Senior Specialist

Actively Reviewing the Applications

SISA

India, Karnataka, Bengaluru Full-Time On-site INR 50–75 LPA

Posted 3 weeks ago • Apply by May 27, 2026

Job Description

Role Objective

The QRadar Administrator – Senior Engineer is a design and architecture-focused role, responsible for building, scaling, and integrating QRadar SIEM into the broader enterprise or MSSP environment.

This role defines how the platform evolves — from onboarding new data sources to developing correlation rules and integrating with SOAR and threat intelligence systems.

Roles And Responsibilities

Architecture & Deployment

Design, implement, and optimize QRadar architecture across on-prem, cloud, and hybrid environments.
Plan and execute new deployments, expansions, and clustering based on business growth and data volume.
Lead log source onboarding strategy — including DSM mapping, parsing customization, and new integrations.
Develop custom DSMs, property extractions, and event categories for unsupported sources.
Implement and manage data retention, storage scaling, and license optimization strategies.

Engineering & Integration

Build and fine-tune correlation rules, building blocks, and reference sets to enhance detection accuracy.
Develop custom dashboards, reports, and analytics for SOC and compliance requirements.
Integrate QRadar with SOAR platforms (IBM Resilient, ServiceNow, Splunk Phantom) to automate alert triage and response.
Leverage APIs, scripts, and integrations to connect QRadar with other tools — EDRs, vulnerability scanners, CMDBs.
Collaborate with detection engineering teams to align use cases with MITRE ATT&CK mapping.

Optimization & Leadership

Conduct performance tuning and EPS optimization for large or multi-tenant environments.
Lead architecture review sessions and advise on best practices for scaling and hardening.
Prepare high-level and low-level design documents, data flow diagrams, and deployment guides.
Mentor platform and support engineers on architecture, onboarding workflows, and parser design.
Participate in proof-of-concept (PoC) initiatives for new integrations and technologies.

Mandatory Skills Required

Proven experience in end-to-end QRadar architecture design, deployment, and configuration.
Expertise in DSM customization, parser development, and event normalization.
Deep understanding of QRadar correlation rules, building blocks, and reference sets.
Proficiency in Linux administration, networking protocols, and security event analysis.
Hands-on experience with SOAR integration and automation scripting (Python/Bash/REST API).
Knowledge of compliance frameworks (ISO 27001, PCI DSS, NIST) and reporting automation.

Educational Requirements

Bachelor’s or Master’s degree in Information Security, Computer Science, or related field.
MBA or specialization in Security Architecture or IT Infrastructure (preferred).

Certifications (Mandatory / Preferred)

IBM Certified Administrator – QRadar SIEM (mandatory).
IBM SOAR (Resilient) Certified Engineer (preferred).
CISSP / CISM / CEH / CySA+ or equivalent cybersecurity certification (preferred).
Cloud platform certifications (AWS/Azure/GCP) (advantage)