Location: Cleveland,OH, USA
At Capgemini Engineering, the world leader in engineering services, we bring together a global team of engineers, scientists, and architects to help the world's most innovative companies unleash their potential. From autonomous cars to life-saving robots, our digital and software technology experts think outside the box as they provide unique R&D and engineering services across all industries. Join us for a career full of opportunities. Where you can make a difference. Where no two days are the same.
YOUR ROLE
As a Security Administrator, you will play a crucial role as a trusted advisor to IBM's clients, assessing their business requirements to design and deliver tailored security solutions. Leveraging your technical expertise, you will strike the right balance between empowering and protecting the client's organization, using cognitive solutions that position IBM as a leader in the rapidly growing enterprise security industry.
YOUR TASKS
* Administer and maintain the QRadar SIEM platform, ensuring optimal performance, reliability, and scalability
* Configure and integrate diverse log sources into QRadar, including custom parser development and troubleshooting data ingestion issues
* Design, implement, and optimize use cases to enhance threat detection capabilities while minimizing false positives
* Perform version upgrades, patch management, and regular health checks to maintain a stable SIEM environment
* Monitor, analyze, and respond to security events, leveraging QRadar to detect and mitigate threats effectively
* Lead the deployment of QRadar in new environments, ensuring accurate configurations and system readiness
* Fine-tune QRadar User Behavior Analytics (UBA) applications and configure rules for improved threat detection accuracy
* Collaborate with incident response teams to investigate and resolve security incidents identified through QRadar alerts
* Identify and resolve technical issues related to QRadar performance, configuration, or integration
* Work with clients and internal teams to align SIEM operations with security objectives, providing regular performance and incident reports
YOUR PROFILE
* 5+ years in IT security, with a minimum of 2+ years in a Security Operations Center (SOC) using SIEM and EDR tools
* Strong understanding of networking fundamentals, including OSI and TCP/IP concepts
* Familiarity with ITIL frameworks and processes
* Deep knowledge of cybersecurity controls, attack vectors, and the MITRE ATT&CK framework
* Hands-on experience with multiple SIEM solutions, particularly QRadar, including architecture and component understanding
* Proficiency in SIEM administration, troubleshooting, and implementation, including high-availability setups and disaster recovery configurations.
* Strong understanding of SIEM concepts like correlation, normalization, aggregation, and parsing
* Expertise in log source integration, parser development, version upgrades, and health checks
* Experience with User Behavior Analytics (UBA), rule tuning, and UBA application management
* Ability to conceptualize, configure, and test use cases, standardizing them for broad application
* Ability to analyze SIEM rules for threat optimization, reduce false positives, and identify new threats
* Participate in SOC strategy, planning, capacity management, and ensuring projects are delivered on time and to standard
Nice to have:
* CEH, ECIH, or CompTIA Security Analyst certifications
* Knowledge in shell scripting, AIX, Linux, or Python
* Hands-on experience managing SIEM solutions in public/private cloud environments (AWS, Azure, etc.)
* Familiarity with SOAR tools like QRadar Resilient and Palo Alto XSOAR
WHAT YOU'LL LOVE ABOUT WORKING HERE
* Practical benefits: yearly financial bonus, private medical care with Medicover with additional packages (e.g., dental, senior care, oncology) available on preferential terms, life insurance and access to NAIS benefit platform.
* Access to over 70 training tracks with certification opportunities (e.g., GenAI, Excel, Business Analysis, Project Management) on our NEXT platform. Dive into a world of knowledge with free access to Education First languages platform, Pluralsight, TED Talks, Coursera and Udemy Business materials and trainings.
* Cutting-Edge Technology: Position yourself at the forefront of IT innovation, working with the latest technologies and platforms. Capgemini partners with top global enterprises, including 145 Fortune 500 companies.
* Enjoy hybrid working model that fits your life - after completing onboarding, connect work from a modern office with ergonomic work from home, thanks to home office package (including laptop, monitor, and chair). Ask your recruiter about the details.
GET TO KNOW US
Capgemini is committed to diversity and inclusion, ensuring fairness in all employment practices. We evaluate individuals based on qualifications and performance, not personal characteristics, striving to create a workplace where everyone can succeed and feel valued.
Do you want to get to know us better? Check our Instagram - @capgeminipl or visit our Facebook profile - Capgemini Polska. You can also find us on TikTok! - @capgeminipl.
ABOUT CAPGEMINI
Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 360,000 team members globally in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms.
Apply now!