We are looking for an experienced IBM QRadar SME with a strong background in SIEM operations, threat detection, and incident response within highly regulated environments. The candidate will be responsible for monitoring critical financial-market systems, leading advanced threat detection, and supporting both UAT and Production SIEM/DAM environments across DC & DR setups.Key Responsibilities1. Security Monitoring & Threat Detection- Monitor trading and clearing platforms, APIs, and connectivity gateways for anomalies, misconfigurations, and security vulnerabilities. - Support and maintain UAT and Production SIEM/DAM environments across DC & DR. - Continuously monitor for threats using SIEM, network telemetry, behavioral analytics, and log intelligence. - Integrate and manage SIEM, SOAR, XDR, IDS/IPS, UEBA, and threat intelligence feeds for end-to-end visibility.2. Threat Intelligence & Incident Response- Track zero-day vulnerabilities, emerging cyber threats, and APT campaigns targeting financial markets. - Lead incident triage, in-depth investigation, containment, eradication, and recovery. - Perform root cause analysis and conduct post-incident reviews to prevent recurrence. - Coordinate critical incidents with regulatory authorities like SEBI, CERT-In, and RBI, and liaise with law enforcement when required. - Conduct red/blue team exercises, tabletop simulations, and cyber drills to assess cyber-resilience.3. SOC Operations & Platform Optimization- Manage and optimize SOC tools, analytics engines, dashboards, correlation rules, and alerting logic. - Drive automation using SOAR playbooks, ML-based anomaly detection, and custom scripts to reduce MTTR. - Collaborate with NOC, fraud monitoring, IT operations, and BCP/DR teams for holistic enterprise-wide resilience. - Ensure forensic readiness, proper log management, and retention as per regulatory standards.4. Compliance, Governance & Regulatory Reporting- Support regulatory reporting and ensure adherence to guidelines mandated by SEBI, CERT-In, and RBI. - Implement and run proactive threat-hunting programs to identify threats before exploitation. - Work with architecture and engineering teams to continuously enhance detection and prevention controls. - Develop and maintain SOC policies, SOPs, runbooks, and incident response playbooks following industry best practices. - Implement and maintain a SOC Maturity Roadmap to strengthen detection, response, and recovery capabilities.Required Skills & Experience- Minimum 6 years of hands-on experience with IBM QRadar (administration, rule tuning, log onboarding, dashboards, AQL, DSM, correlation logic, performance optimization). - Strong experience in SIEM/SOC operations, incident response, and threat detection. - Understanding of financial-services threat landscape, especially around trading/clearing systems. - Experience with SOAR, XDR, IDS/IPS, UEBA, threat intelligence, and other SOC ecosystem tools. - Ability to engage with regulators and manage major incidents in compliance-heavy environments.Strong analytical thinking, problem-solving skills, and communication abilities.
Job Title
IBM QRadar Subject Matter Expert