SIEM Consultant

LinkedIn ShareShare

Why i-confidential

i-confidential offers a range of information security consulting services.  We provide cost effective services to help our clients to clearly understand their information risks and develop their information and cyber security strategies.  We deliver practical, understandable solutions to protect information. Our client base is expanding, and our clients are asking for an increasingly diverse range of services.

The role will be to work with the transformation / Group CIO projects that have security logging and monitoring requirements, looking at alignment to the logging and monitoring tech spec to support the following:

Key Responsibilities:

  • Onboarding / log management activity
    • QRadar Expertise to enable tuning of log sources, ensuring that we only ingest and process events interest (QIDs)
    • Support the QRadar redesign and optimisation to ensure sure we utilise the QRadar Data Store more effectively
  • QRadar App support
    • Understand the value and benefit of QRadar Apps
    • Support deployment of apps to the QRadar estate
  • Use Case Definition
    • Understanding of QRadar use case and alerting : BB (Building Block) / Alerts / Use Case
    • Work with the client's Threat Hunting / GSOC / Incident Management team to drive use activity and support
    • Mapping to Mitre Att&ck framework

Skills Required:

  • Previous experience in a similar role
  • Previous experience tuning, logging, use case and industry standards experience
  • Knowledge and ability to communicate with the IBM team in appropriate QRadar terms

Please note this role falls inside IR35 and will be offered on a contract basis of 6 months  +

Contract
8 July 2021
SME
General SME
Daily Rate inside IR35