QRadar SIEM Consultant
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Job Title: QRadar SIEM Consultant
Location: Qatar
Job Type: Full-Time
Experience Required: Minimum 5+ years in IBM QRadar SIEM implementation, integration, administration, and support
Job Summary
We are looking for an expert-level IBM QRadar SIEM Consultant to lead the deployment, configuration, and optimization of QRadar environments. You will collaborate with enterprise clients to implement advanced threat detection capabilities, integrate log sources, and support daily SIEM operations while aligning with compliance and industry standards.
Key Responsibilities
Location: Qatar
Job Type: Full-Time
Experience Required: Minimum 5+ years in IBM QRadar SIEM implementation, integration, administration, and support
Job Summary
We are looking for an expert-level IBM QRadar SIEM Consultant to lead the deployment, configuration, and optimization of QRadar environments. You will collaborate with enterprise clients to implement advanced threat detection capabilities, integrate log sources, and support daily SIEM operations while aligning with compliance and industry standards.
Key Responsibilities
- QRadar Implementation & Deployment
- Architect QRadar deployments including distributed models (EC, EP, FC).
- Execute fresh installs, HA setup, and data node configurations.
- Design and maintain custom DSMs/parsers using regex and LSPC.
- Integrate logs from EDR, firewalls, IDS/IPS, WAF, proxies, AD/LDAP, and cloud (AWS, Azure, GCP).
- Configure threat intelligence feeds (STIX/TAXII) and map to MITRE ATT&CK.
- Log Management & Data Onboarding
- Determine log source requirements per compliance (PCI-DSS, NIST, ISO 27001, etc.).
- Define retention, EPS/FPS optimization, and onboarding via syslog, TLS, JDBC, and API connectors.
- Normalize and tag logs using custom properties.
- Correlation & Use Case Development
- Create correlation rules using CRE and AQL logic.
- Build MITRE ATT&CK-aligned use case libraries.
- Simulate attacks to test detection and reduce false positives with tuning strategies.
- Offense & Alert Management
- Fine-tune rules and offense prioritization.
- Automate offense assignment and integrate with SOAR tools (IBM Resilient, ServiceNow, TheHive).
- Develop dashboards and KPI-based SOC reports.
- Reporting & Compliance
- Build executive/technical dashboards and compliance-aligned reports (SOC2, HIPAA, GDPR).
- Automate report scheduling and log archiving.
- System Administration
- Monitor performance (ECS logs, Ariel DB, notifications).
- Manage patching, upgrades, and configuration backups.
- Apply storage optimization policies and license renewals.
- Troubleshooting & Support
- Resolve issues related to ECS, Ariel DB, log failures, rule engine, etc.
- Liaise with IBM for PMRs and fixes; conduct RCAs and create KB articles.
- Documentation & Client Engagement
- Lead technical workshops and requirement sessions.
- Prepare HLDs, LLDs, implementation runbooks, SOPs.
- Conduct client training and knowledge transfer (KT) sessions.
- Bachelor’s or Master’s in Computer Science, Information Security, or related fields.
- IBM Certified Deployment Professional – QRadar SIEM (Mandatory).
- 5+ years of implementation/support experience with QRadar.
- Strong understanding of TCP/IP, Windows/Linux systems, and enterprise security products.
- Expertise in QRadar components (ECS, AQL, CRE, DSM, QFlow, QRadar Network Insights).
- Deep knowledge of threat detection, SOC operations, and incident response workflows.
- Familiarity with DevSecOps, Agile, and ITIL environments.
- Scripting: Python, Bash, or PowerShell (for parser customization and automation).Desirable Skills
- QRadar SOAR, UBA, and QROC experience.
- Familiarity with QRadar Apps (Threat Intelligence, Log Source Management, Pulse, etc.).
- Exposure to QRadar on Cloud and hybrid log management.
- Understanding of SIEM migration projects (e.g., Splunk to QRadar).
Post Date
2025-05-12
Job Type
REMOTE
Employment type
Full-time
Category
Consulting, Information Technology, , Sales
Level
Mid-Senior
Country
Qatar
Industry
IT Services , IT Consulting ,
*******