Job ID: MI-94600 (914091026)4P
Local QRadar Admin/Security Analyst with SIEM, PKI, syslog/jdbc/LEA experience
Skils:
Location: Lansing MI (DTMB)
Duration: 12 months
Remote or On-site? Local candidates or willing to relocate at the candidate’s expense. Candidates MUST work hybrid on-site 2 days a week.
Top Skills Required:
-Must have extensive and recent experience managing QRadar SIEM on premises platform collection protocols, such as syslog, jdbc, LEA etc
-Must have great communication skills. This person will be communicating with the end client, not just their internal team. Soft skills are huge.
Recent experience with various QRadar SIEM on premises platform collection protocols, such as syslog, jdbc, LEA
etc.
Has a firm grasp of network security fundamentals
Extensive experience with QRadar SIEM on premises platform management, tuning, parsing and configurations
Has a solid understanding of TCP/IP, the OSI Model and Underlying Protocols
Advanced Unix administrative skills
Considers themselves highly proficient with QRadar SIEM on premises platform
Has recent experience with advanced AQL and QRadar API
Has Strong Regex skills
Is English fluent (written and verbal)
Has strong attention to detail
Required Qualifications
Experience within the last 24 months on IBM QRadar for on premises system management
Solid communication skills and ability to interact with clients
Resource Tasks:
Deploy and manage QRadar SIEM on premises platform systems
Configure user accounts and authentication
Configure QRadar data retention
Configure and troubleshoot network and security devices, various operating systems, and database services to
bring data to QRadar
•
Manage network hierarchy
Define and configure log and flow data sources.
SIEM administrator (IT Security Auditor) must have recent QRadar (on-site installation) experience relating to product
functionality and security policies. They will plan, install, configure, implement, deploy, migrate, tune, and troubleshoot
the QRadar SIEM on premises platform. (89 devices).
The resource is responsible for the State of Michigan’s enterprise QRadar SIEM on premises platform and logging
environments. They will work with the engineering teams to setup new clients in existing QRadar SIEM on premises
platform systems or setting up new QRadar SIEM on premises platform systems. The resource would also work with the
SIEM monitoring team to provide training, feedback, and assistance, including AQL query and search support, therefore
cybersecurity analysis skills are required. The resource must have strong communication skills as they are heavily
involved with client onboarding and process development, reporting, and status and performance meetings.