Senior Specialist

Role Objective

The QRadar Platform Support – Junior Engineer plays a critical role in maintaining the stability, availability, and performance of the IBM QRadar SIEM infrastructure. This role focuses on day-to-day platform operations, log source integration, and first-level troubleshooting, ensuring that SOC operations receive clean, normalized, and continuous telemetry for monitoring and detection.

Roles And Responsibilities

Operational Support

• Monitor and maintain the health of QRadar components (Console, Event Processors, Event Collectors, Flow Processors).
• Perform daily checks for EPS rate, storage utilization, and system performance metrics.
• Execute routine administrative tasks: user account creation, RBAC management, and scheduled backup verification.
• Generate scheduled operational and health reports for internal SOC and platform performance reviews.
• Respond to platform-related alerts, performing initial triage and escalating as needed.
  
  

Technical Responsibilities

• Assist in log source onboarding, testing syslog/API connectivity, and validating DSM mapping.
• Support DSM customization and log parsing validation for new or non-standard sources.
• Review parsing errors and collaborate with senior engineers to correct event categorization issues.
• Help with QRadar patch management, upgrade testing, and version validation under supervision.
• Participate in correlation rule testing, dashboard tuning, and offense verification for rule effectiveness.
• Document configuration changes, SOP updates, and recurring issue resolutions.
  
  

Process and Collaboration

• Work closely with SOC analysts, platform teams, and incident responders to ensure event integrity.
• Follow change management and incident escalation protocols.
• Maintain compliance with security standards for log retention and access control.
• Participate in internal reviews, root cause analysis sessions, and continuous improvement initiatives.
  
  

Mandatory Skills Required

• Foundational understanding of QRadar SIEM architecture (Console, EC, EP, Flow Collector).
• Familiarity with Linux administration, networking fundamentals, and event logging protocols (Syslog, SNMP, WinCollect, API).
• Awareness of SIEM correlation logic, event normalization, and DSM parsing basics.
• Hands-on experience in log analysis, data ingestion validation, and dashboard usage.
• Scripting knowledge (Bash, Python) for automation or health-check reporting.
• Exposure to incident response or SOC operations (preferred).
  
  

Educational Requirements

• Bachelor's degree in Computer Science, Information Technology, or Cybersecurity.
• Postgraduate diploma or coursework in Information Security / Network Security preferred.
  
  

Certifications (Mandatory / Preferred)

• IBM QRadar Foundation or Associate Certification (preferred).
• CompTIA Security+ / CEH or equivalent foundational cybersecurity certification