Information Security Analyst

Washington

‐ Onsite

This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Operating Systems Unix Linux Windows Network Security Administration Documentation Information Security Arcsight

Summary

ArcSight Administration
Responsible for the large scale ArcSight deployment including capacity planning, maintenance, and operations.

SKILLS:

Detail oriented
Excellent communication skills, both written and oral
Ability to work independently
Processes and procedure documentation
Scripting
Strong knowledge of Information Security Products and Techniques (SIEM, Firewall, Intrusion Prevention (IDS/IPS)
Strong working knowledge of operating systems (ie: Windows, UNIX, RedHat Linux) and RDBMS Systems such as Oracle, MySQL and MS SQL
Strong Network experience and fluency in Enterprise architectures
Linux experience
5 plus years' experience with ArcSight Responsibilities
Administration of ArcSight SIEM environment
Capacity planning
ArcSight Architecture
Perform day-to-day analysis on ArcSight Servers and associated components to verify stability and optimize performance
Deploy ArcSight devices (connectors, Loggers, ESM)
Testing, implementation and configuration of patches and upgrades
Research, analyze and understand logs source from various devices in the network for acquisition and integration in ArcSight
Smart connector management and Flex connector development
RMA of failed hardware
Troubleshooting and break fix
Write scripts and automation to optimize various processes involved
Author Standard Operating Procedures (SOPs) and training documentation when needed
Provide support in researching, designing, testing, and implementing new technologies that will enhance the organizations capabilities.

Preferred Skills

Knowledge of the following technologies a plus:
Intrusion Detection/Prevention Systems for networks and hosts
Security Event Management Systems
Vulnerability Assessment Systems
Secure transfer protocols such as SSH, SCP and Connect Direct Secure Plus
Diagnostic tools such as packet capture/decode and WAN probes
IP Networking
Windows Systems administration and security tools
Experience with remote access, Terminal Servers, etc a plus
Experience in the administration of UNIX
Solaris, HP/UX, or Linux and Windows operating systems a plus
Experience in developing and administering an information security program desirable
Working knowledge of and experience in the policy and regulatory environment of information security, especially in higher education is desirable

To apply to this project you must log in.