Apply Now    

QRadar Correlation Architect

  • Country:US
  • State:TX
  • City:DALLAS
  • Category:Architect
  • Required Education:High School Diploma/GED
  • Position Type:Professional
  • Employment Type:Full-Time
  • Contract Type:Regular
  • Req ID:121124BR
View Full Description
Job Description
The role of QRadar Correlation Architect for the Cloud SOC will be an integral pivot point for directing the current and ongoing architecture and implementation of the SEIM capabilities across all Cloud Business Unit properties. The QRadar Correlation Architect will work closely with multiple teams and executive representatives from these teams as well as engineers and architects for their respective technologies and business lines to enable security identification of key events and incidents through the SEIM architecture.

Key Responsibilities
  • Architect SEIM solution for IaaS and participate in architecting SEIM solutioning for PaaS and SaaS in the Cloud Business Unit.
  • Conduct correlation engine tuning and troubleshooting for all SEIM consoles to support all Cloud SOC missions.
  • Provide recommendations for stability, uptime, Business continuity, performance optimization and automation for all SEIM consoles and EPS for Cloud SOC missions.
  • Respond to Architecture and Engineering requests from all participant groups in the Cloud SOC mission requirements to improve of change SEIM usage.
  • Provide support to teams managing in process security incidents in real time where requested by management and incident handlers.
  • A prime candidate for this position will be passionate about IT Security. Have a strong networking and operating system background with a focus on system logging
  • features and theories.
  • Candidates should also have an interest and understanding of cloud theory and architecture with knowledge of virtualization and container computing.
  • Candidates should have a desire to continue to focus on SEIM long term.


SOCBM
CLDSFT5K

Required Technical and Professional Expertise

  • Cloud, virtualization, SEIM, logging and general security industry experience will be required to fill this role.
  • Minimum of 3 years managing large scale implementations of QRadar SEIM
  • Minimum of 5 years logging and alerting skills with either OS or device log handling.
  • Minimum of 3 years providing correlation rule implementation for SEIM engines.
  • Minimum of 3 years implementing business continuity (backup and storage of log sources, high availability implementation, etc...) activities for SEIM.


Preferred Tech and Prof Experience


Preferred Experience:
  • Minimum of 3 years providing correlation rule implementation for QRadar SEIM engines.
  • Minimum of 3 years managing large scale global implementations of QRadar SEIM.
  • Minimum of 3 years working as an integral part of Global security operations team.
  • Ability to operate at a high tempo.
  • Ability and preference to operate with autonomy.
  • Ability to change focus when needed, often multiple times within a work week.
  • An urge to take ownership of projects and drive the best-known solution into the discussions for the long-term goals of said projects.
  • Ability to make decisions based on risk, best practice and business need and clearly articulate the decision points.
Education:
  • BS in Computer Science, Engineering, or related field is preferred
Certifications:
  • Industry recognized network or cyber security certification is preferred


EO Statement
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Preferred Education: Bachelor's Degree Commissionable: No
Apply Now    
Link for schema

Share this job