Senior Specialist

SISA -
Bengaluru, Karnataka

Apply Now

Job details

Full-time

Qualifications

Azure
Computer Science
PCI
CISSP
Information security
Master's degree
Bash (Unix shell)
CEH
CISM
AWS
Bachelor's degree
NIST standards
Splunk
REST
Scripting
APIs
ServiceNow
ISO 27001
Linux
Cybersecurity
MBA
Python

Full job description

Role Objective

The QRadar Administrator – Senior Engineer is a design and architecture-focused role, responsible for building, scaling, and integrating QRadar SIEM into the broader enterprise or MSSP environment.

This role defines how the platform evolves — from onboarding new data sources to developing correlation rules and integrating with SOAR and threat intelligence systems.

Roles and Responsibilities

Architecture & Deployment

Design, implement, and optimize QRadar architecture across on-prem, cloud, and hybrid environments.
Plan and execute new deployments, expansions, and clustering based on business growth and data volume.
Lead log source onboarding strategy — including DSM mapping, parsing customization, and new integrations.
Develop custom DSMs, property extractions, and event categories for unsupported sources.
Implement and manage data retention, storage scaling, and license optimization strategies.

Engineering & Integration

Build and fine-tune correlation rules, building blocks, and reference sets to enhance detection accuracy.
Develop custom dashboards, reports, and analytics for SOC and compliance requirements.
Integrate QRadar with SOAR platforms (IBM Resilient, ServiceNow, Splunk Phantom) to automate alert triage and response.
Leverage APIs, scripts, and integrations to connect QRadar with other tools — EDRs, vulnerability scanners, CMDBs.
Collaborate with detection engineering teams to align use cases with MITRE ATT&CK mapping.

Optimization & Leadership

Conduct performance tuning and EPS optimization for large or multi-tenant environments.
Lead architecture review sessions and advise on best practices for scaling and hardening.
Prepare high-level and low-level design documents, data flow diagrams, and deployment guides.
Mentor platform and support engineers on architecture, onboarding workflows, and parser design.
Participate in proof-of-concept (PoC) initiatives for new integrations and technologies.

Mandatory Skills Required

Proven experience in end-to-end QRadar architecture design, deployment, and configuration.
Expertise in DSM customization, parser development, and event normalization.
Deep understanding of QRadar correlation rules, building blocks, and reference sets.
Proficiency in Linux administration, networking protocols, and security event analysis.
Hands-on experience with SOAR integration and automation scripting (Python/Bash/REST API).
Knowledge of compliance frameworks (ISO 27001, PCI DSS, NIST) and reporting automation.

Educational Requirements

Bachelor’s or Master’s degree in Information Security, Computer Science, or related field.
MBA or specialization in Security Architecture or IT Infrastructure (preferred).

Certifications (Mandatory / Preferred)

IBM Certified Administrator – QRadar SIEM (mandatory).
IBM SOAR (Resilient) Certified Engineer (preferred).
CISSP / CISM / CEH / CySA+ or equivalent cybersecurity certification (preferred).
Cloud platform certifications (AWS/Azure/GCP) (advantage)

Apply Now

Jobseeker tools

Employer Tools

Browse

Stay Connected