Job Description - Information Security Analyst Lead (121183) Job Description Information Security Analyst Lead - Job Number: 121183
Description Lead ArcSight Engineer: Person whose primary responsibility is the management, development, architecture and capacity planning for enterprise security systems in support of the Global Security Operations Center:
Lead training and collaboration efforts for ArcSight flex connector development
Lead project efforts to onboard new feeds and technologies to the enterprise SIEM Technology
Ensure that all endpoint systems are reporting operational and security events to Global Security Operations Center SIEM
Develop automation processes to establish interoperability between disparate technologies
Develop customer parsers to handle unique or non-standards data types for ArcSight SEIM Daily Responsibilities:
Work with security groups to establish, review, maintain, and improve appropriate logging and reporting configurations for all endpoints
Assessment activities to build integration plan for log sources
Coordinate with local team, relevant stake holders and platform owners for log source integration activities
Configuration and integration of identified log sources with ArcSight SIEM and fine tuning of aggregation/filters
Ensuring security events are properly categorized per ArcSight scheme Develop:
Custom parsers for non-standard event types Custom data reporting capabilities using API interfaces
Develop automation too validate receipt and quality of endpoint logging Monthly Responsibilities: Reporting on:
Project status and SIEM System health
Endpoint reporting compliance
Efforts with system owners and security groups
Qualifications Required Experience/Knowledge:
Expert level knowledge of SIEM Technology, Correlation Engines and Flex Connector development
Experience with leading SIEM related projects, architecting and planning SIEM enterprise expansion.
Expert networking experience with TCP/IP, HTTP, SMTP, SNMP, SSL, etc.
Strong experience with Unix and Windows operating systems
Strong verbal communication skills, good written documentation skills, ability to multitask, work well within a team.
General skills in the follow: Perl, Python, Shell code, Java, C++ and SQL
Regex experience a must Preferred Experience/Knowledge:
Experience in developing Flex Connectors for ArcSight SIEM
Expert Knowledge of Enterprise Security: Intrusion detection and prevention, vulnerability assessment and scanning, penetration testing, internal and external security audits and good Network Security concepts.
Strong QA experience in validating of code, scripts, and automation tools Additional Experience/Knowledge:
ArcSight Certified Security Analyst (ACSA)
ArcSight Certified Integrator/Administrator (ACIA)
ArcSight Advanced Administration certification.
CISSP or equivalent certification in IT Security
Job : Legal & Compliance Primary Location : United States-Texas-Allen Schedule : Full-time Job Posting : 19-Nov-12, 2:09:08 PM Brand : Experian
Experian - 21 months ago
Experian Information Solutions, also known as Experian Americas, is the US-based arm of global credit reporting agency Experian plc....