JOB TITLE: ArcSight Security Engineer - Tier 3
The ArcSight Engineer is responsible for the delivery of high visibility security projects and consultative services to our Managed Security Services customer.
The engineer will be responsible for all aspects of the system including use cases for Dashboards, Active Channels, Reports, Rules, Filters, Trends, and Active Lists. Provides optimization of data flow using aggregation, filters, etc. Participates in the operation of ArcSight Security Information and Event Management systems to include ArcSight ESM, Connector appliances/SmartConnectors, Logger appliances, Windows and Linux servers, network devices and backups. Supports life-cycle management of the ArcSight platforms to including coordination and planning of upgrades, new deployments, and maintaining current operational data flows.
Must possess strong written and verbal communication skills and must be capable of the understanding, documenting, communicating and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise
Must have demonstrated ability to build and implement event correlation rules, logic, and content in the security information and event management system with specific experience in the ArcSight ESM environment
Must have demonstrated ability to tune the SIEM event correlation rules and logic to filter out security events associated with known and well established network behavior, known false positives and/or known errors
Must have experience maintaining an event schema with customized security severity criteria
Must have experience creating scheduled and ad-hoc reporting with SEIM tools.
Must possess a thorough and in-depth understanding of SEIM technologies and event collector deployments in the Windows and Linux operating environments
2 to 5 years experience in a dedicated security position
Bachelors Degree or higher is preferred
Experience identifying, documenting, mitigating, and consulting on enterprise security threats
Experience in Linux, ArcSight, qRadar, or a proprietary SIEM
Strong communication skills and ability to engage with customers to understand their requirements
Clear and concise written and oral English
Proactive in following up on customer issues
Ability to excel in high pressure environments
Preferred Skills and Experience:
ITIL Foundations training/certification
Security Certifications CEH, GCIA
. Not accepting 3rd party candidates at this time.
Employment Type: Contract
Other Pay Info: BOE
Click here to apply
Please mention that you saw the job on Sensors Mag