:

- Microsoft Active Directory Services
- TCP/IP Based Networking Principles
- Microsoft / Linux Operating Systems
- Firewalls and Perimeter Security
- Proxies and Load Balancers
- Intrusion Detection and Prevention Systems (IDS/IPS)