Tech Lead - SIEM Operations Engineer Porto

Join to apply for the Tech Lead - SIEM Operations Engineer role at Claire Joster.

Claire Joster is currently recruiting for a reference client in the Financial Services area, which intends to strengthen its internal structure with the integration of a Tech Lead SIEM Operations Engineer (m/f).

Responsibilities

• Operating and maintaining the IBM QRadar SIEM environment, including updates, configuration changes, and hardware service coordination (remote only);
• Supporting and maintaining auxiliary systems such as Git servers, rsyslog servers, and other Linux-based services;
• Participating in
  - call duty rotations to ensure 24/7 operational support;
• Managing approximately 23, 000 log sources:
  • Ensuring all log sources are active and sending correct data;
  • Adding new log sources and decommissioning inactive ones;
  • Verifying data parsing and normalization within QRadar;
  • Performing capacity planning and lifecycle management of all components;
  • Analyzing, optimizing, and developing scripts in Python, Bash, or Perl to automate and enhance operations;
• Maintaining and improving protocol standards for logging:
  • Defining what should be logged;
  • Testing and rolling out updated standards across the environment;
• Coordinating daily operational activities within the SIEM team to ensure smooth execution of tasks and alignment with service expectations;
• Acting as a technical escalation point and mentoring junior and
  - level engineers to support their development and ensure knowledge transfer.

Requirements

• Bachelor’s or Master’s degree in IT, Business, or relevant field;
• Strong experience with IBM QRadar administration and log source management;
• Proficient in Linux system administration and scripting (Python, Bash, Perl);
• Exposure to Git and centralized logging systems like rsyslog;
• IBM QRadar Certification (Associate Administrator, Deployment Professional, or Analyst) (mandatory);
• Linux Professional Certification Level 2 or Red Hat Certified Engineer (RHCE) (recommended);
• Cisco Certified Network Associate (CCNA) or equivalent
  - level networking certification (recommended);
• Analytical mindset with strong
  - solving skills;
• Excellent communication skills and a proactive,
  - oriented attitude;
• Exposure to Agile (Scrum, Kanban) and SDLC tools like Jira and Confluence;
• Fluent in English (spoken and written).

Seniority Level

Mid-Senior level

Employment Type

Full-time

Job Function

Information Technology

Industries

Technology, Information and Media