Previous Job
Previous
IA Security Administrator
Ref No.: 18-01526
Location: Kingstowne, Virginia
Start Date: 02/20/2018
 
Clearance: Active Secret Clearance Required
 
Job Description:
This is a part time role that will be 20 hours a week.  The ArcSight Engineer will maintain the ArcSight SIEM architecture and incorporate new data feeds and products. They will perform on-going operations and maintenance to ensure the health and scalability of the SIEM solution.
 
Mandatory Skills:
•         Five or more years of relevant work experience.
•         Experience in Network Security, Data Privacy, Risk management, Security Analysis and Incident Response utilizing SIEM technology.
•         Experience using ArcSight ESM, Logger
•         DOD IAT Level II Certified
 
Preferred Skills:
·         Ability to perform the following tasks: installation, configuration, and technical administration of ArcSight product components, to include: ArcSight ESM, ConApp and Logger.
·         Hands on experience in installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS).
·         Knowledge of security compliance policy, programs, processes, and metrics.
·         Knowledge of Cyber Security and Information Protection and Privacy.
 
Responsibilities:
·         Assist in installing and configuring the specified Client ArcSight products to meet the customer's business requirements, to include:
o   Enterprise Security Manager (ESM)
o   Logger
o   Connectors
·         Integrate data and event feeds with Client ArcSight SIEM
·         Perform upgrades, maintenance, performance tuning, and troubleshooting of Client ArcSight SIEM
·         Perform network analysis to confirm capability to support anticipated event load
·         Analyze end device availability and capability to provide critical business information
·         Define anticipated user types and roles
·         Determine data storage policies/capabilities and impacts on security operations
·         Determine how best to leverage Client ArcSight ESM (and associated products) to meet the strategic goals by defining "use cases”
·         Develop content based upon the identified "use cases” to include features of the ArcSight solutions including correlation rules, data monitors, reports, event annotation stages, case customization, active lists, and pattern discovery
·         Troubleshoot all aspects of the solution (database, content, implementation, etc.)
·         Conduct advanced use case development leveraging all product features (trends + variables + hierarchal architectures, Pattern Discovery)
·         Develop advanced flex connectors of all types (regex, db, etc.)
 
Education: Bachelor's Degree or Relevant Experience Required.