Tech Lead - SIEM Operations Engineer
- Portugal
- Permanente
- Horário completo
Experis is recruiting directly for a leading international client in the technology sector. We are looking for a Tech Lead - Senior SIEM Operations Engineer to play a pivotal role in ensuring the stability, performance, and continuous improvement of the IBM QRadar environment and its supporting infrastructure.This is a hands-on leadership role, where you will not only manage and optimize SIEM operations but also guide a team of engineers, acting as a technical escalation point and driving knowledge transfer. You will be key to maintaining security visibility across the organization, managing large-scale log source integrations, and supporting incident response capabilities.Key Responsibilities
Operate and maintain the IBM QRadar SIEM environment, including updates, configuration changes, and coordination of hardware services (remote only).
Support and maintain auxiliary systems such as Git servers, rsyslog servers, and other Linux-based services.
Participate in on-call duty rotations to ensure 24/7 operational support.
Manage approximately 23,000 log sources:
Ensure all log sources are active and sending correct data.
Add new log sources and decommission inactive ones.
Verify data parsing and normalization within QRadar.
Perform capacity planning and lifecycle management of all components.
Analyse, optimize, and develop scripts (Python, Bash, Perl) to automate and enhance operations.
Define, test, and roll out updated standards for logging protocols across the environment.
Coordinate daily operational activities within the SIEM team to ensure alignment with service expectations.
Act as a technical escalation point and mentor junior and mid-level engineers to support their development.Ideal Candidate ProfileStrong experience with IBM QRadar administration and log source management.
Proficiency in Linux system administration and scripting (Python, Bash, Perl).
Exposure to Git and centralized logging systems like rsyslog.
Comfortable working in a high-availability, security-focused environment.
Strong analytical and troubleshooting skills.
Excellent communication skills and a proactive, team-oriented attitude.
ITIL Certification or equivalent (foundational IT service management knowledge).
IBM QRadar Certification (Associate Administrator, Deployment Professional, or Analyst) - Mandatory.
Linux Professional Certification Level 2 or Red Hat Certified Engineer (RHCE) - Recommended.
Cisco Certified Network Associate (CCNA) or equivalent - Recommended.Nice to Have / Considered a Plus
Experience with IT Service Continuity Management (ITSCM) testing.
Exposure to SIEM tuning and rule optimization.
Familiarity with cloud-based logging and hybrid environments.
Knowledge of security frameworks and compliance standards (ISO 27001, NIST).
Experience with automation tools and CI/CD pipelines.Education & Additional Requirements
Bachelor's or Master's degree in IT, Business, or related field.
Experience with Agile methodologies (Scrum, Kanban) and SDLC tools such as Jira and Confluence.
Knowledge of performance tuning and integration techniques.
Fluency in English, both written and spoken.Data de validade: 30/09/2025