ArcSight Engineer
Knowledge Consulting Group - Washington, DC

This job posting is no longer available on Knowledge Consulting Group. Find similar jobs:Arcsight Engineer jobs - Knowledge Consulting Group jobs

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Top Secret clearance is required and must be eligible for SCI.
  • Deploy new ESM, Loggers, SmartConnectors/FlexConnectors as required to collect data feeds.
  • Assist in the proper operation and performance of ArcSight ESM, Loggers and connectors.
  • Integration of data feeds (logs) into ArcSight. Perform Content Development to properly identify data feeding ArcSight. Develop filters to assist in the identification of significant events.
  • Coordinate with client engineering staff for modifications, downtimes, and upgrades.
  • Develop reports (manual and automated) to support the development, collection, and reporting of Quality Assurance and Performance metrics (as defined by the client).
  • Develop dashboards/reports for external customers for system monitoring.
  • Provide ad-hoc training to analysts focusing on specific client missions, including generic ArcSight training sessions and Custom Use Case training sessions.
  • Provide recommendations and implement changes to optimze ArcSight products in the customer environment.
  • Support the client in fact finding or case supporting tasks as it relates to ArcSight.
  • Evaluate relative ArcSight product advancements and provide recommendations to the customer
Candidates must have at least 3 years of hands-on working experience with ArcSight. Should be familiar with deploying, installing and administering ArcSight ESM 4.5+ on a variety of environments.

Candidates must have content development experience, some scripting experience, and IdentityView knowledge is preferred but not mandatory. Candidates should also have real/significant experience developing content/use cases and have experience with Flex Connectors.

Linux experience is strongly recommended.

ArcSight ESM Security Analyst (AESA) --- formally ArcSight Certified Security Analyst (ACSA) ; ArcSight ESM Integrator/Administrator (AEIA) --- formally ArcSight Certified Integrator/Administrator (ACIA); and ArcSight Advanced Administration certifications are strongly preferred.

About this company
5 reviews