ROLE SUMMARY
The role will be to work with the transformation / Group CIO projects that have security logging and monitoring requirements, looking at alignment to the logging and monitoring tech spec. Please note this role falls inside IR35 and will be offered on a contract basis of 6 months +
RESPONSIBILITIES
- Onboarding / log management activity
- QRadar Expertise to enable tuning of log sources, ensuring that we only ingest and process events interest (QIDs)
- Support the QRadar redesign and optimisation to ensure sure we utilise the QRadar Data Store more effectively
- QRadar App support
- Understand the value and benefit of QRadar Apps
- Support deployment of apps to the QRadar estate
- Use Case Definition
- Understanding of QRadar use case and alerting : BB (Building Block) / Alerts / Use Case
- Work with the client's Threat Hunting / GSOC / Incident Management team to drive use activity and support
- Mapping to Mitre Att&ck framework
SKILLS REQUIRED
- Previous experience in a similar role
- Previous experience tuning, logging, use case and industry standards experience
- Knowledge and ability to communicate with the IBM team in appropriate QRadar terms