Job Summary
We are seeking a skilled
QRadar Threat Hunter to proactively detect, investigate, and respond to cybersecurity threats. The ideal candidate will leverage IBM QRadar SIEM, threat intelligence, and advanced analytics to uncover threats before they impact business operations. This role requires deep technical expertise, analytical thinking, and experience in security monitoring and incident response.
Key Responsibilities
- Conduct proactive threat hunting using IBM QRadar SIEM, including rules, use cases, and correlation searches.
- Analyse security events, logs, and alerts from multiple sources (endpoints, networks, cloud, applications).
- Investigate and respond to potential threats, anomalies, and suspicious behaviours.
- Develop and tune SIEM use cases, correlation rules, and dashboards for improved threat detection.
- Perform threat intelligence integration, enrichment, and analysis to support detection efforts.
- Collaborate with SOC, Incident Response, Platform Support, Network, and Infrastructure teams to contain and remediate threats.
- Conduct root cause analysis and provide post-incident threat reports.
- Maintain documentation for security monitoring, detection rules, and threat hunting methodologies.
- Keep abreast of the latest cyber threats, tactics, techniques, and procedures (TTPs).
- Participate in security assessments, red/blue team exercises, and simulation of advanced attacks.
Required Skills & Qualifications
- Hands-on experience with IBM QRadar SIEM (log sources, rules, dashboards, offense management).
- Strong knowledge of cybersecurity concepts, frameworks, and threat landscape.
- Experience with network protocols, endpoints, logs, cloud platforms, and security technologies (firewalls, IDS/IPS, EDR, vulnerability management).
- Proficiency in log analysis, security event correlation, and forensic investigation.
- Familiarity with threat intelligence platforms and OSINT.
- Strong analytical and problem-solving skills with attention to detail.
- Knowledge of scripting languages (Python, PowerShell, or Bash) is a plus.
- Understanding of MITRE ATT&CK framework, TTPs, and SOC operations.
- Strong communication skills and ability to write clear incident reports.
Education & Experience
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field.
- 3–5 years of experience in cybersecurity, SOC operations, or threat hunting.
- Hands-on experience in threat hunting, incident detection, and response.
- Certifications preferred:
- IBM QRadar Certified Administrator / SIEM Professional
- Certified Ethical Hacker (CEH)
- GIAC Certified Incident Handler (GCIH)
- CompTIA Cybersecurity Analyst (CySA+)
Preferred Attributes
- Strong investigative mindset and curiosity to hunt for unknown threats.
- Ability to work independently and as part of a collaborative SOC team.
- Up-to-date with the latest threat trends, malware, APT techniques, and attack vectors.
- Detail-oriented with excellent organizational and documentation skills.
