Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Must be clearable to the Top Secret level and pass a public trust investigation.
- Collect and document detailed ArcSight use case requirements from users/analysts
- Create custom ArcSight content (Filters, Active Lists, Queries, Trends, Query Viewers, Rules, Data Monitors, Dashboards, Reports, etc.) to produce information from raw event data. Content will automatically detect and alert on items of interest within an enterprise information infrastructure. Output from content will consistently meet and exceed user/analyst requirements.
- Continuously monitor content to ensure ongoing correct operation.
- Maintain deployed content and security technologies providing accurate, detailed configurations, repeatable processes, all under change management control.
- Deploy security technologies in lab and production environments.
- Develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases.
- Provide third-level troubleshooting support for security applications and appliances.
Must have at least 1 year of hands-on content authoring/use case development experience with ArcSight. Must have a total of 8+ years of IT experience.
- Completion of the following ArcSight Training Modules:
- Intro to ArcSight ESM 5.0 Event Management
- ArcSight ESM Use Case Foundations
- Building ArcSight ESM Advanced Content for Use Cases
- Programming and/or scripting language experience
- Strong analytical and problem solving skills for investigating security issues
Knowledge Consulting Group - 18 months ago