SIEM (ArcSight) Engineering Consultant
Previous Job
Previous
SIEM (ArcSight) Engineering Consultant
Ref No.: 17-07969
Location: Chicago, Illinois
Position Type:Contract
Start Date: 08/29/2017
My client in the Futures & Options Trading Industry is looking for a SIEM (ArcSight) Engineering Consultant. This consultant will engineer FlexConnectors for a mixture of various homegrown and COTS applications creating ArcSight Flex Connectors for each individual application.

Location: Chicago or NYC
Rate: Open DOE
Start: ASAP
Duration: Long Term Contract
 
Job Overview
For each log source:
  • Work with SIEM engineering group to identify log sources, get sample log records, configure for testing
  • Work with SIEM content group to identify requirements for parsing to leverage existing ArcSight rules, reports, trends, etc.
  • In a test environment, write a FlexConnector according to specifications, or install a SmartConnector and customize as necessary.
  • Create deliverables, send for acceptance. 
  • For FlexConnectors, this consists of:
  • FlexConnector properties files fully commented
  • FlexConnector implementation guide, including log source configuration, FlexConnector installation, and configuration, detailed CEF mapping, description of any necessary runtime parameters
  • Sample raw and parsed log records consisting of most common log record types
  • For SmartConnectors, this consists of:
    • Appropriate ArcSight SmartConnector Guide
    • Code for any overrides and 2nd-level regex parser modifications, fully documented
    • Description of any necessary runtime parameters
    • Sample raw and parsed log records consisting of most common log record types
    • As scheduled, advise and assist in FlexConnector/SmartConnector production implementation
 
If interested and well qualified, please send an updated copy of your resume to zachary.avalos@mondo.com.