Qradar Suite

Introduction

Your Role and Responsibilities

This is an opportunity to work with the delivery of professional services for world leading security platform of IBM QRadar Suite. Be part of a dynamic team delivering professional services to IBM customers. Great opportunity for growth and constantly interesting sets of challenges to solve. IBM Technology Expert Labs Security team thrives on working in dynamic customer facing environments, each offering compelling challenges and exciting opportunities to make a difference.

The consultant will be expected to lead all phases of QRadar Suite design, consultancy and implementation engagements.
- Experience working with QRadar Suite System Architecture and Components
- Planning the deployment of IBM Security QRadar Suite Solutions based on best practices
- Integrating QRadar Suite with customer operations including log sources, VA scanners, cloud apps, network management and ticketing systems
- Assisting customers in building key use-cases, operational processes with QRadar Suite ecosystem
- Configuring and troubleshooting QRadar Suite to deliver optimal performance in high volume enterprise customer environments
- Tuning rules, false positive, root cause analysis
- Integrating solution with various systems for Incident enrichment
- Creating custom playbooks. Tuning existing playbooks
- Experience with Python, REST APIs

Security Practice and Delivery:

- Participate in client meetings to gather and validate market requirements
- Lead clients in requirements gathering, system definition and documentation.
- Participate in project delivery to varying degrees depending on project complexity and geography needs
- Establish demonstrated client relationships in key accounts to help progress the IBM Security Services portfolio
- Achieve billable utilisation targets as assigned

Individual must have a strong interest and expertise in Security in general with preference for threat detection and response. A qualified individual would be familiar with industry blogs, key publications in the field of security and would have full awareness of any recent significant security events.

Required Technical and Professional Expertise
- At Least 3 years experience required in Threat Management and Response technologies.
- At Least 3 years experience required in IBM QRadar Suite solution architecture, implementation and Upgrade
- Proficient in writing QRadar content creation (Custom rules, regular expressions etc.)
- Demonstrate experience in administration of operating systems (Linux)
- Broad knowledge of security technologies, processes and strategies - SIEM, Cloud, IDS, IPS, and Endpoint technologies
- Good Understanding of Information Security compliance regulations, frameworks, requirements (PCI, SOX, HIPPA)
- Hands on Knowledge of Scripting (Python, Bash, Perl)
- Understanding of MITRE ATT&CK Framework
- Experience of working across diverse teams to facilitate solutions on large projects Understanding of Security Operations in a SOC environment

Preferred Technical and Professional Expertise
- Linux Certification
- Understanding of Redhat OpenShift technology
- Understanding of AWS/IBM Cloud/Azure/Google cloud environments

About Business UnitIBM has a global presence, operating in more than 175 countries with a broad-based geographic distribution of revenue. The company’s Global Markets organization is a strategic sales business unit that manages IBM’s global footprint, working closely with dedicated country-based operating units to serve clients locally. These country teams have client relationship managers who lead integrated teams of consultants, solution specialists and delivery professionals to enable clients’ growth and innovation. By complementing local expertise with global experience and digital capabilities, IBM builds deep and broad-based client relationships. This local management focus fosters speed in supporting clients, addressing new markets and making investments in emerging opportunities. Additionally, the Global Markets organization serves clients with expertise in their industry as well as through the products and services that IBM and partners supply. IBM is also expanding its reach to new and existing clients through digital marketplaces.

Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to m