Job Summary
We are seeking a skilled
QRadar Threat Hunter
to proactively detect, investigate, and respond to cybersecurity threats. The ideal candidate will leverage IBM QRadar SIEM, threat intelligence, and advanced analytics to uncover threats before they impact business operations. This role requires deep technical expertise, analytical thinking, and experience in security monitoring and incident response.
Key Responsibilities
Conduct proactive threat hunting using
IBM QRadar SIEM
, including rules, use cases, and correlation searches.
Analyse security events, logs, and alerts from multiple sources (endpoints, networks, cloud, applications).
Investigate and respond to potential threats, anomalies, and suspicious behaviours.
Develop and tune SIEM use cases, correlation rules, and dashboards for improved threat detection.
Perform threat intelligence integration, enrichment, and analysis to support detection efforts.
Collaborate with SOC, Incident Response, Platform Support, Network, and Infrastructure teams to contain and remediate threats.
Conduct root cause analysis and provide post-incident threat reports.
Maintain documentation for security monitoring, detection rules, and threat hunting methodologies.
Keep abreast of the latest cyber threats, tactics, techniques, and procedures (TTPs).
Participate in security assessments, red/blue team exercises, and simulation of advanced attacks.
Required Skills & Qualifications
Hands-on experience with
IBM QRadar SIEM
(log sources, rules, dashboards, offense management).
Strong knowledge of
cybersecurity concepts
, frameworks, and threat landscape.
Experience with
network protocols, endpoints, logs, cloud platforms, and security technologies
(firewalls, IDS/IPS, EDR, vulnerability management).
Proficiency in
log analysis, security event correlation, and forensic investigation
.
Familiarity with
threat intelligence platforms
and OSINT.
Strong analytical and problem-solving skills with attention to detail.
Knowledge of scripting languages (Python, PowerShell, or Bash) is a plus.
Understanding of
MITRE ATT&CK framework
, TTPs, and SOC operations.
Strong communication skills and ability to write clear incident reports.
Education & Experience
Bachelor’s degree in
Computer Science, Cybersecurity, Information Technology, or related field
.
3–5 years of experience
in cybersecurity, SOC operations, or threat hunting.
Hands-on experience in threat hunting, incident detection, and response.
Certifications
preferred:
IBM QRadar Certified Administrator / SIEM Professional
Certified Ethical Hacker (CEH)
GIAC Certified Incident Handler (GCIH)
CompTIA Cybersecurity Analyst (CySA+)
Preferred Attributes
Strong investigative mindset and curiosity to hunt for unknown threats.
Ability to work independently and as part of a collaborative SOC team.
Up-to-date with the latest threat trends, malware, APT techniques, and attack vectors.
Detail-oriented with excellent organizational and documentation skills.
