Greetings from Netsach - A Cyber Security Company.

Role Objective

The QRadar Administrator – Senior Engineer is a design and architecture-focused role, responsible for building, scaling, and integrating QRadar SIEM into the broader enterprise or MSSP environment.

This role defines how the platform evolves — from onboarding new data sources to developing correlation rules and integrating with SOAR and threat intelligence systems. Qradar certification is Mandatory.

Job Title: QRadar Administrator

Exp: 4 to 8yrs

Location: Bangalore

Job Type: Full-time 

Immediate joiners will be given 1st preference.

Interested candidates please share your resume at emily@netsach.co.in and please register at netsachglobal.com and send us your resume.

Roles and Responsibilities

Architecture & Deployment

• Design, implement, and optimize QRadar architecture across on-prem, cloud, and hybrid environments.
• Plan and execute new deployments, expansions, and clustering based on business growth and data volume.
• Lead log source onboarding strategy — including DSM mapping, parsing customization, and new integrations.
• Develop custom DSMs, property extractions, and event categories for unsupported sources.
• Implement and manage data retention, storage scaling, and license optimization strategies.

Engineering & Integration

• Build and fine-tune correlation rules, building blocks, and reference sets to enhance detection accuracy.
• Develop custom dashboards, reports, and analytics for SOC and compliance requirements.
• Integrate QRadar with SOAR platforms (IBM Resilient, ServiceNow, Splunk Phantom) to automate alert triage and response.
• Leverage APIs, scripts, and integrations to connect QRadar with other tools — EDRs, vulnerability scanners, CMDBs.
• Collaborate with detection engineering teams to align use cases with MITRE ATT&CK mapping.

Optimization & Leadership

• Conduct performance tuning and EPS optimization for large or multi-tenant environments.
• Lead architecture review sessions and advise on best practices for scaling and hardening.
• Prepare high-level and low-level design documents, data flow diagrams, and deployment guides.
• Mentor platform and support engineers on architecture, onboarding workflows, and parser design.
• Participate in proof-of-concept (PoC) initiatives for new integrations and technologies.

Mandatory Skills Required

• Proven experience in end-to-end QRadar architecture design, deployment, and configuration.
• Expertise in DSM customization, parser development, and event normalization.
• Deep understanding of QRadar correlation rules, building blocks, and reference sets.
• Proficiency in Linux administration, networking protocols, and security event analysis.
• Hands-on experience with SOAR integration and automation scripting (Python/Bash/REST API).
• Knowledge of compliance frameworks (ISO 27001, PCI DSS, NIST) and reporting automation.

Educational Requirements

• Bachelor’s or Master’s degree in Information Security, Computer Science, or related field.
• MBA or specialization in Security Architecture or IT Infrastructure (preferred).

Certifications (Mandatory / Preferred)

• IBM Certified Administrator – QRadar SIEM (mandatory).
• IBM SOAR (Resilient) Certified Engineer (preferred).
• CISSP / CISM / CEH / CySA+ or equivalent cybersecurity certification (preferred).
• Cloud platform certifications (AWS/Azure/GCP) (advantage)

Thank You

Emily Jha

emily@netsach.co.in

Netsach - A Cyber Security Company

www.netsach.co.in