Soc Siem/Tools Lead

Fecha de publicación: 09 Junio ****
- Lugar:
- Hybrid (Guadalajara)
- Skills:
**_ Technical Experience:_**
- Custom Event Mapping for unknown events, miscategorized events, and custom log source extensions.
- Work with the IRT team to remediate offenses, tune rules for false positives, and create new rules.
- Creation and management of reference sets and outside threat intel sources.
- Onboard new log sources and assign log sources to the correct group.
- Dashboard creation for monitoring environment.
- Report creation and maintenance.
- Maintain all components of a distributed QRadar infrastructure and deployment servers.
Provide overall management of the QRadar platform deployment, configuration, and maintenance across various UNIX and Windows platforms.
**_Professional Attributes:_**
- Previous QRadar administration or development (DSM/parser development) experience: At least 2 years of QRadar experience is required.
- C...