IBM Security is focused on developing top talent and industry leading skills. IBM believes in career growth and flexibility.
Engage with the biggest companies, go up against the most sophisticated security challenges and connect with talented and creative minds. What makes security so exciting is that it's never static. Techniques that worked last year no longer work, which makes a role with IBM Security essential, fast paced and exciting.
IBM Security Business Unit in Nordic is looking for a SIEM Correlation Engineer to support a variety of exciting projects across all industry sectors. The SIEM Engineer role calls for a proven record in the industry with experience in one or more areas of SIEM Tools. The SIEM Engineer will act as subject matter expert in the area of SIEM and is responsible for hands on implementation of the QRadar SIEM solution.
The SIEM Engineer has following responsibilities:
creates, modifies and tunes the system rules to adjust the specifications of alerts and incidents.
creates scheduled reports, integration of the SIEM with multiple systems and on-boarding of the log sources,
ensures conversion and configuration of the use cases to SIEM rules.
performs maintenance and administration (software updates, troubleshoot issues etc.) of the SIEM components
contributes in reqiurement gathering, PoCs during sales process
The SIEM Engineer will work with customer's or IBM's designated personnel to provide continual correlation rule tuning, prioritization recommendations, report query adjustments, and various other configuration activities in order to help customer fully optimize the SIEM system capabilities.
Projects are based across the Nordic countries, often on client premises, so the ability and willingness to travel is an essential requirement.
Work placement: on of the Nordic countries. Ideally you are fluent in the language of the country in which you are located.
Are you our next Security colleague? Apply now with your CV and cover letter!
Required Technical and Professional Expertise
Has at least 4-5 years of experience in supporting security technologies of which 1-2 years of SIEM related experience
Has in depth knowledge of SIEM and its ability to integrate and absorb data form associated security technologies and it's role in a Security Operations Center.
Has in depth knowledge of TCP/IP communication and flow (netflow) technologies
Has demonstrated hands on experience on QRadar SIEM deployment, configuration and maintenance is highly desired.
Has experience of integrating the SIEM with other systems (Vulnerability scanner, AD, etc.)
Has experience of on-boarding of the log sources
Has experience and capability of translating business driven Use case to SIEM rules on the QRadar
Has knowledge to create High Level Design and Low Level Design for SIEM solutions
Has working knowledge of the Unix and Windows platforms
Preferred Tech and Prof Experience
SIEM (QRadar) certification is preferred
Experise in Security Operations Center environment covering people, process & technology components
Knowledge and work experience using ITIL
Good documentation, communication and presentation skills
Work experience in complying to regulatory requirements
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.