Deloitte Hiring for RA-D&R-DM-SIEM Admin (UNI) at Bengaluru, Karnataka Full Time

Entity:
What impact will you make?

Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration, and high performance. As the undisputed leader in professional services, Deloitte is where you’ll find unrivalled opportunities to succeed and realize your full potential.

The Team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks.

Job Description

Preferred Knowledge

You will be responsible for managing and maintaining the IBM QRadar Security Information and Event Management (SIEM) platform. Your primary role will involve deploying, configuring, and optimizing the QRadar system to ensure effective security monitoring, event correlation, and threat detection within the organization’s infrastructure. You will collaborate with security analysts, network engineers, and other IT teams to implement and maintain a robust security infrastructure.

Roles & Responsibilities

Deployment and Configuration:
Install and configure QRadar components, including data sources, event processors, flow processors, and console.

Design and implement the necessary integrations with various network devices, systems, and applications to collect security logs and events.

Develop and maintain deployment best practices and standards for QRadar implementation.

System Administration:
Monitor the health and performance of the QRadar system, including log ingestion, event processing, and storage capacity.

Perform regular system maintenance tasks such as applying patches, upgrades, and backups.

Troubleshoot and resolve technical issues related to QRadar operation and functionality.

Optimize system performance by tuning rule sets, event processing, and data retention policies.

Security Monitoring and Incident Response:
Configure and manage QRadar rules, alerts, and correlations to identify and respond to security incidents effectively.

Investigate security events and anomalies and collaborate with the security team to perform incident analysis and response.

Conduct regular reviews of security logs, reports, and dashboards to identify potential threats and vulnerabilities.

Develop and maintain incident response playbooks and procedures.

Integration and Collaboration:
Collaborate with network and system administrators to ensure effective data source integration and log collection.

Work closely with the security operations team to integrate QRadar with other security tools and platforms, such as vulnerability scanners, intrusion detection systems (IDS), and threat intelligence feeds.

Provide technical guidance and support to security analysts and other stakeholders on QRadar-related queries and issues.

Documentation and Training:
Create and maintain technical documentation, including system architecture, configurations, and operational procedures.

Conduct training sessions and knowledge sharing activities to educate users and stakeholders on QRadar functionality and best practices.

Required

Professional Experience

Hands-on experience working with

Proven experience as a QRadar Admin or similar role, with hands-on experience in implementing and managing QRadar SIEM.

Strong understanding of network and system security principles, log management, event correlation, and threat detection.

Proficient in QRadar deployment, configuration, and administration, including log source management, rule creation, and report customization.

Familiarity with various network and security technologies, protocols, and tools (firewalls, IDS/IPS, VPN, antivirus, etc.).

Experience with scripting languages (such as Python, PowerShell) and programming concepts is a plus.

Preferred

Educational Qualification

Bachelor’s/Master’s Degree

Certifications

Relevant certifications such as IBM Certified Associate Administrator – QRadar SIEM V7.3.x or higher are desirable.