ArcSight Engineer
Knowledge Consulting Group - Washington, DC

This job posting is no longer available on Knowledge Consulting Group. Find similar jobs: Arcsight Engineer jobs - Knowledge Consulting Group jobs

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Top Secret clearance is required. Must be clearable to TS/SCI.

Candidates will be required to support the deployment, configuration, and administration of enterprise network security appliances and software. The position requires the candidate be a self starter and work with limited direct supervision. A wide range of knowledge and skills are needed such as ArcSight ESM, system administration, content development, network engineering, and cyber security architecture design. Specifically, candidates may be required to:
  • Deploy new ESM, Loggers, SmartConnectors/FlexConnectors as required to collect data feeds.
  • Assist in the proper operation and performance of ArcSight ESM, Loggers and connectors.
  • Integration of data feeds (logs) into ArcSight. Perform Content Development to properly identify data feeding ArcSight. Develop filters to assist in the identification of significant events.
  • Coordinate with client engineering staff for modifications, downtimes, and upgrades.
  • Develop reports (manual and automated) to support the development, collection, and reporting of Quality Assurance and Performance metrics (as defined by the client).
  • Develop dashboards/reports for external customers for system monitoring.
  • Provide ad-hoc training to analysts focusing on specific client missions, including generic ArcSight training sessions and Custom Use Case training sessions.
  • Provide recommendations and implement changes to optimize ArcSight products in the customer environment.
  • Support the client in fact finding or case supporting tasks as it relates to ArcSight.
  • Evaluate relative ArcSight product advancements and provide recommendations to the customer
1-3 years of experience with college degree is preferred.

Must be familiar with deploying, installing and administering ArcSight ESM 4.5+ in a complex environment. Candidates must have experience with Flex Connectors, and content development, some scripting experience, and IdentityView knowledge is preferred but not mandatory. Candidates should also have real/significant experience developing content/use cases.

Linux experience is strongly recommended. Network IDS/IPS/HIPS expereience is preferred but not required.

ArcSight ESM Security Analyst (AESA) --- formally ArcSight Certified Security Analyst (ACSA) ; ArcSight ESM Integrator/Administrator (AEIA) --- formally ArcSight Certified Integrator/Administrator (ACIA); and ArcSight Advanced Administration certifications are strongly preferred .

About this company
4 reviews