We’re searching for Security Analyst to assist our 24×7 managed security operations center. This role is in Onboarding Department, responsible for the strategic, technical, and operational direction of the Onboarding Team. This job description is not intended to be all inclusive; the employee will also perform other reasonably related business/job duties as assigned. SecurityHQ reserves the right to revise job duties and responsibilities as the need arises
• Qradar, DSM(Parsing), Event Collector deployment/upgradation.
• Troubleshooting skills at all layers of OSI Model.
• Onboard all standard devices to Qradar, such as Windows Security Events, Firewalls, Antivirus, Proxy etc.
• Onboard non-standard devices by researching the product and coordinating with different teams. Such as application onboarding or onboarding new security products.
• Deploying connectors and scripts for log collection for cloud-based solutions.
• Basic validation of parsing and normalization of logs before handing over to SOC team will be day to day Job.
• Coordinate between customer and internal teams for issues related to log collection.
• The engineer needs to make sure that various team have completed their tasks, such as log validation, Log Source Not Reporting (LSNR Automation), Content Management before the Log Source is in production.
• Troubleshooting API based log sources.
• Hands-on experience in Networking, troubleshooting and administration of SIEM tool
• Familiar with SIEM Administration, preferably Qradar
• Knowledge of Device Integration and Log collection
• Basics of Linux and Window Administration
• Knowledge of Regular Expression and basic understanding of scripting language, API
• Networking basics, practical understanding of how a typical network function
• Excellent in verbal and written communication