Job Description
We are looking for an immediate joiner for the role
IBM QRadar Specialist
with a strong background in SIEM operations, threat detection, and incident response within highly regulated environments. The candidate will be responsible for monitoring critical financial-market systems, leading advanced threat detection, and supporting both UAT and Production SIEM/DAM environments across DC & DR setups.
Job Location:
Mumbai (Andheri)
Years of Experience:
7+
Mandatory Skill sets: Log Parsing, API Integration, DAM Guardium, QNI, REST API Integration, SOAR
Key Responsibilities
1. Security Monitoring & Threat Detection
Monitor trading and clearing platforms, APIs, and connectivity gateways for anomalies, misconfigurations, and security vulnerabilities.
Support and maintain
UAT and Production SIEM/DAM environments
across
DC & DR .
Continuously monitor for threats using SIEM, network telemetry, behavioral analytics, and log intelligence.
Integrate and manage
SIEM, SOAR, XDR, IDS/IPS, UEBA , and threat intelligence feeds for end-to-end visibility.
2. Threat Intelligence & Incident Response
Track
zero-day vulnerabilities , emerging cyber threats, and APT campaigns targeting financial markets.
Lead incident triage, in-depth investigation, containment, eradication, and recovery.
Perform root cause analysis and conduct post-incident reviews to prevent recurrence.
Coordinate critical incidents with regulatory authorities like
SEBI, CERT-In, and RBI , and liaise with law enforcement when required.
Conduct
red/blue team exercises, tabletop simulations , and cyber drills to assess cyber-resilience.
3. SOC Operations & Platform Optimization
Manage and optimize SOC tools, analytics engines, dashboards, correlation rules, and alerting logic.
Drive automation using
SOAR playbooks, ML-based anomaly detection , and custom scripts to reduce MTTR.
Collaborate with NOC, fraud monitoring, IT operations, and BCP/DR teams for holistic enterprise-wide resilience.
Ensure forensic readiness, proper log management, and retention as per regulatory standards.
4. Compliance, Governance & Regulatory Reporting
Support regulatory reporting and ensure adherence to guidelines mandated by SEBI, CERT-In, and RBI.
Implement and run
proactive threat-hunting programs
to identify threats before exploitation.
Work with architecture and engineering teams to continuously enhance detection and prevention controls.
Develop and maintain SOC policies, SOPs, runbooks, and incident response playbooks following industry best practices.
Implement and maintain a
SOC Maturity Roadmap
to strengthen detection, response, and recovery capabilities.
Required Skills & Experience
Minimum 6 years of hands-on experience with IBM QRadar
(administration, rule tuning, log onboarding, dashboards, AQL, DSM, correlation logic, performance optimization).
Strong experience in SIEM/SOC operations, incident response, and threat detection.
Understanding of financial-services threat landscape, especially around trading/clearing systems.
Experience with SOAR, XDR, IDS/IPS, UEBA, threat intelligence, and other SOC ecosystem tools.
Ability to engage with regulators and manage major incidents in compliance-heavy environments.
Strong analytical thinking, problem-solving skills, and communication abilities.