Role Objective
The QRadar Platform Support – Junior Engineer plays a critical role in maintaining the stability, availability, and performance of the IBM QRadar SIEM infrastructure. This role focuses on day-to-day platform operations, log source integration, and first-level troubleshooting, ensuring that SOC operations receive clean, normalized, and continuous telemetry for monitoring and detection.
Roles and Responsibilities
Operational Support
Monitor and maintain the health of QRadar components (Console, Event Processors, Event Collectors, Flow Processors).
Perform daily checks for EPS rate, storage utilization, and system performance metrics.
Execute routine administrative tasks: user account creation, RBAC management, and scheduled backup verification.
Generate scheduled operational and health reports for internal SOC and platform performance reviews.
Respond to platform-related alerts, performing initial triage and escalating as needed.
Technical Responsibilities
Assist in log source onboarding, testing syslog/API connectivity, and validating DSM mapping.
Support DSM customization and log parsing validation for new or non-standard sources.
Review parsing errors and collaborate with senior engineers to correct event categorization issues.
Help with QRadar patch management, upgrade testing, and version validation under supervision.
Participate in correlation rule testing, dashboard tuning, and offense verification for rule effectiveness.
Document configuration changes, SOP updates, and recurring issue resolutions.
Process and Collaboration
Work closely with SOC analysts, platform teams, and incident responders to ensure event integrity.
Follow change management and incident escalation protocols.
Maintain compliance with security standards for log retention and access control.
Participate in internal reviews, root cause analysis sessions, and continuous improvement initiatives.
Mandatory Skills Required
Foundational understanding of QRadar SIEM architecture (Console, EC, EP, Flow Collector).
Familiarity with Linux administration, networking fundamentals, and event logging protocols (Syslog, SNMP, WinCollect, API).
Awareness of SIEM correlation logic, event normalization, and DSM parsing basics.
Hands-on experience in log analysis, data ingestion validation, and dashboard usage.
Scripting knowledge (Bash, Python) for automation or health-check reporting.
Exposure to incident response or SOC operations (preferred).
Educational Requirements
Bachelor’s degree in Computer Science, Information Technology, or Cybersecurity.
Postgraduate diploma or coursework in Information Security / Network Security preferred.
Certifications (Mandatory / Preferred)
IBM QRadar Foundation or Associate Certification (preferred).
CompTIA Security+ / CEH or equivalent foundational cybersecurity certification
