Information Security Consultant
This job is no longer active. View similar jobs
The selected candidate will be responsible for the large scale ArcSight deployment including capacity planning, maintenance, and operations. Responsible for the large scale ArcSight deployment including capacity planning, maintenance, and operations. Skills Detail oriented Excellent communication skills, both written and oral Ability to work independently Scripting Work with external teams to move projects along Processes and procedure documentation Strong knowledge of (SIEM, Firewall, Intrusion Prevention (IDS/IPS) Strong working knowledge of operating systems (i.e.: Windows, UNIX, RedHat Linux) RDBMS Systems such as Oracle, MYSQL and MS SQL Expert Level knowledge of RedHat and ArcSight s CORRE database Strong Networkexperience and fluency in Enterprise architectures 7 plus years experience with ArcSight or 5years plus with ArcSight and ArcSight Certification or 5years ArcSight experiance and experience with other SIEM products Experienced with Logger Reporting and Administration Experienced with ESM Administration Experienced in creating content in ESM Rules Active Lists Data Monitors Trends Reports Responsibilities Act as lead and support other ArcSight team members/ Administration of ArcSight SIEM environment Capacity planning ArcSight Architecture Perform day-to-day analysis on ArcSight servers and associated components to verify stability and optimize performance Deploy ArcSight devices (connectors, Loggers, ESM) Testing, implementation and configuration of patches and upgrades Research, analyze and understand logs source from various devices in the network for acquisition and integration in ArcSight Smart connector management and Flex connector development Troubleshooting and break fix Write scripts and automation to optimize various processes involved Author Standard Operating Procedures (SOPs) and training documentation when needed Provide support in researching, designing, testing, and implementing new technologies that will enhance the organizations capabilitiesFour year college degree (Computer Science, Info Security, or related field) and eight years professional experience or ten or more years professional experience is required. CompTIA Security+, CompTIA Network+, or equivalent certification required. Threat Management Center (TMC) Preferred:Network operations or engineering or system administration on Unix, Linux, MAC, or Windowsexperience is preferred. Common security operations, intrusion detection systems,Security Incident Event Management systems, and anti-virus collection logs preferred. Knowledge of industry standard security compliance programs (PCI, SOX, GLBA, etc.) preferred. Programming experience in C/C++, Java, .NET, Csh, Python, Perl, etc. preferred. Architectural Engineering Preferred: Possess strong knowledge, understanding, and experience in information technology, data security, application development, and networkarchitecture. Strong desire to maintain in depth knowledge by obtaining or maintaining professional certifications (e.g. CISSP, CISM, CISA, GSEC, Network +, Security +). Vulnerability Preferred: Strong knowledge of web applications and networkinfrastructure development preferred. CISSP, CISA, CISM or other similar certifications preferred.