SIEM |SOAR | TIP Security Engineer | Admin

Job Description

Job Title: SIEM/SOAR/TIP Security Engineer/Admin Function: Operations Service Lead, Reporting to: Security Operations Manager, Coverage: 8x5 Description: The Administration function is responsible for leading the staging, implementation, deployment, management and tuning of the QRADAR SIEM, SOAR and TIP Platforms, as well as log sources and contextual enrichment data integration with coordination with CSC teams.Responsibilities: Integrate new security solution/devices into the CSC environment Configuration, management, performance & capacity monitoring and tuning of TIP, SIEM and SOAR platforms Deploy and tune SIEM Use Cases and Rules and tune SOAR integrations and playbooks Manage SIEM log sources on-boarding, deployment, configuration & troubleshooting Verify data collection and log continuity and act to solve any log continuity problem Verify time synchronization among CSC technology components Provide problem determination / problem source identification for the CSC platforms Open support tickets to CSC technology vendors when required and ensure support issues are resolved. Work closely with the Customer Security Operations Center (SOC) and Security Engineering teams to improve existing automation and deliver resilient security solutions. Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies. Create queries, dashboards, and visualizations to support customer requirements and monitoring of the SIEM deployment. Perform day-to-day maintenance, and specific scheduled maintenance activities that result from manufacturers recommended service intervals, alerts, bulletins, available patches, and updates according to agency-approved change management processes. This includes maintaining updated documentation, change logs, and service bulletin libraries for all supported equipment and software in the environment. Onboarding log sources and data sources, developing new and custom parses, and designing SIEM architecture reviews. Assist in Pre-sales activities and provide technical support for the sales team and respond to all technical queries from customers. Provide informal knowledge training on technical topics or related deliverables. Qualification: Experience creating and fine-tuning SIEM content such as correlation rules, reports, dashboards, filters, channels, and integrating threat intelligence to improve accuracy and visibility to potential threats and alerts. Strong experience of the QRADAR SIEM, TIP and SOAR platforms along with various security technologies and IT infrastructure Experience in configuration management and automation systems. Experience with both traditional RDBMS such as MySQL as well as NoSQL systems Experience with virtual environments and containers Knowledge of systems metrics and performance monitoring Strong Linux and Windows knowledge Strong analytical, troubleshooting and problem-solving skills Experience: 7 to 10 Years Overall 5 to 7 Year in QRADAR SIEM/SOAR platforms

Keyskills :
Siem Security Engineer Qradar Security Operations Center Soc SOAR

About Company

GPA was established in 2013 in Qatar as a service providing solutions in the area of renewable energy. Gradually with time, we have ventured into different segments/industries and have provided the best solutions and support required for our clients/customers.

We have an excellent track record of maintaining relationships based on excellent service and providing the best resources across different industries/fields.

We also have vast experience and skillset in the IT System integrator sector, specializing in Application, Infrastructure, Cloud, and transformational projects.

GPA is lead and managed by a team of professionals having rich and diverse experience across various industry verticals.