-
View all jobs
Job Title: QRadar SIEM Consultant
Location: Qatar
Job Type: Full-Time
Experience Required: Minimum 5+ years in IBM QRadar SIEM implementation, integration, administration, and support
Job Summary
We are looking for an expert-level IBM QRadar SIEM Consultant to lead the deployment, configuration, and optimization of QRadar environments. You will collaborate with enterprise clients to implement advanced threat detection capabilities, integrate log sources, and support daily SIEM operations while aligning with compliance and industry standards.
Key Responsibilities
Location: Qatar
Job Type: Full-Time
Experience Required: Minimum 5+ years in IBM QRadar SIEM implementation, integration, administration, and support
Job Summary
We are looking for an expert-level IBM QRadar SIEM Consultant to lead the deployment, configuration, and optimization of QRadar environments. You will collaborate with enterprise clients to implement advanced threat detection capabilities, integrate log sources, and support daily SIEM operations while aligning with compliance and industry standards.
Key Responsibilities
- QRadar Implementation & Deployment
- Architect QRadar deployments including distributed models (EC, EP, FC).
- Execute fresh installs, HA setup, and data node configurations.
- Design and maintain custom DSMs/parsers using regex and LSPC.
- Integrate logs from EDR, firewalls, IDS/IPS, WAF, proxies, AD/LDAP, and cloud (AWS, Azure, GCP).
- Configure threat intelligence feeds (STIX/TAXII) and map to MITRE ATT&CK.
- Log Management & Data Onboarding
- Determine log source requirements per compliance (PCI-DSS, NIST, ISO 27001, etc.).
- Define retention, EPS/FPS optimization, and onboarding via syslog, TLS, JDBC, and API connectors.
- Normalize and tag logs using custom properties.
- Correlation & Use Case Development
- Create correlation rules using CRE and AQL logic.
- Build MITRE ATT&CK-aligned use case libraries.
- Simulate attacks to test detection and reduce false positives with tuning strategies.
- Offense & Alert Management
- Fine-tune rules and offense prioritization.
- Automate offense assignment and integrate with SOAR tools (IBM Resilient, ServiceNow, TheHive).
- Develop dashboards and KPI-based SOC reports.
- Reporting & Compliance
- Build executive/technical dashboards and compliance-aligned reports (SOC2, HIPAA, GDPR).
- Automate report scheduling and log archiving.
- System Administration
- Monitor performance (ECS logs, Ariel DB, notifications).
- Manage patching, upgrades, and configuration backups.
- Apply storage optimization policies and license renewals.
- Troubleshooting & Support
- Resolve issues related to ECS, Ariel DB, log failures, rule engine, etc.
- Liaise with IBM for PMRs and fixes; conduct RCAs and create KB articles.
- Documentation & Client Engagement
- Lead technical workshops and requirement sessions.
- Prepare HLDs, LLDs, implementation runbooks, SOPs.
- Conduct client training and knowledge transfer (KT) sessions.
- Bachelor’s or Master’s in Computer Science, Information Security, or related fields.
- IBM Certified Deployment Professional – QRadar SIEM (Mandatory).
- 5+ years of implementation/support experience with QRadar.
- Strong understanding of TCP/IP, Windows/Linux systems, and enterprise security products.
- Expertise in QRadar components (ECS, AQL, CRE, DSM, QFlow, QRadar Network Insights).
- Deep knowledge of threat detection, SOC operations, and incident response workflows.
- Familiarity with DevSecOps, Agile, and ITIL environments.
- Scripting: Python, Bash, or PowerShell (for parser customization and automation).Desirable Skills
- QRadar SOAR, UBA, and QROC experience.
- Familiarity with QRadar Apps (Threat Intelligence, Log Source Management, Pulse, etc.).
- Exposure to QRadar on Cloud and hybrid log management.
- Understanding of SIEM migration projects (e.g., Splunk to QRadar).
Key Skills
Ranked by relevance
qradar
siem
ecs
cloud
incident response
powershell
firewalls
storage
python
syslog
splunk
hipaa
bash
gdpr
nist
itil
aws
gcp
dss
ha
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Consultant - SOC Analysis L3
2026-05-24
Full-time
Not Applicable
Qatar
IT Services
Consulting
View Job Details
Related
Mobile Engineering Consultant (mid-level)
2026-05-28
Full-time
Entry
Germany
IT Services
Information Technology
Login to Apply
- Posted
- May 12, 2025
- Type
- Full-time
- Level
- Mid-Senior
- Location
- Doha
Industries
IT Services
IT Consulting
Categories
Consulting
Information Technology
Sales
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Consultant - SOC Analysis L3
2026-05-24
Full-time
Not Applicable
Qatar
IT Services
Consulting
View Job Details
Related
Mobile Engineering Consultant (mid-level)
2026-05-28
Full-time
Entry
Germany
IT Services
Information Technology